Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2015)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2015 advisory. - sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set CVE-2011-1573 - dccp: fix oops on Reset after close CVE-2011-1093 - bridge:...

Oracle Linux 4 : kernel (ELSA-2007-1104)

From Red Hat Security Advisory 2007:1104 : Updated kernel packages that fix various security issues and several bugs in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel package...

puppet -- multiple vulnerabilities

Puppet Labs reports: By using the resourcetype service, an attacker could cause puppet to load arbitrary Ruby files from the puppet master node's file system. While this behavior is not enabled by default, auth.conf settings could be modified to allow it. The exploit requires local file system...

Magnolia CMS Access Bypass Vulnerability

This host is running Magnolia CMS and is prone to access bypass vulnerability. OpenVAS Vulnerability Test $Id: gbmagnoliaaccessbypassvuln.nasl 6115 2017-05-12 09:03:25Z teissa $ Magnolia CMS Access Bypass Vulnerability Authors: Arun Kallavi Copyright: Copyright c 2013 Greenbone Networks GmbH,...

ZPanel 10.0.0.2 htpasswd Module Username Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "ZPanel 10.0.0.2...

CVE-2013-4612

Multiple cross-site scripting XSS vulnerabilities in REDCap before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving different modules...

Microsoft Update to Improve Cryptography and Digital Certificate Handling (2854544)

This host is missing an important security update according to Microsoft Security Advisory 2854544. OpenVAS Vulnerability Test $Id: secpodcryptndigitalcerthandlingupdate.nasl 5347 2017-02-19 09:15:55Z cfi $ Microsoft Update to Improve Cryptography and Digital Certificate Handling 2854544 Authors:...

strange_headers

This plugin greps all headers for non-common headers. This could be useful to identify special modules and features added to the server. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres...

[SpiderFoot v2.0] The Open Source Footprinting tool

SpiderFoot is a free, open-source footprinting tool, enabling you to perform various scans against a given domain name in order to obtain information such as sub-domains, e-mail addresses, owned netblocks, web server versions and so on. The main objective of SpiderFoot is to automate the...

[Process PEB Finder] Tool to find and display PEB Address of running Processes

Process PEB Finder is the console based tool to find and display PEB Address of running Processes on your system. PEB Process Environment Block is the part of Process memory where is stores important information including loaded modules, startup paramenters, environment variables, debug informati...

[SET Version 5.0] The Social-Engineer Toolkit "The Wild West"

Social-Engineer Toolkit SET v5.0 codename: The Wild West is a culmination of six months of development, bug squashing, and user feedback. New with this version includes a completely redesigned multiprocessing web server that handles non-rfc compliant HTTP information. The builtin SET web server...

[Viproy] VoIP Penetration Testing Kit

Viproy Voip Pen-Test Kit is developed to improve quality of SIP Penetration Tests. It provides authentication feature that helps to create simple tests. It includes 7 different modules with authentication support: options tester, brute forcer, enumerator, invite tester, trust analyzer, proxy and...

Hewlett-Packard Intelligent Management Center JavaService Information Disclosure Vulnerability

This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of HP Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the communication channel between the JavaService server and th...

CVE-2013-0664

The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP HTTP POST requests...

CVE-2013-0663

Cross-site request forgery CSRF vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSXETY5103, and TSXWMY100 PLC modules allows remote attackers to hijack the authentication of arbitrary...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSXETY5103, and TSXWMY100 PLC modules allows remote attackers to hijack the authentication of arbitrary...

Code injection

The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP HTTP POST requests...

CVE-2013-2763

The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service resource consumption via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it "could not be duplicated" and "an attacker could not remotely exploit this observed behavior to deny...

CVE-2013-0663

CVE-2013-0663 affects Schneider Electric Modicon M340, Quantum 140NOE7711x/140NWM10000, and Premium TSXETY4103/5103/TSXWMY100 PLC modules. The vulnerability is a Cross-Site Request Forgery (CSRF) in the web server interface that permits remote attackers to hijack user authentication and issue com...

CVE-2013-0664

CVE-2013-0664 affects Schneider Electric Modicon PLCs (Quantum 140NOE77111, 140NWM10000, M340 BMXNOE0110x, Premium TSXETY5103). The vulnerability arises in the FactoryCast feature: remote authenticated users can embed Modbus messages in SOAP HTTP POST requests, enabling arbitrary code execution o...