861 matches found
CVE-2005-3756
Nessus plugin data in the connected document associates CVE-2005-3756 with Google Search Appliance proxystylesheet vulnerabilities that include remote access flaws enabling port scanning and potential code execution (via unsanitized proxystylesheet input). The CVE description in the initial docum...
Google Search Appliance proxystylesheet Parameter Multiple Remote Vulnerabilities (XSS, Code Exec, ID)
The remote Google Search Appliance / Mini Search Appliance fails to sanitize user-supplied input to the 'proxystylesheet' parameter, which is used for customization of the search interface. Exploitation of this issue may lead to arbitrary code execution as an unprivileged user, port scanning, fil...
Cheops NG Unauthenticated Access
The Cheops NG agent on the remote host is running without authentication. Anyone can connect to this service and use it to map your network, port scan machines and identify running services. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid20161; scriptversion "$Revisio...
Dabber worm detection
W32.Dabber propagates by exploiting a vulnerability in the FTP server component of W32.Sasser.Worm and its variants. It installs a backdoor on infected hosts and tries to listen on port 9898. If the attempt fails, W32Dabber.A tries to listen on ports 9899 through 9999 in sequence until it finds a...
3Com NBX VoIP NetSet Detection
We have discovered that 3Com NBX VOIP NetSet is running on the remote host. 3Com NBX VoIP NetSet's web server is powered by VxWorks. The web server is known to contain vulnerabilities that would allow a remote attacker to cause a denial of service against the product by simply running a port...
3Com NBX VoIP NetSet Detection (HTTP)
We have discovered that 3Com NBX VOIP NetSet is running on the remote host. 3Com NBX VoIP NetSet SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
Netstat 'scanner'
This plugin runs netstat to find open ports: - on the local machine by running the command - via SSH by using the provided credentials - by querying a possible exposed netstat service SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, an...
AppSocket DoS
It seems that it is possible to lock out your printer from the network by opening a few connections and keeping them open. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
[Full-disclosure] RealVNC/WinVNC Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Two simple vulnerabilities wich may lead to an os guess + null session + several others infos while scanning port 5900, low risk on paper but high online risk: My 2cent suggestion to the realvnc team would be to totally remove this "No Authentication"...
CVE-2005-0315
The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning...
CVE-2005-0315
The CVE-2005-0315 entry concerns the FTP service in Magic Winmail Server 4.0 Build 1112, where the FTP PORT command does not verify that the command IP matches the FTP session user’s IP. This permits remote authenticated users to use the server as an intermediary for port scanning. The connected ...
CVE-2005-0315
The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning...
TCP/IP Multicast Address Handling Remote DoS (spank.c)
Nessus has detected that the remote host responds to TCP packets that are coming from a multicast IP address. An attacker can exploit this to conduct a 'spank' denial of service attack, resulting in the host being shut down or network traffic reaching saturation. Also, this vulnerability can be...
NetInfo Daemon Detection
A 'NetInfo' daemon is running on this port. NetInfo is in charge of maintaining databases or 'maps' regarding the system. Such databases include the list of users, the password file, and more. If the remote host is not a NetInfo server, this service should not be reachable directly from the...
CVE-2003-0472
The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service hang in inetd via port scanning...
CVE-2003-0472
The CVE-2003-0472 entry concerns IRIX 6.5.19: enabling IPv6 causes a remote attacker to trigger a denial-of-service (hang) in inetd via port scanning. This is documented in the NVD/NIST record; no exploit code or specific vulnerable component/version beyond IRIX 6.5.19 IPv6 capability is provided...
CVE-2003-0472
The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service hang in inetd via port scanning...
why i love xs4all + mediaplayer thingie
Why i love xs4all rant you'll probably wanna skip this but i need to get this out of my system: a few weeks back i was unpleasantly suprised by the fact that my internet wasn't working the support desk employee after making me reset my modem a dozen times and tripple checking my settings finaly...
[NEWS] UDP Bypassing in Kerio Firewall (UDP Scan)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion In the US? Contact Beyond Security at our new California office housewarming rates on automated network vulnerability scanning. We also...
CVE-2002-1484
DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems port scan via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error...