2293 matches found
Mantis < 0.19.1 Multiple Vulnerabilities
According to its banner, the remote version of Mantis suffers from several information disclosure vulnerabilities that could allow an attacker to view stats of all projects or to receive information for a project after the malicious user was removed from it. %NASLMINLEVEL 70300 C Tenable Network...
GLSA-200411-07 : Proxytunnel: Format string vulnerability
The remote host is affected by the vulnerability described in GLSA-200411-07 Proxytunnel: Format string vulnerability Florian Schilhabel of the Gentoo Linux Security Audit project found a format string vulnerability in Proxytunnel. When the program is started in daemon mode -a port, it improperly...
PostNuke Trojaned Distribution
The remote host seems to be running a copy of a trojaned version of the 'PostNuke' content management system. PostNuke is a content management system in PHP whose main website has been compromised between the 24th and 26th of October 2004. An attacker modified some of the source code of the tool ...
Serendipity Multiple Script HTTP Response Splitting
The remote version of Serendipity is affected by an HTTP response- splitting vulnerability that may allow an attacker to perform a cross- site scripting attack against the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
CVE-2004-0214
CVE-2004-0214 is a remote code execution vulnerability in the Windows Shell (Shell32) that stems from an unchecked/buffered input condition in the Shell’s handling of messages when launching applications. An attacker could entice a user to visit a malicious Web page or open a crafted file, potent...
CJOverkill < 4.0.4 trade.php XSS
Binary data 2364.prm...
MS04-030: WebDAV XML Message Handler Denial of Service (824151)
The remote host is running a version of Windows and IIS that is vulnerable to a remote denial of service attack through the WebDAV XML Message Handler. An attacker may exploit this flaw to prevent the remote web server from working properly. C Tenable Network Security, Inc. include"compat.inc"; i...
aspWebAlbum album.asp SQL Injection
The remote host appears to be running aspWebAlbum, an ASP script designed to faciliate the integration of multiple photo albums in a web-based application. There is a flaw in the remote software that could allow anyone to inject arbitrary SQL commands, which may in turn be used to gain...
aspWebCalendar calendar.asp SQL Injection
The remote host appears to be running aspWebCalendar, an ASP script designed to faciliate the integration of multiple calendars in a web- based application. There is a flaw in the remote software that could allow anyone to inject arbitrary SQL commands, which may in turn be used to gain...
Samba < 3.0.7 Multiple Remote DoS
The remote Samba server, according to its version number, is vulnerable to a denial of service. There is a bug in the remote smbd ASN.1 parsing that could allow an attacker to cause a denial of service attack against the remote host by sending a specially crafted ASN.1 packet during the...
PsNews index.php Multiple Parameter XSS
The remote server is running a version of PsNews a content management system which is older than 1.2. This version is affected by multiple cross-site scripting flaws. An attacker may exploit these to steal the cookies from legitimate users of this website. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2004-1751
Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote servers to cause a denial of service client or server crash via a large packet, which generates a "Message too long" socket error that is treated as a critical error...
Easy File Sharing Web Server disk_c Virtual Folder Request Arbitrary File Access
The remote host is running Easy File Sharing Web Server, a web server package designed to facilitate file sharing. There is a flaw in the remote version of this software that could allow a remote attacker to read arbitrary files on the remote host. C Tenable Network Security, Inc...
MAILsweeper Archive File Filtering Bypass
The remote host is running MAILsweeper - a content security solution for SMTP. According to its banner, the remote version of MAILsweeper may allow an attacker to bypass the archive filtering settings of the remote server by sending an archive in the format 7ZIP, ACE, ARC, BH, BZIP2, HAP, IMG, PA...
Apache < 2.0.46 Multiple Vulnerabilities
Binary data 1443.prm...
CVSTrac Invalid Ticket DoS
The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to invalid tickets that may allow an attacker to cause the application to crash. An attacker, exploiting this flaw, would be able to remotely shut down the...
Port80 Software ServerMask protection bypass
Multiuple remote server type detection methods are available...
BasiliX Application Detection
The remote host is running BasiliX, a webmail application based on PHP and IMAP and powered by MySQL. %NASLMINLEVEL 70300 This script was written by George A. Theall, . See the Nessus Scripts License for details. Changes by Tenable: - Revised plugin title 12/28/10 include'deprecatednasllevel.inc'...
MyServer 0.6.2 math_sum.mscgi Multiple Vulnerabilities
The sample CGI mathsum.mscgi is installed on the remote web server. The remote version of this CGI contain several issues which may allow an attacker to execute a cross-site scripting attack, to disable the remote server remotely or to execute arbitrary code with the privileges of the server...
CVE-2004-0727
Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as...