1505 matches found
Namazu < 2.0.14 Multiple Vulnerabilities
The remote host is running Namazu - a web-based search engine. The remote version of this software has various flaws that may allow an attacker to perform a cross-site scripting attack using the remote host or to execute arbitrary code on the remote system with the privileges of the web server...
Nucleus CMS < 3.15 Multiple Vulnerabilities
The remote host is running Nucleus CMS, an open source content management system. The remote version of this software is vulnerable to various flaws that may allow an attacker to perform a cross-site scripting attack using the remote host and to perform a SQL injection attack on the remote...
DMS POP3 Server (1.5.3 build 37) Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits ======================================================== DMS POP3 Server 1.5.3 build 37 Buffer Overflow Exploit ======================================================== ===== Start DMSPOP3Overflow.pl ===== Usage: DMSPOP3Overflow.pl...
FreeBSD Ports : FreeRADIUS < 1.0.1
The remote host has the following package installed : 0.8.0 = freeradius 1.0.1 The remote version of this software is vulnerable to a flaw which may allow an attacker to disable this service remotely. C Tenable Network Security if ! definedfunc"bnrandom" exit0; include"compat.inc"; ifdescription...
NIS passwd.byname Map Disclosure
This script fetches the remote NIS 'passwd.byname' map, provided that the NIS domain name could be obtained. C Tenable Network Security, Inc. include 'compat.inc' ; if description scriptid12238; scriptversion"1.19"; scriptcvsdate"Date: 2018/08/13 14:32:37"; scriptnameenglish:"NIS passwd.byname Ma...
OpenSSL < 0.9.6m / 0.9.7d Multiple Remote DoS
According to its banner, the remote host is using a version of OpenSSL which is older than 0.9.6m / 0.9.7d. There are several bugs in such versions that may allow an attacker to cause a denial of service against the remote host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription...
EffectOffice Server 2.6 - Remote Service Buffer Overflow (PoC)
source: https://www.securityfocus.com/bid/9077/info A problem has been reported the service used by EffectOffice Server. Because of this, it may be possible for a remote user to deny service to legitimate users of the software. hacker telnet telnet open to attackhost 56004 Trying attackhost...
Open Shortest Path First (OSPF) Agent Detection
The remote host is running OSPF, a popular routing protocol. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. RFC 1247 / RFC 2328 OSPF v2 The OSPF protocol runs directly over IP, using IP protocol 89. Routing protocol packets should always be sent with the IP TOS field set to 0. Table 8: OSPF...
FileMaker Pro Client Request User Passwords Remote Disclosure
The remote host is running a FileMakerPro server. There is a flaw in the design of the FileMakerPro server which makes the database authentication occur on the client side. A remote attacker could exploit this flaw to gain access to databases by connecting to this port with a rogue client. C...
PHP socket_iovec_alloc() Function Overflow
The remote host is running a version of PHP that is older than 4.3.2. There is a flaw in this version that could allow an attacker who has the ability to inject an arbitrary argument to the function socketiovecalloc to crash the remote service and possibly to execute arbitrary code. For this atta...
DNS Server Detection
The remote service is a Domain Name System DNS server, which provides a mapping between hostnames and IP addresses. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11002; scriptversion"$Revision: 1.22 $"; scriptcvsdate"$Date: 2017/05/16 19:35:38 $";...
IRC Daemon Version Detection
This plugin determines the version of the IRC daemon. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11156; scriptversion"$Revision: 1.15 $"; scriptcvsdate"$Date: 2016/01/08 15:38:43 $"; scriptnameenglish:"IRC Daemon Version Detection"; scriptsummaryenglish:"IRCD...
Service Detection (HELP Request)
It was possible to identify the remote service by its banner or by looking at the error message it sends when it receives a 'HELP' request. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11153; scriptversion"1.318"; scriptsetattributeattribute:"pluginmodificationdate...
xtel Detection
The remote host is running xteld, a Minitel emulator. This service allows users to connect to the Teletel network. Some of the servers are expensive. Note that by default, xteld forbids access to the most expensive services. C Tenable Network Security, Inc. include"compat.inc"; ifdescription...
Multiple Vendor rpc.nisd Long NIS+ Argument Remote Overflow
The remote RPC service 100300 nisd is vulnerable to a buffer overflow attack that allows any user to obtain a root shell on this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10251; scriptversion"1.28"; scriptcvsdate"Date: 2018/11/15 20:50:24";...
Omron WorldView Wnn Multiple Command Remote Overflow
It was possible to make the remote Wnn server crash by sending an oversized string to it. C Tenable Network Security, Inc. References: http://www.tomo.gr.jp/users/wnn/0008ml/msg00000.html http://online.securityfocus.com/advisories/4413 include"compat.inc"; if description scriptid11108;...
UPnP Client Detection
This machine answered to a unicast UPnP NOTIFY packet by trying to fetch the XML description that Nessus advertised. This script was written by John [email protected] Changes by Tenable: - Revised plugin title 9/8/09 include"compat.inc"; ifdescription scriptid10829; scriptversion"1.26"...
healthd Detection
The remote host is running healthd, a daemon which uses the sensors of the remote host to report the temperature of various of its components. It is recommended to not let anyone connect to this port. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
cfingerd < 1.4.4 Multiple Vulnerabilities
The version of cfingerd running on the remote host has multiple vulnerabilities, including : - A local buffer overflow in the GECOS field, which can be used to escalate privileges. - A format string vulnerability, triggered by a malformed ident reply. This can be used to execute arbitrary code. -...
Microsoft Windows Messenger Service Social Engineering Weakness
The messenger service is running. This service allows NT users to send pop-up messages to each other. This service can be abused by anyone who can trick valid users into doing some actions that may harm their accounts or your network social engineering attack. C Tenable Network Security, Inc...