9545 matches found
Axis Storpoint CD Admin Authentication Bypass
The remote host is running Axis StorPoint. It is possible to access the administration interface with a specially crafted URL that contains directory traversal characters. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
SGI InfoSearch infosrch.cgi fname Parameter Arbitrary Command Execution
The remote web server is hosting the 'infosrch.cgi' script. The installed version of this script fails to properly sanitize user- supplied input to the 'fname' variable. An attacker, exploiting this flaw, could execute arbitrary commands on the remote host subject to the privileges of the web...
Trin00 for Windows Trojan Detection
The remote host appears to be running Trin00 for Windows, a trojan that can be used to control your system or make it attack another network this is actually called a distributed denial of service attack tool. It is very likely that this host has been compromised. %NASLMINLEVEL 70300 C Tenable...
SNMP Zero Length UDP Packet Remote DoS
It was possible to crash either the remote host or the firewall in between us and the remote host by sending an UDP packet of null size going to port 161 snmp This flaw may allow an attacker to shut down your network. C Tenable Network Security, Inc. Thanks to Christophe Grenier for pointing this...
Trin00 Trojan Detection
The remote host appears to be running Trin00, a Trojan Horse that can be used to control your system or make it attack another network this is actually called a Distributed Denial Of Service attack tool. It is very likely that this host has been compromised. %NASLMINLEVEL 70300 C Tenable Network...
Stacheldraht Trojan Detection
The remote host is running Stacheldraht, a trojan horse that can be used to control your system or make it attack another network. An ICMP ECHO reply was sent to the remote host with 'gesundheit!' and an ID of 668. The host sent a reply with 'sicken ' and an ID of 669. If Paranoid is enabled, the...
TCP/IP ACK Packet Saturation Remote DoS (stream.c)
It seems it was possible to make the remote server crash using the 'stream' or 'raped' attack. An attacker may use this flaw to shut down this server, thus preventing your network from working properly. C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Erik...
Nortel Contivity HTTP Server cgiproc Special Character DoS
It is possible to crash the remote host by doing the HTTP request : GET /cgi/cgiproc?$ C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10160; scriptversion"1.39"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/09/29"; scriptcveid"CVE-2000-0064";...
HTTP Server Type and Version
This plugin attempts to determine the type and the version of the remote web server. Copyright 2000 by Hendrik Scholz @@NOTE: The output of this plugin should not be changed Changes by Tenable: - Revised plugin title 10/08/10 - Removed use of deprecated functions 01/16/2018 - Fixed various regula...
TFN (Tribe Flood Network) Trojan Detection
The remote host appears to be running TFN Tribe Flood Network, which is a Trojan Horse that can be used to control your system or make it attack another network. It is very likely that this host has been compromised C Tenable Network Security, Inc. include"compat.inc"; if description scriptid1028...
Web Server Directory Traversal Arbitrary File Access
It appears possible to read arbitrary files on the remote host outside the web server's document directory using a specially crafted URL. An unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. Note that this plugin is not limit...
Microsoft Windows NT SCM Malformed Resource Enumeration Request DoS
An 'rfpoison' packet has been sent to the remote host. This packet is supposed to crash the 'services.exe' process, making the system unstable. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid10204; scriptversion"1.32";...
TCP/IP 'Chorusing' Windows DoS
Microsoft Windows 95 and 98 clients have the ability to bind multiple TCP/IP stacks on the same MAC address, simply by having the protocol added more than once in the Network Control panel. The remote host has several TCP/IP stacks with the same IP bound on the same MAC address. As a result, it...
Windows NetBIOS / SMB Remote Host Information Disclosure
The remote host is listening on UDP port 137 or TCP port 445, and replies to NetBIOS nbtscan or SMB requests. Note that this plugin gathers information to be used in other plugins, but does not itself generate a report. C Tenable Network Security, Inc. include"compat.inc"; if description...
3Com HiPer Access Router Card (HiperARC) IAC Packet Flood DoS
It was possible to reboot the remote host likely a HyperARC router by sending it a high volume of IACs. An attacker may use this flaw to shut down your internet connection. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10108; scriptversion"1.29"; scriptcvsdate"Date:...
RPC portmapper Service Detection
The RPC portmapper is running on this port. The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10223;...
[SECURITY] New versions of rsync fixes security hole
This is an old report from May 1999 but it wasnt reported on this channel yet. The author of rsync, Andrew Tridgell, has reported that former versions of rsync contained a security-related bug. I you were transferring an empty directory into a non-existent directory on a remote host, permissions ...
msproxy2.0.exploit.txt
Date: Wed, 7 Oct 1998 07:10:49 +0100 From: Mnemonix To: [email protected] Subject: WARNING: By-passing MS Proxy packet filtering The following text is in the "ISO-8859-1" character set. Your display is set for the "US-ASCII" character set. Some characters may be displayed incorrectly. Whilst...
GateCrasher Backdoor Detection
The remote host has the backdoor GateCrasher installed. This backdoor allows anyone to partially take control of the affected system. An attacker may use it to steal information or crash the affected host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10093;...
Ping the remote host
Nessus was able to determine if the remote host is alive using one or more of the following ping types : - An ARP ping, provided the host is on the local subnet and Nessus is running over Ethernet. - An ICMP ping. - A TCP ping, in which the plugin sends to the remote host a packet with the flag...