Lucene search
+L

101 matches found

nessus
nessus
added 2014/12/15 12:0 a.m.20 views

Mandriva Linux Security Advisory : bind (MDVSA-2014:238)

Updated bind packages fix security vulnerability : By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the...

7.8CVSS6.8AI score0.65683EPSS
Exploits0References2
securityvulns
securityvulns
added 2014/10/15 12:0 a.m.87 views

[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities]

Advisory Overview Multiple vulnerabilities exist in the Vembu Storegrid Backup and Disaster Recovery solution affecting both the client and server software see Additional Information section include but are not limited to reflected XSS, source code/sensitive information disclosure, privilege...

0.4AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.33 views

Microsoft Windows 2000 telnet.exe NTLM Authentication Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1683/info By default, the telnet client telnet.exe shipped with Microsoft Windows 2000 utilizes Windows NT Challenge/Response NTLM as an authentication method. When establishing a connection to a host, the telnet client...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

Netscape iCal 2.1 Patch2 iPlanet iCal 'csstart' Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1769/info Netscape's iPlanet iCal application is a network based calendar service built for deployment in organizations which require a centralized calendar system. Certain versions of iCal ship with a vulnerability in...

7.1AI score
Exploits0
mageia
mageia
added 2013/10/09 10:27 p.m.19 views

Updated ssmtp package fixes security vulnerability

It was reported that ssmtp, an extremely simple MTA to get mail off the system to a mail hub, did not perform x509 certificate validation when initiating a TLS connection to server. A rogue server could use this flaw to conduct man-in- the-middle attack, possibly leading to user credentials leak...

0.8AI score
Exploits0References2
saint
saint
added 2013/09/30 12:0 a.m.35 views

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

0.7AI score
Exploits0
saint
saint
added 2013/09/30 12:0 a.m.38 views

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

0.7AI score
Exploits0
saint
saint
added 2013/09/30 12:0 a.m.31 views

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

0.7AI score
Exploits0
saint
saint
added 2013/09/30 12:0 a.m.28 views

Upgrade Attack

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...

0.3AI score
Exploits0
centos
centos
added 2013/02/11 6:29 p.m.404 views

elinks security update

CentOS Errata and Security Advisory CESA-2013:0250 An updated elinks package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS...

5.1CVSS6.2AI score0.0191EPSS
Exploits0References7
nessus
nessus
added 2012/08/01 12:0 a.m.29 views

Scientific Linux Security Update : curl on SL4.x, SL5.x, SL6.x i386/x86_64

cURL provides the libcurl library and a command line tool for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. It was found that cURL always performed credential delegation when authenticating with GSSAPI. A rogue server could use this flaw to obtain the...

4.3CVSS7.5AI score0.02994EPSS
Exploits0References2
openvas
openvas
added 2012/07/30 12:0 a.m.27 views

CentOS Update for curl CESA-2011:0918 centos4 x86_64

Check for the Version of curl OpenVAS Vulnerability Test CentOS Update for curl CESA-2011:0918 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

4.3CVSS7.2AI score0.02994EPSS
Exploits0References2
nessus
nessus
added 2011/12/13 12:0 a.m.26 views

SuSE 10 Security Update : dhcp (ZYPP Patch Number 7430)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0997 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References2
openvas
openvas
added 2011/05/12 12:0 a.m.29 views

Debian: Security Advisory (DSA-2217-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.84292EPSS
Exploits6References3
debian
debian
added 2011/04/10 9:55 p.m.27 views

[SECURITY] [DSA 2216-1] isc-dhcp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2216-1 [email protected] http://www.debian.org/security/ Nico Golde April 10, 2011 http://www.debian.org/security/faq -...

7.5CVSS6.1AI score0.84292EPSS
Exploits6
checkpoint_advisories
checkpoint_advisories
added 2009/07/17 12:0 a.m.4 views

Preemptive Protection against DHCP Stack Overflow in 'dhclient' script_write_params()

The ISC DHCP client code dhclient application contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code. ISC DHCP is a reference implementation of the DHCP protocol, including a DHCP server, client, and relay agent. dhclient fails to check the...

10CVSS8.3AI score0.2578EPSS
Exploits9
osv
osv
added 2009/03/03 8:0 a.m.5 views

CURL-CVE-2009-0037 Arbitrary File Access

When told to follow a "redirect" automatically, libcurl does not question the new target URL but follows it to any new URL that it understands. As libcurl supports FILE:// URLs, a rogue server can thus "trick" a libcurl-using application to read a local file instead of the remote one. This is a...

6.8CVSS6.4AI score0.07812EPSS
Exploits2
securityvulns
securityvulns
added 2008/07/26 12:0 a.m.65 views

SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability

====================================================================== = Security Objectives Advisory SECOBJADV-2008-02 = ====================================================================== Cygwin Installation and Update Process can be Subverted Vulnerability...

7.6CVSS6.6AI score0.95182EPSS
Exploits23
nessus
nessus
added 2005/03/24 12:0 a.m.13 views

Trillian Multiple HTTP Responses Buffer Overflow Vulnerabilities

The remote host has the Trillian program installed. Trillian is a Peer2Peer client that allows users to chat and share files with other users across the world. The remote version of this software is vulnerable to several buffer overflows when processing malformed responses. An attacker could...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2002/02/05 12:0 a.m.33 views

Buffer overflow in mIRC allowing arbitary code to be executed.

General Info ------------ Researched by: James Martin Full advisory: http://www.uuuppz.com/research/adv-001-mirc.htm Exploit: Proof of concept code available at above URL. Product: mIRC Website: http://www.mirc.com Version: 5.91 and all prior versions to be best of my knowledge. Fix: A patch will...

1.9AI score
Exploits0
Rows per page
Query Builder