98 matches found
DSA-1021-1 netpbm-free - insecure program execution
Bulletin has no description...
poppassd USER overflow
The remote poppassd daemon crashes when a too long name is sent after the USER command. It might be possible for a remote cracker to run arbitrary code on this machine. OpenVAS Vulnerability Test $Id: poppassdtoolonguser.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: poppassd USER overflow...
TheServer clear text password
We were able to read the server.ini file It may contain sensitive information like clear text passwords. This flaw is known to affect TheServer. OpenVAS Vulnerability Test $Id: theservercleartext.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: TheServer clear text password Authors: Michel...
Xitami malformed header DoS
It is possible to freeze the remote web server by sending a malformed POST request. This is know to affect Xitami 2.5 and earlier versions. OpenVAS Vulnerability Test $Id: xitamiPOSTDoS.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Xitami malformed header DoS Authors: Michel Arboi Copyrigh...
Header overflow against HTTP proxy
It was possible to kill the HTTP proxy by sending an invalid request with a too long header A cracker may exploit this vulnerability to make your proxy server crash continually or even execute arbitrary code on your system. OpenVAS Vulnerability Test $Id: avirtproxyoverflow.nasl 6702 2017-07-12...
Personal Web Sharing overflow
It was possible to kill the Personal Web Sharing service by sending it a too long request. A cracker may exploit this vulnerability to make your web server crash continually. OpenVAS Vulnerability Test $Id: PWSDoS.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Personal Web Sharing overflow...
Jigsaw webserver MS/DOS device DoS
It was possible to crash the Jigsaw web server by requesting /servlet/con about 30 times. A cracker may use this attack to make this service crash continuously. OpenVAS Vulnerability Test $Id: jigsawmsdosdevDoS.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Jigsaw webserver MS/DOS device Do...
Generic format string
The remote service is vulnerable to a format string attack An attacker may use this flaw to execute arbitrary code on this host. OpenVAS Vulnerability Test $Id: miscformatstring.nasl 4750 2016-12-12 15:39:21Z cfi $ Generic format string Authors: Michel Arboi Copyright: Copyright C 2002 Michel Arb...
HTTP 1.0 header overflow
It was possible to kill the web server by sending an invalid request with a too long header From, If-Modified-Since, Referer or Content-Type A cracker may exploit this vulnerability to make your web server crash continually or even execute arbitrary code on your system. OpenVAS Vulnerability Test...
Infinite HTTP request
It was possible to kill the web server by sending an invalid 'infinite' HTTP request that never ends. A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system. OpenVAS Vulnerability Test $Id: wwwinfiniterequestDoS.nasl 6053...
DSA-780-1 kdegraphics - wrong input sanitising
Bulletin has no description...
TFTPD Server Filename Handling Remote Overflow
The remote TFTP server dies when it receives a too big UDP datagram. An attacker may use this flaw to disable the server, or even execute arbitrary code on the system. C Tenable Network Security, Inc. Not tested against a vulnerable server! include"compat.inc"; if description scriptid18264;...
Eudora Internet Mail Server for Mac OS USER Overflow
The remote poppassd daemon crashes when a too long name is sent after the USER command. It might be possible for a remote attacker to run arbitrary code on this machine. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid17295; scriptversion"1.14";...
DSA-692-1 kppp - design flaw
Bulletin has no description...
DSA-651-1 squid - buffer overflow, integer overflow
Bulletin has no description...
PowerPortal index.php index_page Parameter SQL Injection
The remote host is using PowerPortal, a content management system, written in PHP. A vulnerability exists in the remote version of this product that could allow a remote attacker to perform a SQL injection attack against the remote host. An attacker could exploit this flaw to execute arbitrary SQ...
Faq-O-Matic fom.cgi Multiple Parameter XSS
The remote host runs Faq-O-Matic, a CGI-based system that automates the process of maintaining a FAQ. The remote version of this software is vulnerable to cross-site scripting attacks in the script 'fom.cgi'. With a specially crafted URL, an attacker can cause arbitrary code execution resulting i...
WordPress 1.2 - HTTP Splitting
WordPress 1.2 - HTTP Splitting This script is C Tenable Network Security ifdescription scriptid15443; scriptbugtraqid11348; scriptversion "$Revision: 1.1 $"; name"english" = "WordPress HTTP Splitting Vulnerability"; scriptnameenglish:name"english"; desc"english" = " The remote host is running...
Pinnacle ShowCenter Skin DoS
The remote host runs the Pinnacle ShowCenter web-based interface. The remote version of this software is vulnerable to a remote denial of service due to a lack of sanity checks on skin parameter. With a specially crafted URL, an attacker can deny service of the ShowCenter web-based interface...
aspWebCalendar calendar.asp SQL Injection
The remote host appears to be running aspWebCalendar, an ASP script designed to faciliate the integration of multiple calendars in a web- based application. There is a flaw in the remote software that could allow anyone to inject arbitrary SQL commands, which may in turn be used to gain...