Lucene search
+L

3144 matches found

Tenable Nessus
Tenable Nessus
added 2010/04/26 12:0 a.m.16 views

FreeBSD : moodle -- multiple vulnerabilities (f6429c24-4fc9-11df-83fb-0015587e2cc1)

The Moodle release notes report multiple vulnerabilities which could allow remote attackers to perform, amongst others, cross site scripting, user enumeration and SQL injection attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

5.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/04/09 12:0 a.m.720 views

LDAP User Enumeration

By using the search base gathered by plugin ID 25701, Nessus was able to enumerate the list of users in the remote LDAP directory. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid45478; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

5.5AI score
Exploits0
FreeBSD
FreeBSD
added 2010/03/25 12:0 a.m.15 views

moodle -- multiple vulnerabilities

The Moodle release notes report multiple vulnerabilities which could allow remote attackers to perform, amongst others, cross site scripting, user enumeration and SQL injection attacks...

3.5AI score
Exploits0References1
Metasploit
Metasploit
added 2010/02/09 4:43 p.m.15 views

SMB User Enumeration (SAM EnumUsers)

Determine what users exist via the SAM RPC service This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB User Enumeration SAM EnumUsers', 'Description' = 'Determine what users exist via the SAM R...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2010/02/09 12:0 a.m.50 views

LDAP - Injection

Vurnerebility: LDAP Injection + Category : Implemented Web exploit + Category : Attack Technique + Author : mc2s3lector + dork : X/o" + Contact : www.yogyacarderlink.web.id + date : 4-2-10 + biGthank to : Allah SWT,jasakom,KeDai Computerworks,0n3-d4y n3ro,eplaciano, all.indonesian like a coding,...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2010/01/29 12:0 a.m.59 views

Multiple Vulnerabilities in Cisco Unified MeetingPlace

No description provided by source. Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Advisory ID: cisco-sa-20100127-mp Revision 1.0 For Public Release 2010 Jan 27 1600 UTC GMT +--------------------------------------------------------------------- Summary =======...

10CVSS6.5AI score0.02631EPSS
Exploits1
Nmap
Nmap
added 2010/01/26 9:40 a.m.341 views

mysql-users NSE Script

Attempts to list all users on a MySQL server. Script Arguments mysqluser The username to use for authentication. If unset it attempts to use credentials found by mysql-brute or mysql-empty-password. mysqlpass The password to use for authentication. If unset it attempts to use credentials found by...

10CVSS0.2AI score0.99448EPSS
Exploits33
ALT Linux
ALT Linux
added 2010/01/14 12:0 a.m.53 views

Security fix for the ALT Linux 5 package tomcat6 version 0:6.0.18-alt6_8jpp5

Jan. 14, 2010 Slava Semushin 0:6.0.18-alt68jpp5 - NMU - Applied upstream patches to fix following vulnerabilities: + CVE-2009-0033: DoS when using Java AJP connector Closes: 20313 + CVE-2009-0580: User enumeration vulnerability with FORM authentication Closes: 20315 + CVE-2009-0781: XSS in calend...

5CVSS4.9AI score0.9444EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.46 views

SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 6352)

This update of tomcat fixes several vulnerabilities : - RequestDispatcher usage can lead to information leakage. CVE-2008-5515 - denial of service via AJP connection. CVE-2009-0033 - some authentication classes allow user enumeration. CVE-2009-0580 - XSS bug in example application cal2.jsp...

5CVSS5.5AI score0.9444EPSS
Exploits8References10
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.51 views

openSUSE Security Update : tomcat6 (tomcat6-999)

This update of tomcat fixes several vulnerabilities : - CVE-2008-5515: RequestDispatcher usage can lead to information leakage - CVE-2009-0033: denial of service via AJP connection - CVE-2009-0580: some authentication classes allow user enumeration - CVE-2009-0781: XSS bug in example application...

5CVSS5.5AI score0.9444EPSS
Exploits8References13
Prion
Prion
added 2009/07/13 2:30 p.m.17 views

Code injection

The Sametime server in IBM Lotus Instant Messaging and Web Conferencing 6.5.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to enumerate valid usernames...

5CVSS7AI score0.01064EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2009/07/10 9:0 p.m.21 views

Design/Logic Flaw

WordPress and WordPress MU before 2.8.1 exhibit different behavior for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue, indicating that the behavior...

5CVSS7AI score0.85EPSS
Exploits14References11Affected Software2
OSV
OSV
added 2009/07/10 9:0 p.m.9 views

CVE-2009-2335

WordPress and WordPress MU before 2.8.1 exhibit different behavior for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue, indicating that the behavior...

6.4AI score
Exploits0References13
CVE
CVE
added 2009/07/10 8:25 p.m.107 views

CVE-2009-2335

CVE-2009-2335 affects WordPress and WordPress MU prior to 2.8.1, where a failed login behaves differently depending on whether the user account exists, enabling remote enumeration of valid usernames. The vendor reportedly disputes the significance of the issue, calling the behavior for user conve...

5CVSS6.4AI score0.85EPSS
Exploits14References11Affected Software2
securityvulns
securityvulns
added 2009/07/09 12:0 a.m.39 views

[Full-disclosure] Lotus Sametime User Enumeration Vulnerability - Security Advisory - SOS-09-004

Lotus Sametime User Enumeration Vulnerability - Security Advisory - SOS-09-004 Release Date. 9-Jul-2009 Vendor Notification Date. 2-Jun-2009 Product. IBM Lotus Instant Messaging and Web Conferencing Sametime Platform. Windows verified, possibly others Affected versions. IBM Lotus Instant Messagin...

Exploits0
RedHat Linux
RedHat Linux
added 2009/07/06 11:42 a.m.8 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP07 update

Updated JBoss Enterprise Application Platform JBEAP 4.2 packages that fix various issues are now available for Red Hat Enterprise Linux 5 as JBEAP 4.2.0.CP07. This update has been rated as having important security impact by the Red Hat Security Response Team. JBoss Enterprise Application Platfor...

5CVSS6.2AI score0.9444EPSS
Exploits6References6
securityvulns
securityvulns
added 2009/06/14 12:0 a.m.57 views

Apache Tomcat multiple security vulnerabilities

Information leak, user enumeration, DoS, directory traversal...

5CVSS2.3AI score0.9444EPSS
Exploits7References6Affected Software1
d2
d2
added 2009/06/05 4:0 p.m.94 views

DSquare Exploit Pack: D2SEC_TOMCAT_ENUMUSER

Name| d2sectomcatenumuser ---|--- CVE| CVE-2009-0580 Exploit Pack| D2ExploitPack Description| Apache Tomcat User Enumeration Notes|...

4.3CVSS1.8AI score0.9444EPSS
Exploits4
securityvulns
securityvulns
added 2009/06/05 12:0 a.m.138 views

[SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2009-0580: Tomcat information disclosure vulnerability Severity: Low Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.1.0 to 4.1.39 Tomcat 5.5.0 to 5.5.27 Tomcat 6.0.0 to 6.0.18 The unsupported Tomcat 3.x, 4.0.x and 5.0.x version...

4.3CVSS4.9AI score0.9444EPSS
Exploits4
securityvulns
securityvulns
added 2009/06/05 12:0 a.m.134 views

[SECURITY] CVE-2009-0580 UPDATED Apache Tomcat User enumeration vulnerability with FORM authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Updated to clarify affected versions as they vary for each affected Realm. CVE-2009-0580: Tomcat information disclosure vulnerability Severity: Low Vendor: The Apache Software Foundation Versions Affected: MemoryRealm: Tomcat 4.1.0 to 4.1.39 Tomcat...

4.3CVSS4.9AI score0.9444EPSS
Exploits4
Rows per page
Query Builder