708 matches found
Microsoft Windows 10: Service: Windows Mobile Hotspot Service
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winmobilehotspot.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Windows Mobile Hotspot Service icssvc Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program i...
Microsoft Windows: Service: HomeGroup Listener
This test checks the setting for policy scriptaddpreferencename:"Value", type:"radio", value:"4;0;1;2;3"; OpenVAS Vulnerability Test $Id: winhomegrouplistener.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for HomeGroup Listener HomeGroupListener Authors: Emanuel Moss Copyright: Copyright c...
Microsoft Windows: Service:World Wide Web Publishing Service
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winwwwpublishing.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for World Wide Web Publishing Service W3SVC Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program...
Microsoft Windows: Service: Remote Access Auto Connection Manager
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winrasauto.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Remote Access Auto Connection Manager RasAuto Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program...
Microsoft Windows: Service: IIS Admin Service
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winiisadminservice.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for IIS Admin Service IISADMIN Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free...
Microsoft Windows: Do not display last user name
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winildisplaylastuser.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Interactive logon: Do not display last user name Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...
Microsoft Office: Programmatic access for creating online presentations (PowerPoint, Word)
This test checks the setting for policy OpenVAS Vulnerability Test $Id: office2013programmaticcreationonlinepresentation.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Restrict programmatic access for creating online presentations in PowerPoint and Word Authors: Emanuel Moss Copyright:...
Microsoft Office: Disable Opt-in Wizard on first run
This test checks the setting for policy OpenVAS Vulnerability Test $Id: office2013opt-inwizard.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Disable Opt-in Wizard on first run Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This progra...
ROC - Infineon RSA Vulnerability
This tool is related to ACM CCS 2017 conference paper 124 Return of the Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli. It enables you to test public RSA keys for a presence of the described vulnerability. Update : The paper of the attack is already online, ACM version...
Exploit for Use After Free in Apache Http_Server
optionsbleed ============ This is a proof of concept code to te...
Debian Security Advisory DSA 3893-1 (jython - security update)
Alvaro Munoz and Christian Schneider discovered that jython, an implementation of the Python language seamlessly integrated with Java, is prone to arbitrary code execution triggered when sending a serialized function to the deserializer. OpenVAS Vulnerability Test $Id: deb3893.nasl 6782 2017-07-2...
Debian Security Advisory DSA 3891-1 (tomcat8 - security update)
Aniket Nandkishor Kulkarni discovered that in tomcat8, a servlet and JSP engine, static error pages used the original request OpenVAS Vulnerability Test $Id: deb3891.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3891-1 using nvtgen 1.0 Script version: 1.0 Author:...
Debian Security Advisory DSA 3888-1 (exim4 - security update)
The Qualys Research Labs discovered a memory leak in the Exim mail transport agent. This is not a security vulnerability in Exim by itself, but can be used to exploit a vulnerability in stack handling. OpenVAS Vulnerability Test $Id: deb3888.nasl 6618 2017-07-07 14:17:52Z cfischer $ Auto-generate...
Debian Security Advisory DSA 3887-1 (glibc - security update)
The Qualys Research Labs discovered various problems in the dynamic linker of the GNU C Library which allow local privilege escalation by clashing the stack. OpenVAS Vulnerability Test $Id: deb3887.nasl 6618 2017-07-07 14:17:52Z cfischer $ Auto-generated from advisory DSA 3887-1 using nvtgen 1.0...
Debian Security Advisory DSA 3879-1 (libosip2 - security update)
Multiple security vulnerabilities have been found in oSIP, a library implementing the Session Initiation Protocol, which might result in denial of service through malformed SIP messages. OpenVAS Vulnerability Test $Id: deb3879.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory...
Debian Security Advisory DSA 3840-1 (mysql-connector-java - security update)
Thijs Alkemade discovered that unexpected automatic deserialisation of Java objects in the MySQL Connector/J JDBC driver may result in the execution of arbitrary code. For additional details, please refer to the advisory at https://www.computest.nl/advisories/CT-2017-0425MySQL-Connector-J.txt...
Debian Security Advisory DSA 3823-1 (eject - security update)
Ilja Van Sprundel discovered that the dmcrypt-get-device helper used to check if a given device is an encrypted device handled by devmapper, and used in eject, does not check return values from setuid and setgid when dropping privileges. OpenVAS Vulnerability Test $Id: deb3823.nasl 6607 2017-07-0...
Debian Security Advisory DSA 3816-1 (samba - security update)
Jann Horn of Google discovered a time-of-check, time-of-use race condition in Samba, a SMB/CIFS file, print, and login server for Unix. A malicious client can take advantage of this flaw by exploting a symlink race to access areas of the server file system not exported under a share definition...
Debian Security Advisory DSA 3805-1 (firefox-esr - security update)
Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, ASLR bypass, information disclosure or denial of service. OpenVAS Vulnerability Test $Id:...
Debian Security Advisory DSA 3769-1 (libphp-swiftmailer - security update)
Dawid Golunski from LegalHackers discovered that PHP Swift Mailer, a mailing solution for PHP, did not correctly validate user input. This allowed a remote attacker to execute arbitrary code by passing specially formatted email addresses in specific email headers. OpenVAS Vulnerability Test $Id:...