Solaris 10 (x86) : 148072-19 (deprecated)

SunOS 5.10x86: openssl patch. Date this patch was last updated by Sun : Dec/17/15 This plugin has been deprecated and either replaced with individual 148072 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on...

Novell Client for Windows 'nicm.sys' 本地权限提升漏洞

BUGTRAQ ID: 60203 Novell Client 工作站软件通过提供对 NetWare 和 Open Enterprise Server OES 的访问，扩展了 Linux 和 Windows 台式机的功能。 Novell Client 2 SP3 for Windows 7/8在处理NICM.SYS内的"NICMIOCTLREQUESTREPLY" 0x143B6B IOCTL请求时存在错误，可导致以内核权限执行任意代码。 0 Novell Client for Windows NT/2000/XP 4.x 厂商补丁： Novell ------...

Microsoft Windows Kernel 'Win32k.sys'本地拒绝服务漏洞(CVE-2013-3661)

BUGTRAQ ID: 60159 CVECAN ID: CVE-2013-3661 Microsoft Windows是微软公司推出的一系列操作系统。 Microsoft Windows XP SP2/SP3、Windows Server 2003 SP2、Windows Vista SP2、Windows Server 2008 SP2/R2 SP1、Windows 7 SP1、Windows 8、Windows Server 2012、Windows...

Wireshark 1.6.x < 1.6.15 ASN.1 BER Dissector Malformed Packet Handling DoS

The installed version of Wireshark 1.6 is earlier than 1.6.15. It is, therefore, affected by a denial of service vulnerability in the ASN.1 BER dissector when handling malformed packets. Bug 8599 C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66543; scriptversion"1.8...

Microsoft Windows 'Win32k.sys' 本地权限提升漏洞(CVE-2013-1333)(MS13-046)

BUGTRAQ ID: 59749 CVECAN ID: CVE-2013-1333 Microsoft Windows是微软公司推出的一系列操作系统。 如果 Windows 内核模式驱动程序不正确地处理内存中的对象，则存在一个特权提升漏洞。成功利用此漏洞的攻击者可能导致系统不稳定。 0 Microsoft Windows XP Microsoft Windows Windows Server 2012 Microsoft Windows Windows RT Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft...

Fedora 17 : tinc-1.0.21-1.fc17 (2013-7128)

Wed Apr 24 2013 Fabian Affolter - 1.0.21-1 - Updated to new upstream version 1.0.21 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Solaris 10 (x86) : 148242-05 (deprecated)

SunOS 5.10x86: statd patch. Date this patch was last updated by Sun : Aug/15/14 This plugin has been deprecated and either replaced with individual 148242 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on...

Opera Multiple Vulnerabilities-01 May13 (Linux)

The host is installed with Opera and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultvuln01may13lin.nasl 6104 2017-05-11 09:03:48Z teissa $ Opera Multiple Vulnerabilities-01 May13 Linux Authors: Arun Kallavi Copyright: Copyright c 2013 Greenbone Networks GmbH,...

Opera Multiple Vulnerabilities-01 May13 (Mac OS X)

The host is installed with Opera and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultvuln01may13macosx.nasl 6125 2017-05-15 09:03:42Z teissa $ Opera Multiple Vulnerabilities-01 May13 Mac OS X Authors: Arun Kallavi Copyright: Copyright c 2013 Greenbone Networks Gmb...

phpMyAdmin 'what'参数本地文件包含漏洞

BUGTRAQ ID: 59462 CVECAN ID: CVE-2013-3240 phpmyadmin是MySQL数据库的在线管理工具，主要功能包括在线创建数据表、运行SQL语句、搜索查询数据以及导入导出数据等。 phpMyAdmin 4.0.0-rc3之前版本的Exprot功能存在目录遍历漏洞，经过身份验证的远程用户通过指定特制导出类型的参数，利用此漏洞可以包含任意文件，导致任意代码执行。 Php script "export.php" line 20: ------------------------ source code start...

WebKit 'FrameLoader::checkCompleted()'函数释放后重用远程代码执行漏洞

BUGTRAQ ID: 59515 CVECAN ID: CVE-2013-0902 WebKit是一个开源的浏览器引擎，也是苹果Mac OS X 系统引擎框架版本的名称，主要用于Safari，Dashboard，Mail和其他一些Mac OS X 程序。 WebKit 1.11.5、1.10.2在 readystatechange 事件中删除子帧时，函数 'FrameLoader::checkCompleted' WebCore/loader/FrameLoader.cpp存在释放后重用错误，通过特制的网页，上下文独立的攻击者可间接引用已经释放的内存并可能执行任意代码。 0 WebKi...

[CVE-2012-5389] Null Pointer Derefence in Dart Webserver &lt;= 1.9.2

Overview =============== DartWebserver.Dll is an HTTP server provided by Dart Comunications dart.com. It is distributed in their PowerTCP/Webserver For ActiveX product and likely other similar products. "Build web applications in any familiar software development environment. Use WebServer for...

Fedora 18 : kernel-3.8.6-203.fc18 (2013-5368)

Update to latest stable upstream release, Linux v3.8.6. Wide variety of fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...

Microsoft Windows 'Win32k.sys'本地权限提升漏洞(CVE-2013-1283)(MS13-036)

BUGTRAQ ID: 58858 CVECAN ID: CVE-2013-1283 Microsoft Windows是微软公司推出的一系列操作系统。 如果 Windows 内核模式驱动程序不正确地处理内存中的对象，则存在一个特权提升漏洞。成功利用此漏洞的攻击者可以获得更高的特权和读取任意内核内存数据。 0 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（MS13-036）以及相应补丁:...

Microsoft Windows OpenType字体解析远程拒绝服务漏洞(CVE-2013-1291)(MS13-036)

BUGTRAQ ID: 58853 CVECAN ID: CVE-2013-1291 Microsoft Windows是微软公司推出的一系列操作系统。 当 Windows 未能处理特制字体文件时，存在一个拒绝服务漏洞。此漏洞可能会导致计算机停止响应和重新启动。 0 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（MS13-036）以及相应补丁: MS13-036：Vulnerabilitie...

Active Perl Denial of Service Vulnerability (Windows)

The host is installed with Active Perl and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbactiveperldosvulnwin.nasl 6093 2017-05-10 09:03:18Z teissa $ Active Perl Denial of Service Vulnerability Windows Authors: Arun Kallavi Copyright: Copyright c 2013 Greenbone...

IBM Rational AppScan Enterprise SQL注入漏洞

BUGTRAQ ID: 58686 CVECAN ID: CVE-2013-0511 IBM Rational AppScan是应用安全性软件，能够在开发的各个阶段扫描并测试所有常见的Web应用漏洞。 IBM Rational AppScan Enterprise 8.6 - 8.6.0.2没有正确过滤SQL查询内使用的某些输入，可导致SQL注入漏洞。 0 IBM Rational AppScan 8.x IBM Rational AppScan 5.x 厂商补丁： IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Microsoft Windows ASLR安全绕过漏洞(CVE-2013-2556)

BUGTRAQ ID: 58566 CVECAN ID: CVE-2013-2556 Microsoft Windows是微软公司推出的一系列操作系统。 Microsoft Windows 7内存在不明细节漏洞，可允许攻击者绕过ASLR保护机制。 0 Microsoft Windows 7 厂商补丁： Microsoft --------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.microsoft.com/windows/ie/default.asp...

Fedora 18 : kernel-3.8.3-203.fc18 (2013-4012)

This update fixes the display resolution issues introduced with kernel 3.8.3-201.fc18 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Apple Mac OS X 安全绕过漏洞

BUGTRAQ ID: 58517 CVECAN ID: CVE-2013-0970 Apple Mac OS X是苹果电脑操作系统软件。 Apple Mac OS X 10.8.3之前版本的Messages允许远程攻击者通过特制的FaceTime: URL，绕过FaceTime呼叫确认提示。 0 Apple Mac OS X 10.7.4 Apple Mac OS X 10.7.3 Apple Mac OS X 10.7.2 Apple Mac OS X 10.7.1 Apple Mac OS X Server 10.7.4 Apple Mac OS X Server 10.7.3...