Trend Micro Web Management Authentication Bypass Vulnerability

This Remote host is installed with Trend Micro OfficeScan, which is prone to Authentication Bypass Vulnerability. OpenVAS Vulnerability Test $Id: secpodtrendmicroofficescanauthbypassvuln900205.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: Trend Micro Web Management Authentication Bypass...

Vulnerabilities in DNS Could Allow Spoofing (953230)

This host is missing critical security update according to Microsoft Bulletin MS08-037. OpenVAS Vulnerability Test $Id: secpodms08-037900005.nasl 6382 2017-06-20 15:08:09Z cfischer $ Description: Vulnerabilities in DNS Could Allow Spoofing 953230 Authors: Chandan S Copyright: Copyright C 2008...

Trend Micro产品ObjRemoveCtrl类缓冲区溢出漏洞

BUGTRAQ ID:30633 CVE ID：CVE-2008-3364 CNCVE ID：CNCVE-20083364 多个Trend Micro产品处理ObjRemoveCtrl类存在安全问题，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 当通过WEB接口配置产品时OfficeScan Web控制台利用多个ActiveX控件，其中ObjRemoveCtrl类ActiveX控件存在边界错误，可触发基于堆栈的缓冲区溢出，精心构建WEB页，诱使用户访问可导致应用程序权限执行任意指令。 Trend Micro Client Server Messaging Security for...

Buffer overflow

Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2597 and CVE-2008-2599...

CVE-2008-2599

Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2597 and CVE-2008-2598...

USN-612-6: OpenVPN regression

USN-612-3 addressed a weakness in OpenSSL certificate and keys generation in OpenVPN by adding checks for vulnerable certificates and keys to OpenVPN. A regression was introduced in OpenVPN when using TLS, multi-client/server mode, and specifying a user or group which caused OpenVPN to not start...

X.Org X server and Xfont library: Multiple vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description regenrecht reported multiple vulnerabilities in various X server extension via iDefense: The XFree86-Misc extension does not properly sanitize a parameter within a PassMessage request,...

[SECURITY] Fedora 8 Update: mysql-5.0.45-6.fc8

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

CVE-2007-1209

Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...

Design/Logic Flaw

Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...

CVE-2007-0325

CVE-2007-0325 is a remote buffer overflow in Trend Micro OfficeScan’s Web-Deployment SetupINICtrl ActiveX control (OfficeScanSetupINI.dll, SetupINICtrl) used by OfficeScan Web deployment. The flaw affects OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client/Server/Messag...

CVE-2006-6797

The Client Server Run-Time Subsystem CSRSS in Microsoft Windows allows local users to cause a denial of service crash or read arbitrary memory from csrss.exe via crafted arguments to the NtRaiseHardError function with status 0x50000018, a different vulnerability than CVE-2006-6696...

CVE-2006-6696

Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MBSERVICENOTIFICATION message with crafted data, which sends a HardError message to Client/Server Runtime Server Subsystem CSRSS process, which ...

SYMSA-2006-013: Multiple Vulnerabilities in Mandiant First Response

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID: SYMSA-2006-013 Advisory Title: Multiple Vulnerabilities in Mandiant First Response Author: Brian Reilly / [email protected] Release Date: 18-12-2006...

CVE-2006-5585

The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption Vulnerability."...

CVE-2006-5585

The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption Vulnerability."...

EasyCafe 2.12.2 - Security Restriction Bypass

EasyCafe 2.12.2 - Security Restriction Bypass // source: https://www.securityfocus.com/bid/19401/info EasyCafe is prone to a vulnerability that lets attackers bypass security restrictions. This issue occurs because the application fails to prevent an attacker from gaining unauthorized access to a...

EasyCafe 2.1/2.2 - Security Restriction Bypass

// source: https://www.securityfocus.com/bid/19401/info EasyCafe is prone to a vulnerability that lets attackers bypass security restrictions. This issue occurs because the application fails to prevent an attacker from gaining unauthorized access to a client computer. An attacker can exploit this...

Super strong 2 0 0 0 platform Shell ACKcmd Backdoor analysis-vulnerability warning-the black bar safety net

Description -=-=-=-=--= ACKcmd is to provide a Win2000 under remote command Shell is a backdoor, it uses TCP to transfer, but different from the normal TCP connection a three-way handshake, ACKcmd using only TCP ACK packets, so the General case can pass through firewalls and avoid IDS detection...

X Server

This plugin detects X Window servers. X11 is a client - server protocol. Basically, the server is in charge of the screen, and the clients connect to it and send several requests like drawing a window or a menu, and the server sends events back to the clients, such as mouse clicks, key strokes, a...