smb2-time NSE Script

Attempts to obtain the current system date and the start date of a SMB2 server. Script Arguments randomseed, smbbasic, smbport, smbsign See the documentation for the smb library. smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername See the documentation for the smbauth library. Examp...

openwebnet-discovery NSE Script

OpenWebNet is a communications protocol developed by Bticino since 2000. Retrieves device identifying information and number of connected devices. References: Example Usage nmap --script openwebnet-discovery Script Output | openwebnet-discover: | IP Address: 192.168.200.35 | Net Mask: 255.255.255...

CloudFail - Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by CloudFlare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has 3 different attack phases. 1. Misconfigured DNS scan usin...

DEBIAN-CVE-2017-5838

The gstdatetimenewfromiso8601string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via a malformed datetime string...

Heap overflow

The gstdatetimenewfromiso8601string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via a malformed datetime string...

UBUNTU-CVE-2017-5838

The gstdatetimenewfromiso8601string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via a malformed datetime string...

CVE-2017-5838

The gstdatetimenewfromiso8601string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via a malformed datetime string...

CVE-2017-5838

The gstdatetimenewfromiso8601string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via a malformed datetime string...

myhomes.co.in XSS vulnerability

Vulnerable URL: http://myhomes.co.in/newtrailer1.php?id=1'" Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 09:50 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| N...

Command Execution Vulnerability in the datetime Parameter of the Mixcall Seat Management System

Mixcall seat management system is based on B/S architecture, the management personnel can directly log into the Mixcall seat management center through the computer, and view the detailed situation related to the seat personnel's voice services. A command execution vulnerability exists in the...

Vivaldi 1.4.589.11 DLL Hijacking

Exploit Title: Vivaldi browser DLL Hijacking Author: Ashiyane Digital Security Team Vendor Homepage: https://vivaldi.com/ software link: https://downloads.vivaldi.com/stable/Vivaldi.1.4.589.11.exe Tested on:Windows 7 Date: 13-09-2016...

CVE-2016-7129

The phpwddxprocessdata function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddxdeserialize call that...

Code injection

The phpwddxprocessdata function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddxdeserialize call that...

CVE-2016-7129

The phpwddxprocessdata function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddxdeserialize call that...

CVE-2016-7129

The phpwddxprocessdata function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddxdeserialize call that...

The vulnerability of the PHP interpreter, which allows a remote attacker to execute arbitrary code

The multiple vulnerabilities of the PHP interpreter are located in the ext/date/phpdate.c component. These vulnerabilities involve the use of memory after it has been freed. As a result of exploiting these vulnerabilities by a malicious actor operating remotely, arbitrary code can be executed usi...

rusers NSE Script

Connects to rusersd RPC service and retrieves a list of logged-in users. Script Arguments mount.version, nfs.version, rpc.protocol See the documentation for the rpc library. Example Usage nmap -sV --script=rusers Script Output | USER ON FROM SINCE IDLE | LOGIN console 2015-11-08T12:03:50 8h55m58s...

smtp-ntlm-info NSE Script

This script enumerates information from remote SMTP services with NTLM authentication enabled. Sending a SMTP NTLM authentication request with null credentials will cause the remote service to respond with a NTLMSSP message disclosing information to include NetBIOS, DNS, and OS build version...

imap-ntlm-info NSE Script

This script enumerates information from remote IMAP services with NTLM authentication enabled. Sending an IMAP NTLM authentication request with null credentials will cause the remote service to respond with a NTLMSSP message disclosing information to include NetBIOS, DNS, and OS build version...

php: use after free vulnerability in unserialize() with DateTimeZone

A use-after-free flaw was found in the unserialize function of PHP's DateTimeZone implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memory...