Solaris 8 (sparc) : 109326-24

SunOS 5.8: libresolv.so.2, in.named and BI. Date this patch was last updated by Sun : Mar/09/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Solaris 8 (x86) : 109148-42

SunOS 5.8x86: linker patch. Date this patch was last updated by Sun : Sep/17/07 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Solaris 2.5.1 (i386) : 108364-02

The remote host is missing Sun Security Patch number 108364-02 CDE 1.0.2x86: libDtSvc Patch. Date this patch was last updated by Sun : Tue Dec 04 04:59:47 MST 2001 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as...

Solaris 9 (sparc) : 112963-35

SunOS 5.9: linker Patch. Date this patch was last updated by Sun : May/28/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Solaris 9 (x86) : 113986-29

SunOS 5.9x86: linker Patch. Date this patch was last updated by Sun : May/28/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Mac OS X Multiple Vulnerabilities (Security Update 2003-12-19)

The remote host is missing Security Update 2003-12-19. This security update includes the following components : - AFP Server - cd9600.util - Directory Services - fetchmail - fsusage - rsync - System Initialization For MacOS X 10.3, it also includes : - ASN.1 Decoding for PKI This update contains...

FreeBSD : SA-04:04.tcp

The remote host is running a version of the FreeBSD kernel which may be vulnerable to a remote denial of service attack when processing many out of sequence TCP packets. C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include"compat.inc"; ifdescription scriptid12589;...

Serv-U SITE CHMOD Command Multiple Vulnerabilities

The remote host is running Serv-U FTP Server. There is a bug in the way the server handles arguments to the SITE CHMOD requests that could allow an attacker to trigger a buffer overflow or corrupt memory in the server and disable it remotely or to potentially execute arbitrary code on the host...

Множество уязвимостей в MailList from BulletScript

Множество уязвимостей в MailList from BulletScript Программа: MailList from BulletScript Сайт производителя: http://jas.da.ru Опасность: Средняя Наличие эксплоита: Да Найдено: MORPFEY Дата: 20.12.2003 Описание: Пароль для получения доступа к панели управления в незашифрованном виде хранится в:...

rsync < 2.5.7 Unspecified Remote Heap Overflow

The remote rsync server is affected by a heap buffer overflow condition when running in server mode. An attacker can exploit this issue to gain a shell on the host and execute arbitrary code. Note that since rsync does not advertise its version number and since there are few details about this fl...

Opera < 7.21 HREF Escaped Character Overflow

The installed version of Opera on the remote host is vulnerable to a buffer overflow in the code that parses HREF tags in the server. To exploit them, an attacker would need to set up a rogue website, then lure a user of this host to visit the site using Opera. The attacker would then be able to...

WinSyslog Long Syslog Message Remote DoS

The remote host is running WinSyslog, an enhanced syslog server for Windows. A vulnerability in the product allows remote attackers to cause the WinSyslog to freeze, which in turn will also freeze the operating system on which the product executes. WinSysLog DoS http://www.winsyslog.com Changes b...

Microsoft SQL Server < 7 Local Privilege Escalation

Based on its version number, the remote host may be vulnerable to a local exploit wherein an authenticated user can obtain and crack SQL usernames and passwords from the registry. An attacker may use this flaw to elevate their privileges on the local database. This alert might be a false positive...

MS03-039: Microsoft Windows RPC DCOM Interface epmapper Pipe Hijack Local Privilege Escalation (824146) (intrusive check)

It is possible to disable the remote RPC DOM interface by sending it a malformed request. The system will need to be rebooted to recover. A remote attacker could exploit this flaw to remotely disable RPC- related programs on this host. If a denial of service attack is successful, a local attacker...

CGIScript.net csNews.cgi Advanced Settings Multiple Parameter Arbitrary File Retrieval

The CSNews.cgi exists on this web server. Some versions of this file are vulnerable to remote exploit. An attacker can submit a specially crafted web form, which can display the 'setup.cgi' file that contains the superuser name and password. %NASLMINLEVEL 70300 This script was written by John...

Crob FTP Server user Field Remote Format String

The version of Crob FTP server running on the remote host has a format string vulnerability when processing the USER command. A remote attacker could exploit this to crash the service, or possibly execute arbitrary code. C Tenable Network Security, Inc. include"compat.inc"; References: Date: 2 Ju...

Microsoft BizTalk Server Multiple Remote Vulnerabilities

The remote host seems to be running Microsoft BizTalk server. There are two flaws in this software that could allow an attacker to issue a SQL insertion attack or to execute arbitrary code on the remote host. Note that Nessus solely relied on the presence of a Biztalk DLL to issue this alert so i...

BEA WebLogic SSIServlet Invocation Source Code Disclosure

BEA WebLogic may be tricked into revealing the source code of JSP scripts by prefixing the path to the .jsp files by /.shtml/ %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script is based on BEAweblogicRevealsourcecode.nasl Script audit and contributions from Carmichael Security Erik...

ScriptLogic Multiple Service Remote Privilege Escalation

The ScriptLogic service is running on this port. There is a flaw in versions up to 4.05 of this service which may allow an attacker to write arbitrary values in the remote registry with administrator privileges, which can be used to gain a shell on this host. Since Nessus was unable to determine...

MDG Web Server 4D GET Request Remote Overflow

It is possible to kill the web server by sending an oversized string of '' as an argument to a GET request. An attacker may exploit this vulnerability to make your web server crash continually or even execute arbitrary code on your system. C Tenable Network Security, Inc. include 'compat.inc' ;...