Cisco IOS SSH Large Packet CPU Consumption DoS (CSCdw33027)

It is possible to make the remote IOS crash when sending it malformed SSH packets. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11381; scriptversion"1.26"; scriptcveid"CVE-2002-1024"; scriptbugtraqid5114; scriptnameenglish:"Cisco IOS SSH Large Packet CPU Consumption...

MS02-050: Certificate Validation Flaw Could Enable Identity Spoofing (328145)

The remote host contains a version of the CryptoAPI that could allow an attacker to spoof the identity of another user with malformed SSL certificates. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11145; scriptversion"1.49"; scriptcvsdate"Date: 2018/11/15 20:50:29"...

MS02-048: Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (323172)

The remote host contains a version of the Certificate Enrollment control that may allow an attacker to delete certificates. To exploit this vulnerability an attacker must create a rogue web server with SSL and lure the user to visit this site. C Tenable Network Security, Inc. include"compat.inc";...

AOL Instant Messenger 4.8.2790 - Local File Execution

AOL Instant Messenger 4.8.2790 - Local File Execution source: https://www.securityfocus.com/bid/6027/info AOL Instant Messenger AIM is prone to an issue which may allow attackers to execute arbitrary files on the client system. It is possible to send a malicious link which references local files ...

AOL Instant Messenger 4.8.2790 - Local File Execution

source: https://www.securityfocus.com/bid/6027/info AOL Instant Messenger AIM is prone to an issue which may allow attackers to execute arbitrary files on the client system. It is possible to send a malicious link which references local files to a user of the client. When the link is visited, the...

Web Server HTTP Method Handling Remote Overflow

It was possible to kill the web server by sending an invalid request with a long HTTP method field. A remote attacker may exploit this vulnerability to make the web server crash continually or possibly execute arbitrary code. C Tenable Network Security, Inc. Script audit and contributions from...

Cisco IOS tacacs Keyword ACL Bypass (CSCdi36962)

The remote device seems to be vulnerable to a flaw in IOS when the keyword 'tacacs-ds' or 'tacacs' is being used in extended ACLs. This bug can, under very specific circumstances and only with certain IP host implementations, allow unauthorized packets to circumvent a filtering router. This...

Microsoft IIS ASP Redirection Function XSS

The remote host contains an ASP.NET installation that is affected by a cross-site scripting vulnerability. An attacker can exploit this issue to execute arbitrary HTML or script code in a user's browser within the security context of the affected site. %NASLMINLEVEL 70300 C Tenable Network...

(Repost) CwpApi : GetRelativePath() returns invalid paths (security advisory)

ACD Incorporated Security Advisory Project: Comprehensive Web Programming API Synopsis: GetRelativePath in CwpApi.php returns paths outside of the HTTP ServerRoot. Advisory date: January 18, 2002 New version: 1.1.1 1. In Brief: An updated CwpApi release is available which fixes a minor security b...

ZyXEL Router Default Telnet Password Present

The remote host is a ZyXEL router with a default password. An attacker could telnet to it and reconfigure it to lock the owner out and prevent him from using his Internet connection, or create a dial-in user to connect directly to the LAN attached to it. This script was written by Giovanni Fiasch...

TransSoft Broker FTP Server 3.0/4.0/4.7/5.x - CWD Buffer Overflow

source: https://www.securityfocus.com/bid/2851/info Broker is a Windows FTP server from TransSoft. Versions of Broker are vulnerable to a denial of service. A CD or CWD command, argumented by an invalid '. .' dot-space-dot sequence can, if repeatedly issued, create a buffer overflow causing the...

[Security] ntop remote file exploitability

Attachment: pgpM9u4MveNNe.pgp Description: PGP message...

[Security] ntop remote file exploitability

Attachment: pgpRSumQXPlwf.pgp Description: PGP message...

[Security] ntop remote file exploitability

re.Match object; span=1718, 2705, match=!--X-Head-of-Message--\nul\nliemTo/em:...

[Security] Mailman exploitability

Attachment: pgpQWRTbVHFRI.pgp Description: PGP message...

[Security] Mailman exploitability

re.Match object; span=1731, 2749, match=!--X-Head-of-Message--\nul\nliemTo/em:...