Amazon Linux 2 : rsync (ALAS-2025-2731)

The version of rsync installed on the remote host is prior to 3.1.2-11. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2731 advisory. A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : rsync vulnerabilities (USN-7206-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7206-1 advisory. Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly...

The vulnerability of the MTA email message checking module and the file checksum search module of the FortiSandbox threat detection and removal system allows a perpetrator to execute arbitrary SQL code.

The vulnerability of the MTA email message checking module and the file checksum search module of the FortiSandbox threat detection and removal system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute...

Jenkins does not Verify Checksums for Plugin Files

The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin...

ftcms arbitrary file writing vulnerability

ftcms is a content management system from ftcms. ftcms version 2.1 and previous versions have an arbitrary file write vulnerability, which originates from the lack of valid file checksum in admin/controllers/tp.php and can be exploited by attackers to cause arbitrary file writes...

Input validation

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root...

Microsoft File Checksum Verifier 2.05 DLL Hijacking

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-FILE-CHECKSUM-VERIFIER-v2.05-DLL-HIJACKING-ARBITRARY-CODE-EXECUTION.txt + ISR: Apparition Security Vendor www.microsoft.com Product File Checksum Integrity Verifier...

ZABBIX 1.1x/1.4.x - File Checksum Request Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28244/info ZABBIX is prone to a denial-of-service vulnerability when handling specially crafted requests for file checksums. An attacker can exploit this issue to cause the affected application to stop responding, denying...

Threat Outbreak Alert: Fake Document Attachment Email Messages on September 5, 2013

Medium Alert ID: 30633 First Published: 2013 September 3 18:17 GMT Last Updated: 2013 September 5 16:29 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an attached document for the recipient. The text in the email messag...

Check for File Checksum Violations

Check for File Checksum Violations ATTENTION: This VT is deprecated. Please use the new set of 4 VTs to handle file checksum policies which are to be found in the family SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrigh...

DEBIAN-CVE-2011-3263

zabbixagentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows context-dependent attackers to cause a denial of service CPU consumption by executing the vfs.file.cksum command for a special device, as demonstrated by the /dev/urandom device...

CentOS 5 : aide (CESA-2007:0539)

An updated aide package that fixes various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Advanced Intrusion Detection Environment AIDE is a file integrity checker and intrusion detection...

With GetHashes software get Windows System Hash password value-the value of vulnerability and early warning-the black bar safety net

For an intruder, get the Windows password is the entire attack process is crucial to a ring, have the system the original user password, will enable the network to penetrate and keep control more easily. Windows System Hash password values with LM-HASH and a NTLM-HASH value of the two parts, once...

DEBIAN-CVE-2008-1353

zabbixagentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service CPU and connection consumption via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero...

Zabbix 1.1x/1.4.x - File Checksum Request Denial of Service

source: https://www.securityfocus.com/bid/28244/info ZABBIX is prone to a denial-of-service vulnerability when handling specially crafted requests for file checksums. An attacker can exploit this issue to cause the affected application to stop responding, denying service to legitimate users. echo...

Zabbix (zabbix_agentd) denial of service

Hello, There is some DoS issue with zabbix which can be exploited by a malicious user from an authorized host. ------------------------ An attacker on the authorized host can cause the zabbixagentd to hang, overconsuming CPU resources. This can be triggered by sending the agent a file checksum...

Comodo firewall protection bypass

CRC32 control checksum is used for files protection making in trivial to bypass it...