16 matches found
EUVD-2018-5309
Malware in sbrugna...
CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure', 'Description' = %q This module sends a query to the port 264/TCP on...
多款 VMware 产品信息泄露漏洞
Vmware vRealize Automation and others are products of Vmware, Inc. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is...
Fedora 30 : libvirt (2019-b2dfb13daf)
CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API bz 1722463, bz 1720115 - CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients bz 1722462, bz 1720114 - CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API bz...
Ping Identity: Internal Hostname disclosure from multiple Apache servers via blank host header method
This vulnerability was due to a general misconfiguration of Apache servers; this is a good example of the importance of "Secure Defaults" in open-source projects. An example of a generic request and response would be: openssl sclient -connect apache.example.com:443 GET apache.example.com/foo...
CVE-2018-2362
A remote unauthenticated attacker, SAP HANA 1.00 and 2.00, could send specially crafted SOAP requests to the SAP Startup Service and disclose information such as the platform's hostname...
openSUSE Security Update : wireshark (openSUSE-SU-2012:1633-1)
This update fixes the following issues for wireshark : - Security update to 1.8.4 : https://www.wireshark.org/docs/relnotes/wireshark-1.8.4.html http://seclists.org/oss-sec/2012/q4/378 CVE-2012-5592 Wireshark 1 pcap-ng hostname disclosure wnpa-sec-2012-30 CVE-2012-5593 Wireshark 2 DoS infinite lo...
CVE-2013-2214
status.cgi in Nagios 4.0 before 4.0 beta4 and 3.x before 3.5.1 does not properly restrict access to certain users that are a contact for a service, which allows remote authenticated users to obtain sensitive information about hostnames via the servicegroup 1 overview, 2 summary, or 3 grid style i...
Wireshark Multiple Dissector Multiple Vulnerabilities - Dec12 (Windows)
This host is installed with Wireshark and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultvulndec12win.nasl 6022 2017-04-25 12:51:04Z teissa $ Wireshark Multiple Dissector Multiple Vulnerabilities - Dec12 Windows Authors: Rachana Shetty Copyright: Copyright c...
Wireshark Multiple Dissector Multiple Vulnerabilities - Dec12 (Mac OS X)
This host is installed with Wireshark and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultvulndec12macosx.nasl 5999 2017-04-21 09:02:32Z teissa $ Wireshark Multiple Dissector Multiple Vulnerabilities - Dec12 Mac OS X Authors: Rachana Shetty Copyright: Copyrigh...
Check Point response to SecuRemote Topology Service Hostname Disclosure
...
tomcat: information disclosure in authentication headers
Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires 1 BASIC or 2 DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the rep...
Microsoft DNS Server Internal Hostname Disclosure Detection
Microsoft DNS server might be prone to an internal hostname disclosure. SPDX-FileCopyrightText: 2009 Tim Brown Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DNS Server hostname.bind Map Hostname Disclosure
It is possible to learn the remote host name by querying the remote DNS server for 'hostname.bind' in the CHAOS domain. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid35371; scriptversion"$Revision: 1.11 $"; scriptcvsdate"$Date: 2011/09/14 15:27:29 $";...
PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability
PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability Description: BEA Plumtree portal is vulnerable to a internal hostname disclosure vulnerability. The internal hostname of the server hosting BEA Plumtree portal is always included at the bottom of every requested HTML page...
WebLogic Crafted GET Request Hostname Disclosure
The remote WebLogic server discloses its NetBIOS host name when it is issued a request generating a redirection. An attacker may use this information to better prepare other attacks against this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...