15 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-35133
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3,...
PT-2024-25028 · Spin · Spin
Name of the Vulnerable Software and Affected Versions: Spin versions prior to 2.4.3 Description: The issue affects specifically configured Spin applications that use self requests without a specified URL authority, allowing them to be induced to make requests to arbitrary hosts via the Host HTTP...
SUSE CVE-2012-0435
SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984...
Improper access control
Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add or remove client MAC addresses to or from a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself...
Faraday v3.0 - Collaborative Penetration Test and Vulnerability Management Platform
This new version has made major architectural changes to adapt the software to the new challenges of cybersecurity. It focuses on processing large volumes of data and facilitating user interaction with Faraday in their environment. Faraday just got much faster Architecture changes and a new...
Faraday Beta v3.0 - Collaborative Penetration Test and Vulnerability Management Platform
This new version has made major architectural changes to adapt the software to the new challenges of cybersecurity. It focuses on processing large volumes of data and facilitating user interaction with Faraday in their environment. Faraday just got much faster Architecture changes and a new...
Moodle 3.x Bypass Vulnerability (Jan 2018) - Windows
Setting for blocked hosts list can be bypassed with multiple A record hostnames. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Session fixation
In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames...
SNMPwn - An SNMPv3 User Enumerator and Attack tool
SNMPwn is an SNMPv3 user enumerator and attack tool. It is a legitimate security tool designed to be used by security professionals and penetration testers against hosts you have permission to test. It takes advantage of the fact that SNMPv3 systems will respond with "Unknown user name" when an...
Faraday v2.4 - Collaborative Penetration Test and Vulnerability Management Platform
Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...
Design/Logic Flaw
SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984...
DEBIAN-CVE-2013-0722
Stack-based buffer overflow in the scanloadhosts function in ecscan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line...
CVE-2013-0722
Stack-based buffer overflow in the scanloadhosts function in ecscan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line...
Stack overflow
Stack-based buffer overflow in the scanloadhosts function in ecscan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line...
UBUNTU-CVE-2013-0722
Stack-based buffer overflow in the scanloadhosts function in ecscan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line...