3905 matches found
Apple Releases Security Update 2010-005
Apple has released security update 2010-005 to address multiple vulnerabilities affecting the ATS, CFNetwork, ClamAV, CoreGraphics, libsecurity, PHP, and Samba applications. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, cause a...
Read /etc/nsswitch.conf and /etc/hosts
This plugin uses ssh to Read /etc/nsswitch.conf and /etc/hosts. OpenVAS Vulnerability Test $Id: GSHBSSHnsswitch.nasl 7067 2017-09-06 11:50:33Z teissa $ Read /etc/nsswitch.conf and /etc/hosts. Authors: Thomas Rotter Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This...
Read /etc/nsswitch.conf and /etc/hosts
This plugin uses ssh to Read /etc/nsswitch.conf and /etc/hosts. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-1224
main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow...
DEBIAN-CVE-2010-1224
main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow...
CVE-2010-1224
main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow...
Mac OS X Ransomware 'A Matter of Time'
In need of a fresh example that cybercriminals are actively looking for ways to monetize infected Mac OS X hosts? Early-stage discussions at several web forums, including a PoC proof of concept, source code included Mac OS X blocker as well as potential GUIs for the ransomware, offer an insight...
[SECURITY] Fedora 11 Update: puppet-0.25.4-1.fc11
Puppet lets you centrally manage every important aspect of your system usin g a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, an...
Algorithm Stops Local Scanning Worms
Researchers at Penn State University have developed an algorithm that defends against the spread of local scanning worms that search for hosts in “local” spaces within networks or sub-networks. This strategy allows them access to hosts that are clustered, which means once they infect one host, th...
dns-service-discovery NSE Script
Attempts to discover target hosts' services using the DNS Service Discovery protocol. The script first sends a query for services.dns-sd.udp.local to get a list of services. It then sends a followup query for each one to try to get more information. Script Arguments max-newtargets, newtargets See...
ARP Sweep Local Network Discovery
Enumerate alive Hosts in local network using ARP requests. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ARP Sweep Local Network Discovery', 'Description' = %q Enumerate alive Hosts in local...
Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update
An updated rhev-hypervisor package that fixes security issues and several bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The rhev-hypervisor package provides a Red Hat Enterprise Virtualization RHEV Hypervisor ISO disk...
Multiple Vendor AntiVirus Extended ASCII Filename Scan Bypass
Anti-Virus AV scanner software is provided by numerous vendors to enable the detection of the transfer or existence of known malicious software. There are two main scanning strategies implemented by most AV scanners - on-demand and on-access scanning. On-demand scanning occurs when a user...
Gumblar: New Generation of Self-Building Botnets
We’ve been looking at the infrastructure of the Gumblar malware and found some curious facts on how Gumblar operates which we would like to share to make hosting owners aware of the Gumblar threat. Analysis of some infected websites showed that the only way to inject the infection of Gumblar was ...
Ubuntu USN-843-1 (backuppc)
The remote host is missing an update to backuppc announced via advisory USN-843-1. OpenVAS Vulnerability Test $Id: ubuntu8431.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8431.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-843-1 backuppc Authors: Thomas...
SuSE 11 Security Update : PHP5 (SAT Patch Number 666)
php 5.1.9 fixes among other things some security issues : - Missing bounds checks of an error in the imageRotate function of the gd extension potentially allowed attackers to read portions of memory. CVE-2008-5498 - the mbstring.funcoverload in .htaccess was applied to other virtual hosts on th...
SuSE9 Security Update : MySQL (YOU Patch Number 12456)
This update is provided as RPM packages that can easily be installed onto a running system by using the YaST online update module. - the COMCREATEDB and COMDROPDB suffered from format string vulnerabilities. CVE-2009-2446 - the command line client was prone to cross-site scripting XSS attacks...
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-593)
php 5.1.9 fixes among other things some security issues : - Missing bounds checks of an error in the imageRotate function of the gd extension potentially allowed attackers to read portions of memory CVE-2008-5498. - the mbstring.funcoverload in .htaccess was applied to other virtual hosts on th...
NSClient Default Password
The remote host is running an instance of NSClient, an addon for Nagios used to monitor Windows hosts, configured using a default password. Anyone can connect to it and retrieve sensitive information, such as process and service states, memory usage, etc. C Tenable Network Security, Inc...
Leap CMS service detection
The remote host is running the Leap CMS. Leap is a single file, template independent, PHP and MySQL Content Management System. OpenVAS Vulnerability Test $Id: remote-detect-LeapCMS.nasl 8022 2017-12-07 08:23:28Z teissa $ Description: This script ensure that the Leap CMS is installed and running...