7678 matches found
Fedora Update for ksaneplugin FEDORA-2013-10130
Check for the Version of ksaneplugin OpenVAS Vulnerability Test Fedora Update for ksaneplugin FEDORA-2013-10130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...
Fedora Update for kmix FEDORA-2013-10130
Check for the Version of kmix OpenVAS Vulnerability Test Fedora Update for kmix FEDORA-2013-10130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Fedora Update for kanagram FEDORA-2013-10130
Check for the Version of kanagram OpenVAS Vulnerability Test Fedora Update for kanagram FEDORA-2013-10130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for libksane FEDORA-2013-10130
Check for the Version of libksane OpenVAS Vulnerability Test Fedora Update for libksane FEDORA-2013-10130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
cache_control
This plugin analyzes every HTTPS response and reports instances of incorrect cache control which might lead the users browser to cache sensitive contents on their system. The expected headers for HTTPS responses are: Pragma: No-cache Cache-control: No-store Plugin type Grep Options This plugin...
un_ssl
This plugin verifies that URLs that are available using HTTPS arent available over an insecure HTTP protocol. To detect this, the plugin simply requests "https://abc/a.asp" and "http://abc.asp" and if both are equal, a vulnerability is found. Plugin type Audit Options This plugin doesnt have any...
ssl_certificate
This plugin audits SSL certificate parameters. One configurable parameter exists: minExpireDays CA PEM file path Note: Its only usefull when testing HTTPS sites. Plugin type Audit Options Name | Type | Default Value | Description | Help ---|---|---|---|--- minExpireDays | integer | 30 | Set minim...
Fedora Update for mod_security FEDORA-2013-9518
Check for the Version of modsecurity OpenVAS Vulnerability Test Fedora Update for modsecurity FEDORA-2013-9518 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Veeam Management Pack v6 Required Ports and Permissions
Solution Required Permissions Connection to Virtual Servers VI Object | Required Permissions ---|--- vCenter, ESXi Host | Read-Only1 Host.CIM.CIM Interaction2 Datastore.Browse Datastore3 Datastore.Configure Datastore3 Datastore Cluster.Browse Datastore Cluster3 1 Minimum required permission over...
APPLE-SA-2013-05-16-1 iTunes 11.0.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-05-16-1 iTunes 11.0.3 iTunes 11.0.3 is now available and addresses the following: iTunes Available for: Mac OS X v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: An attacker in a privileged network position may manipulate HTTP...
CVE-2013-1014
Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate...
Code injection
Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate...
CVE-2013-1014
Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate...
CVE-2013-1014
Apple iTunes before 11.0.3 is affected by a certificate validation flaw: it does not properly verify X.509 certificates, allowing a man-in-the-middle to spoof HTTPS servers with an arbitrary valid certificate. The vulnerability concerns iTunes on Windows and macOS platforms; exploitation could en...
Apple iTunes < 11.0.3 Multiple Vulnerabilities (uncredentialed check)
The version of Apple iTunes on the remote host is prior to version 11.0.3. It is, therefore, affected by multiple vulnerabilities : - An error exists related to certificate validation. A man-in-the-middle attacker can exploit this to spoof HTTPS servers, which allows the disclosure of sensitive...
Authentication flaw
Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation WCF endpoint authentication in certain situations involving passwords over HTTPS, which allows remote attackers to bypass authentication by sending queries to an endpoint, aka...
[SECURITY] Fedora 18 Update: curl-7.27.0-10.fc18
curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
CVE-2013-1337
Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation WCF endpoint authentication in certain situations involving passwords over HTTPS, which allows remote attackers to bypass authentication by sending queries to an endpoint, aka...
CVE-2013-1225
Cisco Unified Customer Voice Portal CVP Software before 9.0.1 ES 11 allows remote attackers to read arbitrary files via a Resource Manager 1 HTTP or 2 HTTPS request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, aka...
CVE-2013-1223
The log viewer in Cisco Unified Customer Voice Portal CVP Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via a crafted 1 HTTP or 2 HTTPS request, aka Bug ID CSCub38372...