Code injection

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 131853...

PowerShell Detection (Linux/Unix SSH Login)

SSH login-based detection of PowerShell. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.812746";...

GNU Bash Detection (Linux/Unix SSH Login)

Detects the installed version of GNU bash. The script logs in via SSH, searches for the executable SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Authenticated Scan / LSC Info Consolidation (Linux/Unix SSH Login)

Consolidation and reporting of various technical information about authenticated scans / local security checks LSC via SSH for Linux/Unix targets. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

IBM Websphere MQ Detection (Linux/Unix SSH Login)

This script search for SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.811904";...

CVE-2017-1451

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 includes DB2 Connect Server could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178...

Local Elevation of Privilege Vulnerability in Multiple IBM DB2 Products

IBM DB2 and DB2 Connect Server for Linux, UNIX, and Windows are database products for Linux, UNIX, and Windows platforms from IBM, U.S.A. DB2 is a relational database management system for use in large application environments.DB2 Connect Server is a DB2 Connect Server is a mainframe database...

Local elevation of privilege vulnerability in multiple IBM DB2 products (CNVD-2017-32877)

IBM DB2 and DB2 Connect Server for Linux, UNIX, and Windows are database products for Linux, UNIX, and Windows platforms from IBM Corporation, U.S.A. DB2 is a relational database management system for use in large application environments.DB2 Connect Server is a DB2 Connect Server is a mainframe...

The Ultimate Hosts Blacklist

The Ultimate hosts file for protecting your computer or device against over a million bad web sites. Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware. A hosts file for use on any operating system t...

AWS Auditing & Hardening Tool: Zeus

Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access...

CVE-2017-1297

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 includes DB2 Connect Server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159...

Read Asset Identification Tag on scanned host (Linux/Unix SSH Login)

This routine reads the Greenbone Asset Identifier of a system, provided it is a unixoid system offering SSH access. By default, this routine is disabled even it is selected to run. To activate it, it needs to be explicitly enabled with its corresponding preference switch. The file is named asset....

Apache Struts Detection for Linux / UNIX

Binary data strutsdetectnix.nbin...

kernel: Stack corruption while reading /proc/keys when gcc stack protector is enabled

It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks...

CVE-2017-6516

A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. This...

Adobe Flash Player Within Google Chrome Detection (Linux/Unix SSH Login)

SSH login-based detection of Adobe Flash Player within Google Chrome. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 25 Update: dovecot-2.2.27-1.fc25

Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages...

CVE-2016-2946

Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring ITM 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors...

GNU Bourne-Again Shell (Bash) 'Shellshock' - Lenovo Support US

No description provided...

Flexera InstallAnywhere Detection (Linux/Unix SSH Login)

Detects the installed version of Flexera InstallAnywhere on Linux. The script logs in via ssh, searches for executable and queries the version from SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...