125 matches found
Nmap NSE 6.01: ftp-brute
Performs brute force password auditing against FTP servers. This uses the standard unpwdb username/password list. However, in tests FTP servers are significantly slower than other servers when responding, so the number of usernames/passwords can be artificially limited using script arguments...
Nmap NSE 6.01: pop3-brute
Tries to log into a POP3 account by guessing usernames and passwords. SYNTAX: userdb: The filename of an alternate username database. pop3loginmethod: The login method to use: ''USER'' default, ''SASL-PLAIN'', ''SASL-LOGIN'', ''SASL-CRAM-MD5'', or ''APOP''. unpwdb.passlimit: The maximum number of...
Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419 Several flaws wer...
SuSE 11.1 Security Update : glibc (SAT Patch Number 4944)
The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters e.g. umlauts. Affected passwords are potentially faster to crack via brute-force methods. CVE-2011-2483 SUSE's crypt implementation supports the blowfish password hashing...
SuSE Update for glibc,pam-modules,libxcrypt,pwdutils SUSE-SA:2011:035
Check for the Version of glibc,pam-modules,libxcrypt,pwdutils OpenVAS Vulnerability Test SuSE Update for glibc,pam-modules,libxcrypt,pwdutils SUSE-SA:2011:035 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free softwar...
Nmap NSE net: smtp-enum-users
Attempts to enumerate the users on a SMTP server by issuing the VRFY, EXPN or RCPT TO commands. The goal of this script is to discover all the user accounts in the remote system. The script will output the list of user names that were found. The script will stop querying the SMTP server if...
Nmap NSE net: domino-enum-users
Attempts to discover valid IBM Lotus Domino users and download their ID files by exploiting the CVE-2006-5835 vulnerability. SYNTAX: userdb: The filename of an alternate username database. domino-id.username: the name of the user from which to retrieve the ID. If this parameter is not specified,...
Nmap NSE net: ldap-brute
Attempts to brute-force LDAP authentication. By default it uses the built-in username and password lists. In order to use your own lists use the 'userdb' and 'passdb' script arguments. This script does not make any attempt to prevent account lockout! If the number of passwords in the dictionary...
Nmap NSE net: mysql-brute
Performs password guessing against MySQL SYNTAX: userdb: The filename of an alternate username database. unpwdb.passlimit: The maximum number of passwords 'passwords' will return default unlimited. passdb: The filename of an alternate password database. unpwdb.userlimit: The maximum number of...
Nmap NSE net: ftp-brute
Tries to get FTP login credentials by guessing usernames and passwords. This uses the standard unpwdb username/password list. However, in tests FTP servers are significantly slower than other servers when responding, so the number of usernames/passwords can be artificially limited using script...
Nmap NSE net: ms-sql-brute
Performs password guessing against Microsoft SQL Server ms-sql. SYNTAX: userdb: The filename of an alternate username database. passdb: The filename of an alternate password database. mssql.timeout: How long to wait for SQL responses. This is a number followed by 'ms' for milliseconds, 's' for...
Nmap NSE net: telnet-brute
Tries to get Telnet login credentials by guessing usernames and passwords. SYNTAX: userdb: The filename of an alternate username database. unpwdb.passlimit: The maximum number of passwords 'passwords' will return default unlimited. passdb: The filename of an alternate password database...
Nmap NSE net: pop3-brute
Tries to log into a POP3 account by guessing usernames and passwords. SYNTAX: userdb: The filename of an alternate username database. pop3loginmethod: The login method to use: ''USER'' default, ''SASL-PLAIN'', ''SASL-LOGIN'', ''SASL-CRAM-MD5'', or ''APOP''. unpwdb.passlimit: The maximum number of...
Nmap NSE net: netbus-brute
Performs brute force password auditing against the Netbus backdoor 'remote administration' service. SYNTAX: userdb: The filename of an alternate username database. unpwdb.passlimit: The maximum number of passwords 'passwords' will return default unlimited. passdb: The filename of an alternate...
Gentoo Security Advisory GLSA 200404-21 (samba)
The remote host is missing updates announced in advisory GLSA 200404-21. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
firefox security update
CentOS Errata and Security Advisory CESA-2008:0103 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open sour...
CVE-2007-0155
HarikaOnline 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for harikaonline.mdb...
CVE-2007-0151
CVE-2007-0151 affects MitiSoft. The issue is insufficient access control that allows remote attackers to download the database (access_MS/MitiSoft.mdb) by direct request from the web root. The NVD/NIST description specifies a high-severity impact (base score 7.5) with partial confidentiality, int...
CVE-2007-0090
CVE-2007-0090 concerns WineGlass, where sensitive information is stored under the web root with insufficient access control. The issue enables remote attackers to download a database containing passwords by requesting the file path db/data.mdb directly. The vulnerability impacts the confidentiali...
CVE-2005-2713
CVE-2005-2713 concerns local privilege escalation in Mac OS X. The iDefense advisory details two related issues in the /usr/bin/passwd binary on affected builds (Mac OS X 10.3.9 and 10.4.5; server variants also mentioned): first, passwd accepts a password database option and does not verify write...