543 matches found
CVE-2006-6450
Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management ZPM before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the 1 agentid and 2 pass parameters...
CVE-2006-6450
Concrete details found: PatchLink Update Server (basis for Novell ZENworks Patch Management) is affected by CVE-2006-6450. The vulnerability lies in dagent/downloadreport.asp where unsanitized input for the parameters agentid and pass is used to construct SQL queries. This allows an unauthenticat...
Solaris 8 (x86) : 109737-13
SunScreen 3.1 LITE Intel miscellaneous fixes Solarisx86. Date this patch was last updated by Sun : Sep/02/04 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
PatchLink Update Server nwupload.asp Traversal Arbitrary File Write
The remote host is running PatchLink Update Server, a patch and vulnerability management solution. The version of PatchLink Update Server installed on the remote fails to sanitize input to the '/dagent/nwupload.asp' script of directory traversal sequences and does not require authentication befor...
PatchLink Update Server checkprofile.asp checkid Parameter SQL Injection
The remote host is running PatchLink Update Server, a patch and vulnerability management solution. The version of PatchLink Update Server installed on the remote host fails to sanitize user-supplied input to the 'agentid' parameter of the '/dagent/checkprofile.php' script before using it to...
Multiple PatchLink Update Server patch management solution vulnerabilities
No description provided...
CVE-2005-3315
Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the 1 Direction parameter to computers/default.asp, and the 2 SearchText, 3 StatusFilter, and 4 computerFilter parameters to...
CVE-2005-3315
CVE-2005-3315 affects Novell ZENworks Patch Management 6.x up to 6.2.2.181. The issue is multiple SQL injection vulnerabilities triggered by requests to reports/default.asp and computers/default.asp, enabling execution of arbitrary SQL commands. The Checkpoint Advisory (CPA I) description states ...
CVE-2005-3315
Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the 1 Direction parameter to computers/default.asp, and the 2 SearchText, 3 StatusFilter, and 4 computerFilter parameters to...
Novell ZENworks Patch Management Server SQL injection
No description provided...
[CIRT.DK] - Novell ZENworks Patch Management Server 6.0.0.52 - SQL injection
The Novell ZENworks Patch Management Server 6.0.0.52 is vulnerable to SQL injection in the management console. To being able to exploit this issue the administrator have to manually created a none-privileged account as minimum, to allow exploitation. Fix: Upgrade to ZENworks Patch Management...
Novell ZENworks Patch Management 6.0.52 - '/computers/default.asp?Direction' SQL Injection
source: https://www.securityfocus.com/bid/15220/info ZENworks Patch Management is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in ...
Novell ZENworks Patch Management 6.0.52 - '/reports/default.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/15220/info ZENworks Patch Management is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in ...
Novell ZENworks Patch Management 6.0.52 - computersdefault.asp?Direction SQL Injection
Novell ZENworks Patch Management 6.0.52 - computersdefault.asp?Direction SQL Injection source: https://www.securityfocus.com/bid/15220/info ZENworks Patch Management is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...
Novell ZENworks Patch Management 6.0.52 - reportsdefault.asp Multiple SQL Injections
Novell ZENworks Patch Management 6.0.52 - reportsdefault.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/15220/info ZENworks Patch Management is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...
Patchlink Detection
This script uses Windows credentials to detect whether the remote host is running Patchlink and extracts the version number if so. Patchlink is a fully Internet-based, automated, cross-platform, security patch management system. Josh Zlatin-Amishav josh at ramat dot cc GPLv2 Tenable grants a...
Nessus Scan Information
This plugin displays, for each tested host, information about the scan itself : - The version of the plugin set. - The type of scanner Nessus or Nessus Home. - The version of the Nessus Engine. - The port scanners used. - The port range scanned. - The ping round trip time - Whether credentialed o...
Checkpoint Firewall-1 NG Patch Level FP3 Detection
Binary data 2912.prm...
[Hat-Squad] GFI L.N.S.S 5.0 Insecure Credential Storage
February 28, 2005 Hat-Squad Advisory: GFI L.N.S.S 5.0- Insecure Credential Storage Product: GFI Languard Network Security Scanner Vendor Url: http://gfi.com/ Version: 5.0 Vulnerability: Insecure Credential Storage Release Date: February 28, 2005 Vendor Status: Informed on 22 February 2005 Respons...
CVE-2004-2091
Microsoft Baseline Security Analyzer MBSA 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security...