Korgo worm detection

The remote host is probably infected with Korgo worm. It propagates by exploiting the LSASS vulnerability on TCP port 445 as described in Microsoft Security Bulletin MS04-011 and opens a backdoor on TCP ports 113 and 3067. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might b...

SQL Server Cleartext 'probe' Account 'probe' Password Attempted Login (deprecated)

Binary data 1116.prm...

SQL Server Cleartext 'probe' Account 'password' Password Authentication (deprecated)

Binary data 1129.prm...

SQL Server Cleartext 'probe' Account 'probe' Password Authentication (deprecated)

Binary data 1128.prm...

CVE-2004-1346

The Sun Solaris Volume Manager SVM on Solaris 9 allows local users to cause a denial of service kernel panic via a malformed probe request to the SVM...

BAZARR FAREWELL

/ traceroute local root advisory / / by: bazarr / / [email protected] / / bazarr episode / ------------------ PREFACE its me bazarr. i dont use ziplip anymore. resend any emails sent to bazarr@ziplip to [email protected] if i dident respond to them. this is a local root vulnerability in the...

LaBrea Tarpitted Host Detection

This script performs a Labrea tarpit scan, by sending a bogus ACK and ACK-windowprobe to a potential host. It also sends a TCP SYN to test for non-persisting labrea machines. This script was written by John [email protected] See the Nessus Scripts License for details include"compat.inc...

Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing

/ source: https://www.securityfocus.com/bid/580/info Certain Linux kernels in the 2.0.3x range are susceptible to blind TCP spoofing attacks due to the way that the kernel handles invalid ack sequence numbers, and the way it assigns IDs to outgoing IP datagrams. For this vulnerability to be...

Update Rollup 3 for System Center 2022 Operations Manager

None None...