308 matches found
CVE-2012-5875
Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service NULL pointer dereference via a 1 crafted Connection HTTP header; a return carriage control character in the 2 Accept Language header, 3 User-agent header, 4 Host header, or 5 protocol version; or a 6 crafted HTTP...
CVE-2012-5875
Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service NULL pointer dereference via a 1 crafted Connection HTTP header; a return carriage control character in the 2 Accept Language header, 3 User-agent header, 4 Host header, or 5 protocol version; or a 6 crafted HTTP...
UBUNTU-CVE-2012-5875
Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service NULL pointer dereference via a 1 crafted Connection HTTP header; a return carriage control character in the 2 Accept Language header, 3 User-agent header, 4 Host header, or 5 protocol version; or a 6 crafted HTTP...
Flaw in Oracle Logon Protocol Leads to Easy Password Cracking
There is a serious vulnerability in the authentication protocol used by some Oracle databases, a flaw that could enable a remote attacker to brute-force a token provided by the server prior to authentication and determine a user’s password. The attacker could then log on as an authenticated user...
Distributed Network Protocol v3 'Stop Application' Alert (SCADA) (deprecated)
Binary data 6250.prm...
vuze-dht-info NSE Script
Retrieves some basic information, including protocol version from a Vuze filesharing node. As Vuze doesn't have a default port for its DHT service, this script has some difficulties in determining when to run. Most scripts are triggered by either a default port or a fingerprinted service. To get...
SSH SSH-1 Protocol Authentication Bypass Vulnerability
The host is running SSH and is prone to authentication bypass vulnerability. OpenVAS Vulnerability Test $Id: gbsshauthenticationbypassvuln.nasl 7015 2017-08-28 11:51:24Z teissa $ SSH SSH-1 Protocol Authentication Bypass Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2011 Greenbone...
Mandriva Update for squirrelmail MDVSA-2011:123 (squirrelmail)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Nmap NSE net: pgsql-brute
Performs password guessing against PostgreSQL. SYNTAX: pgsql.nossl: If set to '1' or 'true', disables SSL. pgsql.version: Force protocol version 2 or 3. passdb: The filename of an alternate password database. userdb: The filename of an alternate username database. unpwdb.passlimit: The maximum...
Nmap NSE net: sshv1
Checks if an SSH server supports the obsolete and less secure SSH Protocol Version 1. OpenVAS Vulnerability Test $Id: gbnmapsshv1net.nasl 5499 2017-03-06 13:06:09Z teissa $ Autogenerated NSE wrapper Authors: NSE-Script: Brandon Enright NASL-Wrapper: autogenerated Copyright: NSE-Script: The Nmap...
Default configuration
The default configuration of Terminal in Apple Mac OS X 10.6 before 10.6.7 uses SSH protocol version 1 within the New Remote Connection dialog, which might make it easier for man-in-the-middle attackers to spoof SSH servers by leveraging protocol vulnerabilities...
vnc-info NSE Script
Queries a VNC server for its protocol version and supported security types. Example Usage nmap -sV -sC Script Output PORT STATE SERVICE 5900/tcp open vnc | vnc-info: | Protocol version: 3.889 | Security types: | Mac OS X security type 30 | Mac OS X security type 35 Requires shortport stdnse strin...
pgsql-brute NSE Script
Performs password guessing against PostgreSQL. Script Arguments pgsql.version Force protocol version 2 or 3. pgsql.nossl If set to 1 or true, disables SSL. passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. Example Usage nmap -p 5432...
Intellicom 1.3 - 'NetBiterConfig.exe Hostname' Data Remote Stack Buffer Overflow (PoC)
!/usr/bin/python source: https://www.securityfocus.com/bid/37325/info Intellicom 'NetBiterConfig.exe' is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute...
CVE-2008-5828
Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 MSNP15 is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers by reading the 1 IPv4InternalAddrsAndPorts, 2 IPv4Internal-Addrs, and 3 IPv4Internal-Port header...
sshv1 NSE Script
Checks if an SSH server supports the obsolete and less secure SSH Protocol Version 1. Example Usage nmap -sV -sC Script Output PORT STATE SERVICE 22/tcp open ssh |sshv1: Server supports SSHv1 Requires nmap shortport string local nmap = require "nmap" local shortport = require "shortport" local...
openssl mitm downgrade attack
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
Debian: Security Advisory (DSA-875-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-882-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1189-1 (openssh-krb5)
The remote host is missing an update to openssh-krb5 announced via advisory DSA 1189-1. Several remote vulnerabilities have been discovered in OpenSSH, a free implementation of the Secure Shell protocol, which may lead to denial of service and potentially the execution of arbitrary code. The Comm...