301 matches found
Mandriva Update for squirrelmail MDVSA-2011:123 (squirrelmail)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Nmap NSE net: sshv1
Checks if an SSH server supports the obsolete and less secure SSH Protocol Version 1. OpenVAS Vulnerability Test $Id: gbnmapsshv1net.nasl 5499 2017-03-06 13:06:09Z teissa $ Autogenerated NSE wrapper Authors: NSE-Script: Brandon Enright NASL-Wrapper: autogenerated Copyright: NSE-Script: The Nmap...
Nmap NSE net: pgsql-brute
Performs password guessing against PostgreSQL. SYNTAX: pgsql.nossl: If set to '1' or 'true', disables SSL. pgsql.version: Force protocol version 2 or 3. passdb: The filename of an alternate password database. userdb: The filename of an alternate username database. unpwdb.passlimit: The maximum...
Default configuration
The default configuration of Terminal in Apple Mac OS X 10.6 before 10.6.7 uses SSH protocol version 1 within the New Remote Connection dialog, which might make it easier for man-in-the-middle attackers to spoof SSH servers by leveraging protocol vulnerabilities...
vnc-info NSE Script
Queries a VNC server for its protocol version and supported security types. Example Usage nmap -sV -sC Script Output PORT STATE SERVICE 5900/tcp open vnc | vnc-info: | Protocol version: 3.889 | Security types: | Mac OS X security type 30 | Mac OS X security type 35 Requires shortport stdnse strin...
pgsql-brute NSE Script
Performs password guessing against PostgreSQL. Script Arguments pgsql.version Force protocol version 2 or 3. pgsql.nossl If set to 1 or true, disables SSL. passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. Example Usage nmap -p 5432...
Intellicom 1.3 - 'NetBiterConfig.exe Hostname' Data Remote Stack Buffer Overflow (PoC)
!/usr/bin/python source: https://www.securityfocus.com/bid/37325/info Intellicom 'NetBiterConfig.exe' is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute...
CVE-2008-5828
Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 MSNP15 is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers by reading the 1 IPv4InternalAddrsAndPorts, 2 IPv4Internal-Addrs, and 3 IPv4Internal-Port header...
sshv1 NSE Script
Checks if an SSH server supports the obsolete and less secure SSH Protocol Version 1. Example Usage nmap -sV -sC Script Output PORT STATE SERVICE 22/tcp open ssh |sshv1: Server supports SSHv1 Requires nmap shortport string local nmap = require "nmap" local shortport = require "shortport" local...
openssl mitm downgrade attack
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...
Debian Security Advisory DSA 1189-1 (openssh-krb5)
The remote host is missing an update to openssh-krb5 announced via advisory DSA 1189-1. Several remote vulnerabilities have been discovered in OpenSSH, a free implementation of the Secure Shell protocol, which may lead to denial of service and potentially the execution of arbitrary code. The Comm...
Debian: Security Advisory (DSA-882-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-875-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2007-5893
CVE-2007-5893 affects the C++ Sockets Library (HTTPSocket.cpp) prior to version 2.2.5. A crafted HTTP request with a missing protocol version number triggers an exception, allowing remote attackers to cause a denial of service (crash). No exploitation details or patch status are provided beyond t...
PostgreSQL Server Detection
The remote service is a PostgreSQL database server, or a derivative such as EnterpriseDB. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid26024; scriptversion"1.25"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/09/24"; scriptnameenglish:"PostgreSQ...
Firebird SQL Fbserver 2.0 - Remote Buffer Overflow
Firebird SQL Fbserver 2.0 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/24436/info Firebird SQL is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary machine code in the context of the affected database server. Failed...
Debian DSA-882-1 : openssl095 - cryptographic weakness
Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer OpenSSL library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0. The following matrix...
Debian DSA-881-1 : openssl096 - cryptographic weakness
Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer OpenSSL library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0. The following matrix...
Debian DSA-888-1 : openssl - cryptographic weakness
Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer OpenSSL library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0. The following matrix...
FreeBSD : openssh -- multiple vulnerabilities (32db37a5-50c3-11db-acf3-000c6ec775d9)
Problem Description The CRC compensation attack detector in the sshd8 daemon, upon receipt of duplicate blocks, uses CPU time cubic in the number of duplicate blocks received. CVE-2006-4924 A race condition exists in a signal handler used by the sshd8 daemon to handle the LoginGraceTime option,...