RedHat Security Advisory RHSA-2009:1139

The remote host is missing updates announced in advisory RHSA-2009:1139. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. The AOL Open System for CommunicAtion in Realtime OSCAR protocol is used by the AOL ICQ and...

Pidgin OSCAR Protocol Denial Of Service Vulnerability (Windows)

This host has installed Pidgin and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbpidginoscardosvulnwin.nasl 4869 2016-12-29 11:01:45Z teissa $ Pidgin OSCAR Protocol Denial Of Service Vulnerability Win Authors: Sharath S Copyright: Copyright c 2009 Greenbone Networ...

finch, libpurple, pidgin security update

CentOS Errata and Security Advisory CESA-2009:1139 Updated pidgin packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pidgin is an instant...

Wireshark CHAP dissector crash

The Check Point High-Availability Protocol CPHAP dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service crash via a crafted FWHAMYSTATE packet...

Asterisk IAX2 - Attacked IAX Fuzzer Resource Exhaustion (Denial of Service)

!/usr/bin/perl -w udp IAX protocol fuzzer Created: Blake Cornell Exploits found with this code can be found at http://www.securityscraper.com/ Released under the VoIPER project Do not hesitate to show enthusiasm and support and help develop this further. use strict; use IO::Socket; use...

Microsoft confirms flaw in WebDAV in IIS

Microsoft has confirmed the reported vulnerability in the WebDAV implementation in IIS 5.0, 5.1 and 6.0, saying that the flaw could be used to bypass the authentication mechanism on the Web server. However, the company said that there are a number of mitigating factors involved and that company...

Mandriva Linux Security Advisory : rsh (MDVSA-2008:191)

A vulnerability in the rcp protocol was discovered that allows a server to instruct a client to write arbitrary files outside of the current directory, which could potentially be a security concern if a user used rcp to copy files from a malicious server CVE-2004-0175. This issue was originally...

CentOS 3 / 4 : net-snmp (CESA-2007:1045)

Updated net-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. Simple Network Management Protocol SNMP is a protocol used for network management. A flaw was discovered in the way net-snmp handled certain requests. A remote attacker who can connect ...

CVE-2009-1268

The Check Point High-Availability Protocol CPHAP dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service crash via a crafted FWHAMYSTATE packet...

Understanding IPSec

This quick tutorial gives you a foundation for understanding the IPSec protocol and how it can be used to secure some online sessions...

Design/Logic Flaw

Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks...

CVE-2008-6564

The CVE-2008-6564 entry describes a vulnerability in the Nortel UNIStim protocol (used in Communication Server 1000 and related products) where predictable sequence numbers enable session hijacking. This could allow remote attackers to hijack sessions by sniffing traffic or brute-forcing sequence...

[SECURITY] Fedora 10 Update: netatalk-2.0.3-23.fc10

This package enables Linux to talk to Macintosh computers via the AppleTalk networking protocol. It includes a daemon to allow Linux to act as a file server over EtherTalk or IP for Mac's...

Check for ident Service

The remote host is running an ident daemon. The Ident Protocol is designed to work as a server daemon, on a user SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

File upload download to the shellcode-exploit warning-the black bar safety net

Author: thorn Due to personal career development reasons, the future may not be in-depth study of this aspect of things, will only as pure Hobbies. I recently have worked on WEB and Browser security, as well as the safety design aspects of work. So in order to let these rot in my hard disk where...

Apache Module mod_rewrite LDAP Protocol Buffer Overflow

This module exploits the modrewrite LDAP protocol scheme handling flaw discovered by Mark Dowd, which produces an off-by-one overflow. Apache versions 1.3.29-36, 2.0.47-58, and 2.2.1-2 are vulnerable. This module requires REWRITEPATH to be set accurately. In addition, the target must have...

CentOS Update for net-snmp CESA-2008:0529 centos3 i386

Check for the Version of net-snmp OpenVAS Vulnerability Test CentOS Update for net-snmp CESA-2008:0529 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Universal Plug and Play (UPnP) Protocol Detection

The remote device answered an SSDP M-SEARCH request. Therefore, it supports 'Universal Plug and Play' UPnP. This protocol provides automatic configuration and device discovery. It is primarily intended for home networks. An attacker could potentially leverage this to discover your network...

Debian Security Advisory DSA 1719-1 (gnutls13)

The remote host is missing an update to gnutls13 announced via advisory DSA 1719-1. OpenVAS Vulnerability Test $Id: deb17191.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1719-1 gnutls13 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

CVE-2009-0418

The IPv6 Neighbor Discovery Protocol NDP implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service loss of connectivity, read private network traffic, and possibly execute...