.NET NegotiateStream Server Detection

The remote server supports Microsoft's .NET NegotiateStream protocol, which provides a lightweight authentication and security mechanism between a client and a server when the client or server needs direct access to the TCP stream. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

CVE-2008-1447

CVE-2008-1447 describes a DNS cache poisoning vulnerability known as the Kaminsky bug, arising from weak randomness in DNS transaction IDs and source ports. It affected BIND 8/9 (many versions) and Microsoft DNS on Windows platforms, enabling remote attackers to spoof DNS responses to recursive r...

Pidgin MSN协议文件名处理拒绝服务漏洞

BUGTRAQ ID: 29956 Pidgin是支持多种协议的即时通讯客户端。 Pidgin的libpurple/protocols/msnp9/slplink.c文件中的msnslplinkprocessmsg函数在处理MSN P2P文件传输请求时存在使用后释放漏洞，如果用户受骗接收了带有特制文件名的文件的话，就会引用之前已经释放的内存，导致拒绝服务。 Pidgin 2.4.1 Pidgin ------ 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://pidgin.im/pidgin/home/ 创建包含有以下字符的文件...

Denial of Service in S.T.A.L.K.E.R. 1.0006

Luigi Auriemma Application: S.T.A.L.K.E.R.: Shadow of Chernobyl http://www.stalker-game.com Versions: = 1.0006 Platforms: Windows Bug: Denial of Service Exploitation: remote Date: 15 Jun 2008 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix...

CentOS 3 / 4 / 5 : net-snmp (CESA-2008:0529)

Updated net-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Simple Network Management Protocol SNMP is a protocol used for network managemen...

[SECURITY] Fedora 9 Update: net-snmp-5.4.1-18.fc9

SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the...

ucd security update

CentOS Errata and Security Advisory CESA-2008:0528-01 Updated ucd-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Simple Network Management Protocol...

CVE-2008-2089

CVE-2008-2089 affects Sun Solaris 10 SCTP protocol implementation, enabling remote denial of service (panic) via a crafted SCTP packet. The connected Nessus entries indicate kernel patches for Solaris 10: 127127-11 (sparc) and 127128-11 (x86) that address this vulnerability. No exploitation detai...

Debian DSA-1563-1 : asterisk - programming error

Joel R. Voss discovered that the IAX2 module of Asterisk, a free software PBX and telephony toolkit performs insufficient validation of IAX2 protocol messages, which may lead to denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

SMF 1.1.4 - Audio CAPTCHA Security Bypass

SMF 1.1.4 - Audio CAPTCHA Security Bypass source: https://www.securityfocus.com/bid/28866/info SMF Simple Machine Forum is prone to a security-bypass vulnerability that occurs in the audio CAPTCHA protocol. Successfully exploiting this issue may allow attackers to send unsolicited spam or perform...

Fedora 7 : centerim-4.22.4-1.fc7.1 (2008-2869)

This update fixes the CVE-2008-1467 security issue by disabling the 'actions' configuration altogether. Furthermore the default web browser is no longer configurable in CenterIM. The links get open in the default web browser configured, using xdg-utils. There won't be any update for centericq. Al...

Fedora 8 : centerim-4.22.4-1.fc8 (2008-2867)

This update fixes the CVE-2008-1467 security issue by disabling the 'actions' configuration altogether. Furthermore the default web browser is no longer configurable in CenterIM. The links get open in the default web browser configured, using xdg-utils. This release adds support for new versions ...

CUPS gif_read_lzw()函数GIF文件处理缓冲区溢出漏洞

BUGTRAQ ID: 28544 CVECAN ID: CVE-2008-1373 Common Unix Printing System CUPS是一款通用Unix打印系统，是Unix环境下的跨平台打印解决方案，基于Internet打印协议，提供大多数PostScript和raster打印机服务。 CUPS处理畸形格式的GIF文件时存在漏洞，远程攻击者可能利用此漏洞控制服务器。 CUPS打印系统所使用的GIF解析代码直接从GIF图形中读取了codesize值，且没有经过验证便用于初始化gifreadlzw中的表格数组，这可能导致静态溢出。...

RHEL 4 : krb5 (RHSA-2008:0180)

Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authentica...

IPS-1 Protocol and Protocol Subsystems Configuration Changes

Seven IPS-1 protocol and protocol subsystems have undergone configuration changes...

Debian Security Advisory DSA 717-1 (lsh-utils)

The remote host is missing an update to lsh-utils announced via advisory DSA 717-1. OpenVAS Vulnerability Test $Id: deb7171.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 717-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 1257-1 (samba)

The remote host is missing an update to samba announced via advisory DSA 1257-1. Several remote vulnerabilities have been discovered in samba, a free implementation of the SMB/CIFS protocol, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and...

Debian: Security Advisory (DSA-1276-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-717-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1257-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...