Lucene search
+L

158 matches found

OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.72 views

PHP3 Physical Path Disclosure Vulnerability

PHP3 will reveal the physical path of the webroot when asked for a non-existent PHP3 file if it is incorrectly configured. Although printing errors to the output is useful for debugging applications, this feature should not be enabled on production servers. OpenVAS Vulnerability Test $Id:...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.12 views

HTTP TRACE

Transparent or reverse HTTP proxies may be implement on some sites. OpenVAS Vulnerability Test $Id: httptrace.nasl 6768 2017-07-20 08:06:19Z cfischer $ HTTP TRACE Authors: Michel Arboi Copyright: Copyright C 2002 Michel Arboi This program is free software; you can redistribute it and/or modify it...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.11 views

Enterasys Dragon Enterprise Reporting detection

The remote host is running the Enterasys Dragon Enterprise Reporting on this port. OpenVAS Vulnerability Test $Id: enterasysdragonreportingdetect.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Enterasys Dragon Enterprise Reporting detection Authors: David Maciejak Copyright: Copyright C 200...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.14 views

SMTP server accepts us

This script does not perform any security test. It verifies that OpenVAS that connect to the remote SMTP server and that it can send a HELO request. OpenVAS Vulnerability Test $Id: checksmtphelo.nasl 6046 2017-04-28 09:02:54Z teissa $ Description: SMTP server accepts us Authors: Michel Arboi...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.37 views

AOLserver Default Password

The remote web server is running AOL web server AOLserver with the default username and password set. An attacker may use this to gain control of the remote web server. OpenVAS Vulnerability Test $Id: aolserverdefaultpassword.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: AOLserver Default...

4.6CVSS0.3AI score0.0356EPSS
Exploits3
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.11 views

UDDI Detection (HTTP)

The tested Web server seems to be friendly to UDDI requests. The server could be potentially offering web services under some other directory we only tested the web root directory SPDX-FileCopyrightText: 2005 John Lampe Some text descriptions might be excerpted from a referenced sources, and are...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.21 views

QMTP Detection

Checks for the presence of QMTP/QMQP server. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.8 views

Check if the SMTP server accepts us

This script does not perform any security test. It verifies that the scanner is able to connect to the remote SMTP server and that it can send a HELO request. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.13 views

pcAnywhere Service Detection (UDP)

UDP based detection of pcAnywhere. SPDX-FileCopyrightText: 2005 Mathieu Perrin Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10006";...

5.9AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.114 views

HTTP Negative Content-Length DoS Vulnerability

The Savant web server was crashed by sending an invalid GET HTTP request with a negative Content-Length field. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

5CVSS6.7AI score0.06919EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.218 views

Basit CMS 1.0 XSS and SQLi Vulnerabilities - Active Check

Basit CMS is prone to a cross-site scripting XSS and a SQL injection SQLi vulnerability SPDX-FileCopyrightText: 2003 k-otik.com Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

6.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.20 views

Xeneo Web Server %A DoS Vulnerability

It was possible to crash the remote Xeneo web server by requesting a malformed URL ending with /%A or /% SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

5CVSS6.7AI score0.03236EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.169 views

HTTP 1.1 Header Overflow DoS Vulnerability

It was possible to kill the web server by sending an invalid request with a too long HTTP 1.1 header Accept-Encoding, Accept-Language, Accept-Range, Connection, Expect, If-Match, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, TE, Host SPDX-FileCopyrightText: 2002 Michel Arboi Some te...

5CVSS6.7AI score0.03EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.96 views

LiteServe URL Decoding DoS Vulnerability

The remote web server dies when an URL consisting of a long invalid string of % is sent. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.21 views

ServletExec 4.1 / JRun ISAPI DoS

By sending an overly long request for a .jsp file it is possible to crash the remote web server. This problem is known as the ServletExec / JRun ISAPI DoS. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

10CVSS6.8AI score0.50858EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.103 views

HTTP Version Number Overflow DoS Vulnerability

It was possible to kill the web server by sending an invalid GET request with a too long HTTP version field. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.5CVSS6.6AI score0.05651EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.32 views

Check Point SecureRemote (SecuRemote) Information Disclosure Vulnerability - Active Check

The remote host seems to be a Check Point FireWall-1 running SecureRemote SecuRemote. The SecuRemote service contains a vulnerability that allows attackers to gain information about the hosts, networks, and users configured on the Firewall. SPDX-FileCopyrightText: 2001 SecuriTeam Some text...

5CVSS6.7AI score0.08849EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.96 views

Oracle 9i Application Server PORTAL_DEMO ORG_CHART Accessible - Active Check

In installations of Oracle 9i Application Server AS, it is possible to access a demo PORTALDEMO.ORGCHART via modplsql. Access to these pages should be restricted, because it may be possible to abuse this demo for SQL injection attacks. SPDX-FileCopyrightText: 2003 Frank Berger Some text...

7.5CVSS5.6AI score0.01756EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.64 views

GAMSoft TelSrv 1.4/1.5 Overflow

It is possible to crash the remote telnet server by sending a username that is 4550 characters long. SPDX-FileCopyrightText: 2000 Prizm Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS6.7AI score0.50337EPSS
Exploits4References1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.298 views

Abyss httpd DoS

It was possible to kill the web server by sending a MS-DOS device names in an HTTP request. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.2AI score
Exploits0References1
Rows per page
Query Builder