9551 matches found
TCP/IP Predictable ISN (Initial Sequence Number) Generation Weakness
The remote host has predictable TCP sequence numbers. An attacker may use this flaw to establish spoofed TCP connections to this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10443; scriptversion"1.31"; scriptcvsdate"Date: 2019/03/06 18:38:55"; scriptcveid...
TYPO3 < 3.5.0 Multiple Vulnerabilities
The remote host is running an old version of TYPO3. An attacker can use it to read arbitrary files and execute arbitrary commands on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. From: Martin Eiszner To: [email protected] Subject: typo3 issues Message-Id:...
PHP-Nuke Detection
The remote host is running a copy of PHP-Nuke. Given the insecurity history of this package, the Nessus team recommends that you do not use it but use something else instead, as security was clearly not in the mind of the persons who wrote it. The author of PHP-Nuke Francisco Burzi even started t...
CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing
CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing source: https://www.securityfocus.com/bid/6630/info It has been reported that OPT accepts the values supplied supplied by users in HTTP headers as the originating IP address of a request. It is possible for a remote host to supply...
CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing
source: https://www.securityfocus.com/bid/6630/info It has been reported that OPT accepts the values supplied supplied by users in HTTP headers as the originating IP address of a request. It is possible for a remote host to supply a fake IP address in one of these environment variables that would...
SNMP Agent Default Community Name (public)
It is possible to obtain the default community name of the remote SNMP server. An attacker may use this information to gain more knowledge about the remote host, or to change the configuration of the remote system if the default community allows such modifications. C Tenable Network Security, Inc...
Unknown Service Detection: Banner Retrieval
Nessus was unable to identify a service on the remote host even though it returned a banner of some type. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11154; scriptversion"1.69"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/07/26";...
TFTP Server DoS
Product: TFTP Server 2002 Standard Edition Authors: SolarWinds www.SolarWinds.net Vulnerable versions: v.5.0.55 and bellow Vulnerability: buffer overflow Bug&exploit by D4rkGr3y www.dhgroup.org Overview-------------------------------------------------------------- From TFTP Server help: "Many...
MS02-050: Certificate Validation Flaw Could Enable Identity Spoofing (328145)
The remote host contains a version of the CryptoAPI that could allow an attacker to spoof the identity of another user with malformed SSL certificates. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11145; scriptversion"1.49"; scriptcvsdate"Date: 2018/11/15 20:50:29"...
MS02-048: Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (323172)
The remote host contains a version of the Certificate Enrollment control that may allow an attacker to delete certificates. To exploit this vulnerability an attacker must create a rogue web server with SSL and lure the user to visit this site. C Tenable Network Security, Inc. include"compat.inc";...
MS02-055: Unchecked Buffer in Windows Help Facility Could Enable Code Execution (323255)
The remote host contains a version of the HTML Helpfacility ActiveX control module that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and enticing a victim to visit it. C Tenable Network Security, Inc. include"compat.inc"; if description...
Viralator CGI Script Arbitrary Command Execution
The CGI 'viralator.cgi' is installed. Some versions of this CGI are don't check properly the user input and allow anyone to execute arbitrary commands with the privileges of the web server. No flaw was tested. Your script might be a safe version. %NASLMINLEVEL 70300 C Tenable Network Security, In...
AppSocket Half-open Connection Remote DoS
It seems that it is possible to lock out your printer from the network by opening a few connections and keeping them open. Note that the AppSocket protocol is so crude that Nessus cannot check if it is really running behind this port. C Tenable Network Security, Inc. include"compat.inc"; if...
PHP < 4.2.x mail Function CRLF Injection
The remote host is running a version of PHP earlier than 4.2.2. The new POST handling system in PHP 4.2.0 and 4.2.1 has a bug which allows an attacker to disable the remote server or to compromise it. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Script audit and contributions from...
Resin MS-DOS Device Request Path Disclosure
Resin will reveal the physical path of the webroot when asked for a special DOS device, e.g. lpt9.xtp An attacker may use this flaw to gain further knowledge about the remote filesystem layout. C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Erik Anderson...
Alcatel PABX 4400 Detection
The remote host is an Alcatel PABX 4400. This device can be configured thru the serial port or using this port. Outsiders should not be able to connect to this device. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11019; scriptversion "1.14"; scriptcvsdate"Date:...
eDonkey Detection
The remote host appears to be running eDonkey or one of its variants, which is commonly used for sharing music, films, and software. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid11022; scriptversion"1.30";...
SNMP Request Cisco Router Information Disclosure
It is possible to determine the model of the remote CISCO system by sending SNMP requests with the OID 1.3.6.1.4.1.9.1. An attacker may use this information to gain more knowledge about the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
LocalWeb2000 2.1.0 Multiple Remote Vulnerabilities
The remote host is running LocalWeb2000. Version 2.1.0 of LocalWeb2000 allows an attacker to view protected files on the host's computer. It may also disclose the NetBIOS name of the remote host when it receives malformed directory requests. This script was created by Jason Lidow The vulnerabilit...
Gnutella Servent Detection
The remote host is running a Gnutella 'servent', a P2P file sharing application. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; ifdescription scriptid10946; scriptversion"1.34"; scriptsetattributeattribute:"pluginmodificationdate",...