Lucene search
K

9551 matches found

Tenable Nessus
Tenable Nessus
added 2003/03/03 12:0 a.m.1509 views

TCP/IP Predictable ISN (Initial Sequence Number) Generation Weakness

The remote host has predictable TCP sequence numbers. An attacker may use this flaw to establish spoofed TCP connections to this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10443; scriptversion"1.31"; scriptcvsdate"Date: 2019/03/06 18:38:55"; scriptcveid...

7.5CVSS7.2AI score0.30873EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2003/02/28 12:0 a.m.25 views

TYPO3 < 3.5.0 Multiple Vulnerabilities

The remote host is running an old version of TYPO3. An attacker can use it to read arbitrary files and execute arbitrary commands on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. From: Martin Eiszner To: [email protected] Subject: typo3 issues Message-Id:...

6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/02/17 12:0 a.m.148 views

PHP-Nuke Detection

The remote host is running a copy of PHP-Nuke. Given the insecurity history of this package, the Nessus team recommends that you do not use it but use something else instead, as security was clearly not in the mind of the persons who wrote it. The author of PHP-Nuke Francisco Burzi even started t...

10CVSS5.5AI score0.08245EPSS
Exploits6References11
exploitpack
exploitpack
added 2003/01/16 12:0 a.m.10 views

CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing

CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing source: https://www.securityfocus.com/bid/6630/info It has been reported that OPT accepts the values supplied supplied by users in HTTP headers as the originating IP address of a request. It is possible for a remote host to supply...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2003/01/16 12:0 a.m.23 views

CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing

source: https://www.securityfocus.com/bid/6630/info It has been reported that OPT accepts the values supplied supplied by users in HTTP headers as the originating IP address of a request. It is possible for a remote host to supply a fake IP address in one of these environment variables that would...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/11/25 12:0 a.m.4085 views

SNMP Agent Default Community Name (public)

It is possible to obtain the default community name of the remote SNMP server. An attacker may use this information to gain more knowledge about the remote host, or to change the configuration of the remote system if the default community allows such modifications. C Tenable Network Security, Inc...

7.5CVSS8.1AI score0.27166EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2002/11/18 12:0 a.m.403 views

Unknown Service Detection: Banner Retrieval

Nessus was unable to identify a service on the remote host even though it returned a banner of some type. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11154; scriptversion"1.69"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/07/26";...

5.5AI score
Exploits0
securityvulns
securityvulns
added 2002/10/25 12:0 a.m.45 views

TFTP Server DoS

Product: TFTP Server 2002 Standard Edition Authors: SolarWinds www.SolarWinds.net Vulnerable versions: v.5.0.55 and bellow Vulnerability: buffer overflow Bug&exploit by D4rkGr3y www.dhgroup.org Overview-------------------------------------------------------------- From TFTP Server help: "Many...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/10/24 12:0 a.m.32 views

MS02-050: Certificate Validation Flaw Could Enable Identity Spoofing (328145)

The remote host contains a version of the CryptoAPI that could allow an attacker to spoof the identity of another user with malformed SSL certificates. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11145; scriptversion"1.49"; scriptcvsdate"Date: 2018/11/15 20:50:29"...

7.5CVSS5.5AI score0.1934EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2002/10/24 12:0 a.m.23 views

MS02-048: Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (323172)

The remote host contains a version of the Certificate Enrollment control that may allow an attacker to delete certificates. To exploit this vulnerability an attacker must create a rogue web server with SSL and lure the user to visit this site. C Tenable Network Security, Inc. include"compat.inc";...

5CVSS5.5AI score0.06498EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2002/10/24 12:0 a.m.38 views

MS02-055: Unchecked Buffer in Windows Help Facility Could Enable Code Execution (323255)

The remote host contains a version of the HTML Helpfacility ActiveX control module that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and enticing a victim to visit it. C Tenable Network Security, Inc. include"compat.inc"; if description...

7.5CVSS6.1AI score0.52422EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2002/08/22 12:0 a.m.35 views

Viralator CGI Script Arbitrary Command Execution

The CGI 'viralator.cgi' is installed. Some versions of this CGI are don't check properly the user input and allow anyone to execute arbitrary commands with the privileges of the web server. No flaw was tested. Your script might be a safe version. %NASLMINLEVEL 70300 C Tenable Network Security, In...

7.5CVSS5.5AI score0.02756EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2002/08/18 12:0 a.m.20 views

AppSocket Half-open Connection Remote DoS

It seems that it is possible to lock out your printer from the network by opening a few connections and keeping them open. Note that the AppSocket protocol is so crude that Nessus cannot check if it is really running behind this port. C Tenable Network Security, Inc. include"compat.inc"; if...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/07/22 12:0 a.m.55 views

PHP < 4.2.x mail Function CRLF Injection

The remote host is running a version of PHP earlier than 4.2.2. The new POST handling system in PHP 4.2.0 and 4.2.1 has a bug which allows an attacker to disable the remote server or to compromise it. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Script audit and contributions from...

7.5CVSS5.6AI score0.03039EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2002/07/17 12:0 a.m.36 views

Resin MS-DOS Device Request Path Disclosure

Resin will reveal the physical path of the webroot when asked for a special DOS device, e.g. lpt9.xtp An attacker may use this flaw to gain further knowledge about the remote filesystem layout. C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Erik Anderson...

5CVSS5.3AI score0.01678EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2002/06/08 12:0 a.m.48 views

Alcatel PABX 4400 Detection

The remote host is an Alcatel PABX 4400. This device can be configured thru the serial port or using this port. Outsiders should not be able to connect to this device. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11019; scriptversion "1.14"; scriptcvsdate"Date:...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2002/06/08 12:0 a.m.32 views

eDonkey Detection

The remote host appears to be running eDonkey or one of its variants, which is commonly used for sharing music, films, and software. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid11022; scriptversion"1.30";...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2002/06/05 12:0 a.m.2435 views

SNMP Request Cisco Router Information Disclosure

It is possible to determine the model of the remote CISCO system by sending SNMP requests with the OID 1.3.6.1.4.1.9.1. An attacker may use this information to gain more knowledge about the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

5.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2002/06/05 12:0 a.m.78 views

LocalWeb2000 2.1.0 Multiple Remote Vulnerabilities

The remote host is running LocalWeb2000. Version 2.1.0 of LocalWeb2000 allows an attacker to view protected files on the host's computer. It may also disclose the NetBIOS name of the remote host when it receives malformed directory requests. This script was created by Jason Lidow The vulnerabilit...

7.5CVSS5.5AI score0.08052EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2002/04/30 12:0 a.m.45 views

Gnutella Servent Detection

The remote host is running a Gnutella 'servent', a P2P file sharing application. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; ifdescription scriptid10946; scriptversion"1.34"; scriptsetattributeattribute:"pluginmodificationdate",...

5.5AI score
Exploits0
Rows per page
Query Builder