9551 matches found
AFS Client Version Detection
This detects the AFS client version by connecting to the AFS callback port and processing the buffer received. The client version gives potential attackers additional information about the system they are attacking. Versions and types should be ommited where possible. This script was written by...
OpenSSH < 2.1.1 UseLogin Local Privilege Escalation
According to its banner, the remote host appears to be running OpenSSH version older than 2.1.1. Such versions are reportedly affected by a local privilege esclation vulnerability. If the UseLogin option is enabled, then sshd does not switch to the uid of the user logging in. Instead, sshd relies...
Gauntlet CyberPatrol Content Monitoring System Overflow
The remote host is running Network Associated Gauntlet firewall. The installed version of the software is vulnerable to a buffer overflow. An attacker could exploit this flaw in order to remotely execute arbitrary commands on the affected host. C Tenable Network Security, Inc. include"compat.inc"...
X Server Detection
The remote host is running an X11 server. X11 is a client-server protocol that can be used to display graphical applications running on a given host on a remote client. Since the X11 traffic is not ciphered, it is possible for an attacker to eavesdrop on the connection. C Tenable Network Security...
mstream DDoS Handler Detection
The remote host appears to be running a mstream handler, which is a trojan that can be used to control your system or make it attack another network this is actually called a distributed denial of service attack tool It is very likely that this host has been compromised %NASLMINLEVEL 70300 C...
Shaft Trojan Detection
The remote host appears to be running Shaft, which is a trojan that can be used to control your system or make it attack another network this is actually called a distributed denial of service attack tool. It is very likely that this host has been compromised %NASLMINLEVEL 70300 C Tenable Network...
Axis Storpoint CD Admin Authentication Bypass
The remote host is running Axis StorPoint. It is possible to access the administration interface with a specially crafted URL that contains directory traversal characters. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
SGI InfoSearch infosrch.cgi fname Parameter Arbitrary Command Execution
The remote web server is hosting the 'infosrch.cgi' script. The installed version of this script fails to properly sanitize user- supplied input to the 'fname' variable. An attacker, exploiting this flaw, could execute arbitrary commands on the remote host subject to the privileges of the web...
Trin00 for Windows Trojan Detection
The remote host appears to be running Trin00 for Windows, a trojan that can be used to control your system or make it attack another network this is actually called a distributed denial of service attack tool. It is very likely that this host has been compromised. %NASLMINLEVEL 70300 C Tenable...
SNMP Zero Length UDP Packet Remote DoS
It was possible to crash either the remote host or the firewall in between us and the remote host by sending an UDP packet of null size going to port 161 snmp This flaw may allow an attacker to shut down your network. C Tenable Network Security, Inc. Thanks to Christophe Grenier for pointing this...
Trin00 Trojan Detection
The remote host appears to be running Trin00, a Trojan Horse that can be used to control your system or make it attack another network this is actually called a Distributed Denial Of Service attack tool. It is very likely that this host has been compromised. %NASLMINLEVEL 70300 C Tenable Network...
Stacheldraht Trojan Detection
The remote host is running Stacheldraht, a trojan horse that can be used to control your system or make it attack another network. An ICMP ECHO reply was sent to the remote host with 'gesundheit!' and an ID of 668. The host sent a reply with 'sicken ' and an ID of 669. If Paranoid is enabled, the...
TCP/IP ACK Packet Saturation Remote DoS (stream.c)
It seems it was possible to make the remote server crash using the 'stream' or 'raped' attack. An attacker may use this flaw to shut down this server, thus preventing your network from working properly. C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Erik...
Nortel Contivity HTTP Server cgiproc Special Character DoS
It is possible to crash the remote host by doing the HTTP request : GET /cgi/cgiproc?$ C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10160; scriptversion"1.39"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/09/29"; scriptcveid"CVE-2000-0064";...
HTTP Server Type and Version
This plugin attempts to determine the type and the version of the remote web server. Copyright 2000 by Hendrik Scholz @@NOTE: The output of this plugin should not be changed Changes by Tenable: - Revised plugin title 10/08/10 - Removed use of deprecated functions 01/16/2018 - Fixed various regula...
TFN (Tribe Flood Network) Trojan Detection
The remote host appears to be running TFN Tribe Flood Network, which is a Trojan Horse that can be used to control your system or make it attack another network. It is very likely that this host has been compromised C Tenable Network Security, Inc. include"compat.inc"; if description scriptid1028...
Web Server Directory Traversal Arbitrary File Access
It appears possible to read arbitrary files on the remote host outside the web server's document directory using a specially crafted URL. An unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. Note that this plugin is not limit...
Microsoft Windows NT SCM Malformed Resource Enumeration Request DoS
An 'rfpoison' packet has been sent to the remote host. This packet is supposed to crash the 'services.exe' process, making the system unstable. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid10204; scriptversion"1.32";...
TCP/IP 'Chorusing' Windows DoS
Microsoft Windows 95 and 98 clients have the ability to bind multiple TCP/IP stacks on the same MAC address, simply by having the protocol added more than once in the Network Control panel. The remote host has several TCP/IP stacks with the same IP bound on the same MAC address. As a result, it...
Windows NetBIOS / SMB Remote Host Information Disclosure
The remote host is listening on UDP port 137 or TCP port 445, and replies to NetBIOS nbtscan or SMB requests. Note that this plugin gathers information to be used in other plugins, but does not itself generate a report. C Tenable Network Security, Inc. include"compat.inc"; if description...