9551 matches found
3Com HiPer Access Router Card (HiperARC) IAC Packet Flood DoS
It was possible to reboot the remote host likely a HyperARC router by sending it a high volume of IACs. An attacker may use this flaw to shut down your internet connection. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10108; scriptversion"1.29"; scriptcvsdate"Date:...
RPC portmapper Service Detection
The RPC portmapper is running on this port. The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10223;...
[SECURITY] New versions of rsync fixes security hole
This is an old report from May 1999 but it wasnt reported on this channel yet. The author of rsync, Andrew Tridgell, has reported that former versions of rsync contained a security-related bug. I you were transferring an empty directory into a non-existent directory on a remote host, permissions ...
msproxy2.0.exploit.txt
Date: Wed, 7 Oct 1998 07:10:49 +0100 From: Mnemonix To: [email protected] Subject: WARNING: By-passing MS Proxy packet filtering The following text is in the "ISO-8859-1" character set. Your display is set for the "US-ASCII" character set. Some characters may be displayed incorrectly. Whilst...
GateCrasher Backdoor Detection
The remote host has the backdoor GateCrasher installed. This backdoor allows anyone to partially take control of the affected system. An attacker may use it to steal information or crash the affected host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10093;...
Ping the remote host
Nessus was able to determine if the remote host is alive using one or more of the following ping types : - An ARP ping, provided the host is on the local subnet and Nessus is running over Ethernet. - An ICMP ping. - A TCP ping, in which the plugin sends to the remote host a packet with the flag...
Multiple Vendor phf CGI Arbitrary Command Execution
The 'phf' CGI is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Multiple Vendor Out Of Band Data DoS (WinNuke)
It was possible to crash the remote host using the 'Winnuke' attack, that is to send an OOB message to this port. An attacker may use this flaw to make this host crash continuously, preventing the system from working properly. C Tenable Network Security, Inc. include"compat.inc"; if description...
Daytime Service Detection
The remote host is running a 'daytime' service. This service is designed to give the local time of the day of this host to whoever connects to this port. The date format issued by this service may sometimes help an attacker to guess the operating system type of this host, or to set up timed...
Finger Service Remote Information Disclosure
The remote host is running the 'finger' service. The purpose of this service is to show who is currently logged into the remote system, and to give information about the users of the remote system. It provides useful information to attackers, since it allows them to gain usernames, determine how...
Echo Service Detection
The remote host is running the 'echo' service. This service echoes any data which is sent to it. This service is unused these days, so it is strongly advised that you disable it, as it may be used by attackers to set up denial of services attacks against this host. C Tenable Network Security, Inc...