15 matches found
EUVD-2009-3732
Malware in sbrugna...
Exploit for Use After Free in Adobe Flash_Player
CobaltStrike-Toolset Aggressor Script, Kit, Malleable C2 Profiles, External C2 and so on - Kits - ResourceKit - ExploitKit - Aggressor Script - chromedumpmimikatz.cna - nopowershell - SMBexecpsh Further Resources nopowershell smbexecpsh.cna CVE-2018-15982...
CVE-1999-0285
Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection...
Pro-Iranian Hacker Group Targeting Albania with No-Justice Wiper Malware
The recent wave of cyber attacks targeting Albanian organizations involved the use of a wiper called No-Justice. The findings come from cybersecurity company ClearSky, which said the Windows-based malware "crashes the operating system in a way that it cannot be rebooted." The intrusions have been...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to hijack the authentication of administrators for 1 requests that change the password via the username parameter to config/changepw.php or 2 stop a...
CVE-2009-3757
Multiple cross-site scripting XSS vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to config/edituser.php; 2 location, 3 sessionid, and 4 vmname parameters to console.php;...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to config/edituser.php; 2 location, 3 sessionid, and 4 vmname parameters to console.php;...
Sql injection
SQL injection vulnerability in login.php in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information...
CVE-2009-3758
CVE-2009-3758 is a SQL injection in login.php of the XenServer Resource Kit / XenCenterWeb. The vulnerability allows remote attackers to execute arbitrary SQL commands via the username parameter, as described in NVD/NIST and mirrored in multiple sources. Public exploit coverage is indicated by a ...
CVE-2009-3760
CVE-2009-3760 affects the Citrix XenCenterWeb XenServer Resource Kit sample code: a vulnerability in config/writeconfig.php where the pool1 parameter enables static code injection into include/config.ini.php, allowing remote attackers to inject arbitrary PHP code. Root cause is improper handling ...
PT-2009-6003 · Citrix · Citrix Xencenterweb
Name of the Vulnerable Software and Affected Versions: Citrix XenCenterWeb affected versions not specified Description: The issue concerns multiple cross-site request forgery CSRF vulnerabilities in sample code within the XenServer Resource Kit in Citrix XenCenterWeb. These vulnerabilities allow...
w3who.dll Buffer Overflow / XSS Vulnerability - Active Check
The Windows 2000 Resource Kit ships with a DLL that displays the browser client context. It lists security identifiers, privileges and $ENV variables. The scanner has determined that this file is installed on the remote host. SPDX-FileCopyrightText: 2004 Nicolas Gregoire Some text descriptions...
CVE-1999-0285
CVE-1999-0285 affects the Windows NT Resource Kit telnet component. The vulnerability is a denial-of-service that occurs when a connection is opened and then immediately closed, exploited via network access. The Red Hat advisory and NVD entry reiterate that telnet on Windows NT Resource Kit is th...
CVE-1999-0285
Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection...
PT-1999-1030 · Microsoft · Telnet +1
Name of the Vulnerable Software and Affected Versions: Windows NT Resource Kit affected versions not specified Description: The issue is related to a denial of service in telnet, caused by opening and then immediately closing a connection. Recommendations: At the moment, there is no information...