33 matches found
Juniper Junos OS Vulnerability (JSA79091)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79091 advisory. - By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients...
ENS DNSSEC Oracle Vulnerable to RSA Signature Forgery via Missing PKCS#1 v1.5 Padding Validation
Impact The RSASHA256Algorithm and RSASHA1Algorithm contracts fail to validate PKCS1 v1.5 padding structure when verifying RSA signatures. The contracts only check if the last 32 or 20 bytes of the decrypted signature match the expected hash. This enables Bleichenbacher's 2006 signature forgery...
GHSA-5PQ9-5MPR-JJ85 Jervis Has a JWT Algorithm Confusion Vulnerability
Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL244-L249 The code doesn't validate that the JWT header specifies "alg":"RS256". Impact Depending on the broader system, this could allow JWT...
Windows Registry Enumerated Software Report
Reports details about software enumerated using the registry TRUSTED...
CLSA-2021-1634922881 Fixed CVEs in openssl: CVE-2018-0739, CVE-2018-0732, CVE-2021-3712, CVE-2018-0737
fix CVE-2021-3712 - handling ASN.1 string as NULL terminated leads to read buffer overrun - Port patches from oracle6els branch, original changelog entry: - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 -...
Mac OS X Admin Group User List
Using the supplied credentials, Nessus was able to extract the member list of the 'Admin' and 'Wheel' groups. Members of these groups have administrative access to the remote system. TRUSTED...
Hydra: telnet
This plugin runs Hydra to find telnet passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: HTTP
This plugin runs Hydra to find HTTP passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: NNTP
This plugin runs Hydra to find NNTP accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: MS SQL
This plugin runs Hydra to find MS SQL passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: SSH2
This plugin runs Hydra to find SSH2 accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: Cisco
This plugin runs Hydra to find Cisco passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: ICQ
This plugin runs Hydra to find ICQ accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: SMTP AUTH
This plugin runs Hydra to find SMTP AUTH accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: CVS
This plugin runs Hydra to find CVS accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: SAP R3
This plugin runs Hydra to find SAP R3 accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: Cisco enable
This plugin runs Hydra to find Cisco 'enable' passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: FTP
This plugin runs Hydra to find FTP accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: PC-NFS
This plugin runs Hydra to find PC-NFS accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Hydra: POP3
This plugin runs Hydra to find POP3 accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...