CVE-2016-8026

Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus SSP 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors...

CVE-2016-8021

Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file...

CVE-2016-8026

Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus SSP 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors...

Command injection

Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus SSP 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors...

CVE-2016-8008

Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus SSP 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system...

CVE-2016-8018

Cross-site request forgery CSRF vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows authenticated remote attackers to execute unauthorized commands via a crafted user input...

Privilege escalation

Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus SSP 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system...

CVE-2016-8008

Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus SSP 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system...

CVE-2016-8019

Cross-site scripting XSS vulnerability in attributes in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input...

CVE-2015-8991

Malicious file execution vulnerability in Intel Security McAfee Security Scan+ MSS+ before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation...

CVE-2016-8026

Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus SSP 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors...

CVE-2015-8991

CVE-2015-8991 concerns Intel/MCAfee Security Scan Plus (MSS+) prior to version 3.11.266.3. The vulnerability is a malicious file execution flaw that can be triggered during installation or uninstallation by preexisting crafted malware, while normal operation remains unaffected. The OpenVAS entry ...

CVE-2016-8008

Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus SSP 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system...

broadcast-ospf2-discover NSE Script

Discover IPv4 networks using Open Shortest Path First version 2OSPFv2 protocol. The script works by listening for OSPF Hello packets from the 224.0.0.5 multicast address. The script then replies and attempts to create a neighbor relationship, in order to discover network database. If no interface...

Sends Beacons to Scan for Active ZigBee Networks

Post Module to send beacon signals to the broadcast address while channel hopping This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sends Beacons to Scan for Active ZigBee Networks', 'Description...

Rapid7 Nexpose Static Java Key Vault Cryptographic Vulnerability

Rapid7 Nexpose is a suite of vulnerability management software from Rapid7 USA that can synthesize different scans to deeply probe a network. The software proactively scans configuration environments for errors, vulnerabilities, malware and provides guidance to reduce risk. Rapid7 Nexpose has a...

Cross site scripting

The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted with a static password of 'r@p1d7k3y5t0r3' which is not modifiable by the user. The keystore provides storage for saved scan credentials in an otherwise secure location on disk...

CVE-2017-5230

The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted with a static password of 'r@p1d7k3y5t0r3' which is not modifiable by the user. The keystore provides storage for saved scan credentials in an otherwise secure location on disk...

CVE-2017-5230

The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted with a static password of 'r@p1d7k3y5t0r3' which is not modifiable by the user. The keystore provides storage for saved scan credentials in an otherwise secure location on disk...

CVE-2017-5230

The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted with a static password of 'r@p1d7k3y5t0r3' which is not modifiable by the user. The keystore provides storage for saved scan credentials in an otherwise secure location on disk...