MultiCMS - Local File Inclusion

MultiCMS - Local File Inclusion Source: http://packetstormsecurity.org/files/view/97987/multicms-lfi.txt =============================wwwdotWhiteponnydotcom============================= Date: 29/01/2011 Author: R3VANBASTARD Exploit Title: MultiCMS File Inclusion Vulnerbility Vendor:...

MultiCMS Local File Inclusion

=============================wwwdotWhiteponnydotcom============================= Date: 29/01/2011 Author: R3VANBASTARD Exploit Title: MultiCMS File Inclusion Vulnerbility Vendor: http://www.multicms.net Status: FIXED Tested on: Windows 7 Dork: "Redakcní systém MultiCMS" Mail:...

SYN Scan

This plugins performs a supposedly fast SYN port scan. It does so by computing the RTT round trip time of the packets coming back and forth between the openvassd host and the target, then it uses that to quickly send SYN packets to the remote host. OpenVAS Vulnerability Test $Id: synscan.nasl 702...

SYN Scan

This plugins performs a supposedly fast SYN port scan. It does so by computing the RTT round trip time of the packets coming back and forth between the scanner host and the target, then it uses that to quickly send SYN packets to the remote host. Copyright C 2011 Greenbone Networks GmbH Some text...

netbus-auth-bypass NSE Script

Checks if a NetBus server is vulnerable to an authentication bypass vulnerability which allows full access without knowing the password. For example a server running on TCP port 12345 on localhost with this vulnerability is accessible to anyone. An attacker could simply form a connection to the...

4) "S" stands for Safe(r)

Browsing a Web site for offers is one thing. Actually buying merchandise is another matter entirely. Online transactions should be carried out securely, using encryption to scramble the sensitive financial data you’re sending to the merchant’s Web site and that they’re sending to you. Before...

Web Crawler : Web Application Crawler - New Release

Web Crawler is a open source application that is based on the WebEngine library. WebEngine is the set of tools for performing black-box web-sites testing and other similar tasks. It provides tools means for reception of documents from a web-server, parse HTML pages, their comparisons, search...

Nessus 4.4.0 New version release !

Finally, an updated version of Nessus is out after a long time! This is Nessus version 4.4.0 "The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of yo...

SuSE 10 Security Update : clamav (ZYPP Patch Number 6990)

Specially crafted CAB archives could crash clamav CVE-2010-1311 or bypass virus detection CVE-2010-0098. clamav has been updated to version 0.96 which fixes those issues. Citing freshmeat.net : This Release introduces new malware detection mechanisms and other significant improvements to the scan...

resolveall NSE Script

NOTE: This script has been replaced by the --resolve-all command-line option in Nmap 7.70 Resolves hostnames and adds every address IPv4 or IPv6, depending on Nmap mode to Nmap's target list. This differs from Nmap's normal host resolution process, which only scans the first address A or AAAA...

ColdFusion Server Check

This module attempts to exploit the directory traversal in the 'locale' attribute. According to the advisory the following versions are vulnerable: ColdFusion MX6 6.1 base patches, ColdFusion MX7 7,0,0,91690 base patches, ColdFusion MX8 8,0,1,195765 base patches, ColdFusion MX8 8,0,1,195765 with...

AIX 610004 : U834978

The remote host is missing AIX PTF U834978 which is related to the security of the package bos.aixpert.cmds You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

McAfee VirusScan On-Access Scanner Long Filename Handling Buffer Overflow

McAfee Corporation is a major vendor of numerous anti-virus, network, and desktop security products which are deployed in consumer as well as enterprise environments. McAfee VirusScan is an AntiVirus application that offers protection against the latest computer virus threats. McAfee VirusScan...

irc-unrealircd-backdoor NSE Script

Checks if an IRC server is backdoored by running a time-based command ping and checking how long it takes to respond. The irc-unrealircd-backdoor.command script argument can be used to run an arbitrary command on the remote system. Because of the nature of this vulnerability the output is never...

CVE-2010-1637

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number...

Design/Logic Flaw

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number...

CVE-2010-1637

CVE-2010-1637 affects SquirrelMail up to version 1.4.20 with the Mail Fetch plugin. The vulnerability allows remote authenticated users to bypass firewall rules and proxy through a modified POP3 port to scan internal networks. The documented impact is limited to port-scanning capability via the M...

PT-2010-3299 · Squirrelmail +1 · Squirrelmail +1

Name of the Vulnerable Software and Affected Versions: SquirrelMail versions 1.4.20 and earlier Description: The issue allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number. This is made possible...

PT-2010-3300 · Horde · Horde Imp

Name of the Vulnerable Software and Affected Versions: Horde IMP plugin affected versions not specified Description: The issue allows remote attackers to bypass firewall restrictions and use Horde as a proxy to scan internal networks via a crafted request to an unspecified test script. This is on...

Netvolution CMS 2.x - SQL Injection Script

Netvolution CMS 2.x - SQL Injection Script !/usr/bin/perl Exploit Title: Netvolution exploit script for CMS Version = 2.xx.xx.xx Date: 10/6/2010 Sotware Link: www.netvolution.net Bug found : amquen, krumel Exploited by: krumel Exploit Coded: mr.pr0n Many thanks to icesurfer author of SQLNINJA and...