Netvolution CMS 2.x - SQL Injection Script

!/usr/bin/perl Exploit Title: Netvolution exploit script for CMS Version = 2.xx.xx.xx Date: 10/6/2010 Sotware Link: www.netvolution.net Bug found : amquen, krumel Exploited by: krumel Exploit Coded: mr.pr0n Many thanks to icesurfer author of SQLNINJA and all p0wnbox members. I have contact...

AIX 530011 : U832764

The remote host is missing AIX PTF U832764 which is related to the security of the package bos.cifsfs.smit You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

NIBE heat pump - Local File Inclusion

NIBE heat pump - Local File Inclusion !/usr/bin/python import socket,sys,os,base64 NIBE heat pump LFI exploit Written by Jelmer de Hen Published at http://h.ackack.net/?p=302 Special thanks to Fredrik Nordberg Almroth and Mathias Karlsson for obtaining this information http://h.ackack.net/?p=274...

SuSE9 Security Update : clamav (YOU Patch Number 12610)

Specially crafted CAB archives could crash clamav CVE-2010-1311 or bypass virus detection CVE-2010-0098. clamav has been updated to version 0.96 which fixes those issues. Citing freshmeat.net : This Release introduces new malware detection mechanisms and other significant improvements to the scan...

Starts nikto with Option -Tuning x016bc and write to KB

This plugin uses nikto to find weak CGI scripts and other known issues regarding web server security. It starts with the option - Tuning x016bc and writes only OSVDB and CVE issues to the KB. Note: The plugin needs the OpenVAS Vulnerability Test Starts nikto with Option -Tuning x016bc and write t...

Test if Microsoft Url scan filter is installed(win)

If IIS installed, Test over WMI if Microsoft Url scan filter is installed: OpenVAS Vulnerability Test $Id: GSHBWMIIISUrlScanFilter.nasl 7052 2017-09-04 11:50:51Z teissa $ If IIS installed, Test over WMI if Microsoft Url scan filter is installed Authors: Thomas Rotter Copyright: Copyright c 2009...

Test if Microsoft Url scan filter is installed - Windows

If IIS installed, test over WMI if Microsoft Url scan filter is installed: SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE 10 Security Update : ClamAV (ZYPP Patch Number 6983)

Specially crafted CAB archives could crash clamav CVE-2010-1311 or bypass virus detection CVE-2010-0098. clamav has been updated to version 0.96 which fixes those issues. Citing freshmeat.net : This Release introduces new malware detection mechanisms and other significant improvements to the scan...

F-Secure Products Archive Files Scan Evasion (2010-1)

The remote host has an antivirus product from F-Secure installed. According to its version, the product fails to accurately scan specially crafted 7Z, GZIP, CAB, and RAR archive files. It is, therefore, possible for such files to evade detection from the scanning engine. C Tenable Network Securit...

ms-sql-empty-password NSE Script

Attempts to authenticate to Microsoft SQL Servers using an empty password for the sysadmin sa account. SQL Server credentials required: No will not benefit from mssql.username & mssql.password. Run criteria: Host script: Will run if the mssql.instance-all, mssql.instance-name or mssql.instance-po...

ms-sql-xp-cmdshell NSE Script

Attempts to run a command using the command shell of Microsoft SQL Server ms-sql. SQL Server credentials required: Yes use ms-sql-brute, ms-sql-empty-password and/or mssql.username & mssql.password Run criteria: Host script: Will run if the mssql.instance-all, mssql.instance-name or...

[SECURITY] Fedora 13 Update: libnids-1.24-1.fc13

Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.x and offers IP defragmentation, TCP stream assembly and TCP port scan detection. Using libnids, one has got a convenient access to data carried by a TCP stream, no matter how...

[SECURITY] Fedora 12 Update: libnids-1.24-1.fc12

Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.x and offers IP defragmentation, TCP stream assembly and TCP port scan detection. Using libnids, one has got a convenient access to data carried by a TCP stream, no matter how...

Symantec Scan Engine Authentication Bypass (CVE-2006-0230)

Symantec Scan Engine provides virus protection services targeted at network traffic as well as data storage devices. It also provides an API in order to enable it to be integrated with third-party software and hardware devices. This product is configurable through a web interface exposed on port...

Sybase ASE Server Suspicious Command Detection

Binary data 5457.prm...

Sybase ASE Server Suspicious Command Detection

Binary data 5455.prm...

Xerox WorkCentre Authorization Bypass Vulnerabilities (XRX10-002)

According to its model number and software version, the remote host is a Xerox WorkCentre device that is affected by two authorization bypass vulnerabilities : - The web interface reportedly includes a script named 'YoUgoTIt.php' that will calculate a checksum for a specified folder name that wil...

ipidseq NSE Script

Classifies a host's IP ID sequence test for susceptibility to idle scan. Sends six probes to obtain IP IDs from the target and classifies them similarly to Nmap's method. This is useful for finding suitable zombies for Nmap's idle scan -sI as Nmap itself doesn't provide a way to scan for these...

Symantec Endpoint Protection Scan Bypass Vulnerability

The host is installed with Symantec Endpoint Protection and is possible to bypass security scan. OpenVAS Vulnerability Test $Id: secpodsymantecepointprtnsecbypassvuln.nasl 5401 2017-02-23 09:46:07Z teissa $ Symantec Endpoint Protection Scan Bypass Vulnerability Authors: Antu Sanadi Copyright:...

Symantec Endpoint Protection 11.x Scan Bypass Vulnerability

Symantec Endpoint Protection is prone to a scan bypass vulnerability. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...