Xerox WorkCentre 5665/5675/5687 Backdoor

SEC Consult Security Advisory ======================================================================= title: Backdoor and Vulnerabilities in Xerox WorkCentre Printers Web Interface products: Xerox WorkCentre 5665/5675/5687 vulnerable version: 21.120.39.000 and possibly others fixed version:...

Trend Micro OfficeScan Console Authentication Buffer Overflow (CVE-2007-3454)

Trend Micro OfficeScan is a centralized virus and security scan management system. It is meant to consolidate the coordination of security scan actions and the management of Trend Micro virus scanner products installed on the nodes of an enterprise network. The product is a central command centre...

Rising Online Virus Scanner v22.0.0.5 ActiveX Control DoS (Stack overflow)

No description provided by source. Exploit Title: Rising Online Virus Scanner ActiveX Control DoS Stack overflow Author: wirebonder Software Link: http://www.rising-global.com/products/online-scanner-intro.html Tested on: Windows XP sp3 ProgID: RavOLCtlLib.RavOnline ClassID:...

Rising Online Virus Scanner Active-X Denial Of Service

Exploit Title: Rising Online Virus Scanner ActiveX Control DoS Stack overflow Date: 17/02/2010 Author: wirebonder Software Link: http://www.rising-global.com/products/online-scanner-intro.html Version: 22.0.0.5 Tested on: Windows XP sp3 CVE : n/a Code : ProgID: RavOLCtlLib.RavOnline ClassID:...

Rising Online Virus Scanner 22.0.0.5 - ActiveX Control Stack Overflow (Denial of Service)

Exploit Title: Rising Online Virus Scanner ActiveX Control DoS Stack overflow Author: wirebonder Software Link: http://www.rising-global.com/products/online-scanner-intro.html Tested on: Windows XP sp3 ProgID: RavOLCtlLib.RavOnline ClassID: 9FAFB576-6933-4CCC-AB3D-B988EC43D04E Member: Scan File:...

Rising Online Virus Scanner 22.0.0.5 - ActiveX Control Stack Overflow (Denial of Service)

Rising Online Virus Scanner 22.0.0.5 - ActiveX Control Stack Overflow Denial of Service Exploit Title: Rising Online Virus Scanner ActiveX Control DoS Stack overflow Author: wirebonder Software Link: http://www.rising-global.com/products/online-scanner-intro.html Tested on: Windows XP sp3 ProgID:...

Symantec Event Manipulation Potential Scan Bypass

SUMMARY On-demand scanning with Symantec AntiVirus can be bypassed by denying read access to user files. AFFECTED PRODUCTS Product | Version | Solutions ---|---|--- Symantec AntiVirus | 10.0.x | Upgrade to MR9 10.1.x Symantec AntiVirus | 10.2.x | Not Vulnerable Symantec Client Security | 3.0.x |...

Multiple Vendor Anti-Virus Magic Byte Detection Evasion

Anti-Virus AV software is meant to search for known viruses embedded in accessed or transferred files. The products are also known as virus scanners. Most virus scanners use a database of known binary patterns of viruses in order to identify trojans and other malware. The number of recognizable...

CVE-2010-0548

Multiple unspecified vulnerabilities in the Network Controller and Web Server in Xerox WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, and 5687 allow remote attackers to 1 access mailboxes via unknown vectors that bypass Scan to Mailbox authorization or 2 read device configuration information via...

db2-das-info NSE Script

Connects to the IBM DB2 Administration Server DAS on TCP or UDP port 523 and exports the server profile. No authentication is required for this request. The script will also set the port product and version if a version scan is requested. Example Usage nmap -sV Script Output PORT STATE SERVICE...

mysql-empty-password NSE Script

Checks for MySQL servers with an empty password for root or anonymous. See also: mysql-brute.nse Example Usage nmap -sV --script=mysql-empty-password Script Output 3306/tcp open mysql | mysql-empty-password: | anonymous account has empty password | root account has empty password Requires mysql...

strongSwan 2.7.0 VPN Detection

Binary data 5317.prm...

[SECURITY] Fedora 12 Update: stardict-3.0.1-20.fc12

StarDict is a Cross-Platform and international dictionary written in Gtk2. It has powerful features such as "Glob-style pattern matching," "Scan selection word," "Fuzzy query," etc...

AIX 610003 : U828802

The remote host is missing AIX PTF U828802 which is related to the security of the package bos.rte.console You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

Facebook Usage Detection

Binary data 5272.prm...

Zabbix Server/Agent Detection (TCP)

TCP based detection of the ZABBIX Server/Agent. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HTTP Methods Allowed (per directory)

By calling the OPTIONS method, it is possible to determine which HTTP methods are allowed on each directory. The following HTTP methods are considered insecure: PUT, DELETE, CONNECT, TRACE, HEAD Many frameworks and languages treat 'HEAD' as a 'GET' request, albeit one without any body in the...

Sun Solaris sshd Timeout Mechanism Remote Denial of Service

Binary data 5247.prm...

Penetration in the end we should scan what is useful information-vulnerability warning-the black bar safety net

"T． S． T"the Information Security Team'blog If the penetration we need to scan what information? Then the statement could be more, but the routine will scan the following information: 1. The target on the network host IP address 2. The host system can access the UDP or TCP port 3. On the target...

Symantec AntiVirus Real Time Virus Scan Service Stack Overflow (CVE-2006-2630)

Symantec Antivirus Corporate Edition and Symantec Client Security are applications designed to protect organizations from the threat of viruses, malware, and intrusion attempts. Both applications can be deployed in an enterprise network environment, and they both support an anti-virus scanning...