4112 matches found
Open WebMail vacation.pl Arbitrary Command Execution
The target is running at least one instance of Open WebMail in which the vacation.pl component fails to sufficiently validate user input. This failure enables remote attackers to execute arbitrary programs on a target using the privileges under which the web server operates. For further...
Trend Micro Office Scan weak permissions
Full access is given to Everyone group for installation directory and registry key...
CVE-2004-1977
3com NBX IP VOIP NetSet Configuration Manager allows remote attackers to cause a denial of service crash via a Nessus scan in safeChecks mode...
CVE-2004-1947
The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote attackers to 1 obtain sensitive information such as system drives and contents or 2 use the RequestFile method to download and execute arbitrary code via an object codebase that uses bitdefender.cab...
Norton AntiVirus nested file manual scan bypass.....
Product Version: Norton Antivirus 2002 Only tested On... Risk Impact: Medium Vendor Status: No responce! Summary: If you manage to inject a file in the sub-directorys; beyond windows OS can create normally, say in 130 'th + sub-directory at c:..........upto 130'th ... NAV fails to scan the NESTED...
[Full-Disclosure] BitDefender Scan Online(ActiveX) - Remote File Download & Execute & Private Information Disclosure
Application: BitDefender Scan OnlineActiveX Vendors: http://www.bitdefender.com/scan/Msie/index.php Platforms: Windows Bug: Remote File Download & Execute & Private Information Disclosure Risk: High - Running Arbitary Code Exploitation: Remote with browser Date: 19 Apr 2004 Author: Rafel Ivgi,...
Symantec Norton AntiVirus 2002 - Nested File Manual Scan Bypass
Symantec Norton AntiVirus 2002 - Nested File Manual Scan Bypass source: https://www.securityfocus.com/bid/10164/info A vulnerability has been reported in Symantec Norton AntiVirus 2002 that may potentially cause deeply nested files with specific names to bypass manual scanning. This could permit...
CVE-2004-0217
CVE-2004-0217 affects Symantec AntiVirus Scan Engine on Red Hat Linux (LiveUpdate capability via liveupdate.sh) and allows local users to create or append arbitrary files by exploiting a symlink on /tmp/LiveUpdate.log. Affected versions: 4.0 and 4.3. Root cause: symlink attack in LiveUpdate.log h...
NAV bugs!
Subject: NAV bugs! Published: Friday, 05 March, 2004 Updated: 06-Mar-04 Discovered By: Bipin Gautam hUNT3R Product Version: Norton Antivirus 2002 ver: 8.00.58 Only tested On... Risk Impact: Low-Medium Details: During a 'manual scan' of a folder, if Norton Antivirus NAV encounters a file /folder...
Alcatel Omniswitch 7000 series
Running Nessus 2.0.9 against Alcatel 7000 series causing a swith to reboot via buffer overflow?. Alcatel has multiple services running on the background, with no option to shut them down. Vulnerable ports: 80, 260, 261, 443. Disabling a service via qos policy suggested by Alcatel does just a mino...
SARA crossite scripting
Crossite scripting on displaying remote sustem scan results...
Do not scan printers
The remote host appears to be a network printer, multi-function device, or other fragile device. Such devices often react very poorly when scanned. To avoid problems, Nessus has marked the remote host as 'Dead' and will not scan it, beyond minimal probing traffic that allows the scanner to identi...
Microsoft Windows - 'RPC DCOM' Scanner (MS03-039)
/ dcom2scanner.c scan for second dcom vulnerability MS03-039 by Doke Scott, doke at udel.edu, 10 Sep 2003 based on work by: buildtheb0x presents : dcom/rpc scanner --------------------------------------- by: kid and farp and on packet sniffs of MS's dcom2 scanner / define ddcomscantimeout 5 // ma...
CVE-2003-0176
CVE-2003-0176 affects the IRIX Name Service Daemon (nsd) running as an NIS master on SGI IRIX 6.5.x (through 6.5.20f and possibly earlier). The vulnerability allows remote attackers to cause a denial of service (crash) by sending UDP port scans to nsd. Public sources in connected documents confir...
CVE-2003-0176
The Name Service Daemon nsd, when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service crash via a UDP port scan...
wu-ftpd 2.6.2 Remote Root Exploit (advanced version)
No description provided by source. / wu-ftpd v2.6.2 off-by-one remote 0day exploit. exploit by "you dong-hun"Xpl017Elz, [email protected]. Update: v0.0.2 August 2, I added wu-ftpd-2.6.2, 2.6.0, 2.6.1 finally. v0.0.3 August 3, Brute-Force function addition. v0.0.4 August 4, Added FreeBSD, OpenBSD...
WU-FTPD 2.6.2 - Remote Command Execution
WU-FTPD 2.6.2 - Remote Command Execution / wu-ftpd v2.6.2 off-by-one remote 0day exploit. exploit by "you dong-hun"Xpl017Elz, . Update: v0.0.2 August 2, I added wu-ftpd-2.6.2, 2.6.0, 2.6.1 finally. v0.0.3 August 3, Brute-Force function addition. v0.0.4 August 4, Added FreeBSD, OpenBSD version...
WU-FTPD 2.6.2 - Remote Command Execution
/ wu-ftpd v2.6.2 off-by-one remote 0day exploit. exploit by "you dong-hun"Xpl017Elz, . Update: v0.0.2 August 2, I added wu-ftpd-2.6.2, 2.6.0, 2.6.1 finally. v0.0.3 August 3, Brute-Force function addition. v0.0.4 August 4, Added FreeBSD, OpenBSD version wu-ftpd-2.6.x exploit. It will be applied we...
Postfix 1.1.x - Denial of Service (1)
// source: https://www.securityfocus.com/bid/8333/info Debian has reported two vulnerabilities in the Postfix mail transfer agent. The first vulnerability, CAN-2003-0468, can allow for an adversary to "bounce-scan" a private network. It has also been reported that this vulnerability can be...
Postfix 1.1.x - Denial of Service (2)
Postfix 1.1.x - Denial of Service 2 source: https://www.securityfocus.com/bid/8333/info Debian has reported two vulnerabilities in the Postfix mail transfer agent. The first vulnerability, CAN-2003-0468, can allow for an adversary to "bounce-scan" a private network. It has also been reported that...