Multiple Vendor NFS CD Command Arbitrary File/Directory Access

The remote NFS server allows users to use a 'cd ..' command to access other directories besides the NFS file system. An attacker may use this flaw to read every file on this host. C Tenable Network Security, Inc. This is the implementation of an oooold attack. include 'compat.inc' ; if descriptio...

Cisco NTP ntpd readvar Variable Remote Overflow (CSCdt93866)

By sending a crafted NTP control packet, it is possible to trigger a buffer overflow in the NTP daemon. This vulnerability can be exploited remotely. The successful exploitation may cause arbitrary code to be executed on the target machine. This vulnerability is documented as Cisco Bug ID...

zml.cgi Directory Traversal

ZML.cgi is vulnerable to a directory traversal attack. It enables a remote attacker to view any file on the computer with the privileges of the cgi/httpd user. %NASLMINLEVEL 70300 This script was written by Drew Hintz http://guh.nu It is based on scripts written by Renaud Deraison and HD Moore Se...

WU-FTPD site_exec() Function Remote Format String

The version of WU-FTPD hosted on the remote server does not properly sanitize the argument of the SITE EXEC command. It may be possible for a remote attacker to gain root access. This script was written by Alexis de Bernis Changes by Tenable: - rely on the banner if we could not log in - changed...