MoonLit Virus Backdoor Detection

The system is infected by the MoonLit virus, the backdoor port is open. Backdoor.Moonlit is a Trojan horse program that can download and execute files, and may act as a proxy server. Copyright C 2004-2010 KK Liu rev 1.0: MoonLit detection - 07/30/2004 rev 1.1: Description changes rev 1.2: Bug fix...

identd Service UID Association

By using the identd server RFC 1413, it is possible to determine the process owner of the remote service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; ifdescription scriptid14674; scriptversion"1.21";...

Firefox < 0.9.3 Null Character MIME Type Spoofing Arbitrary Code Execution

The installed version of Firefox is earlier than 0.9.3. Such versions may allow arbitrary code execution. The security vulnerability is due to the fact that Firefox stores cached HTML documents with a known file name, and to the fact that it's possible to force Firefox to open cached files as HTM...

Solaris 7 (sparc) : 107374-03

Openwindows 3.6.1: Xview Patch. Date this patch was last updated by Sun : Aug/02/05 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if !...

Solaris 2.6 (sparc) : 108499-01

SunOS 5.6: ASET sets the gid on /tmp, /var/tmp when setting med hi. Date this patch was last updated by Sun : Jan/24/00 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...

Zen Cart login.php SQL Injection Vulnerability

Overview: "Zen Cart™ truly is the art of e-commerce; a free, user-friendly, open source shopping cart system." Description: An input validation vulnerability has been reported in Zen Cart, allowing a remote user to inject SQL commands. The '/admin/login.php' file does not properly validate...

Novell Groupwise Servlet Manager Default Password

The Novell Groupwise servlet server is configured with a default password. As a result, users could be denied access to mail and other servlet based resources. To test this finding: https:///servlet/ServletManager/ enter 'servlet' for the user and 'manager' for the password. This script was writt...

Apache Tomcat source.jsp Arbitrary Directory Listing

The source.jsp page, distributed with Apache Tomcat, discloses information when given a specially crafted query string. This can reveal information such as the web root path and directory listings. A remote attacker exploit this information to mount further attacks. %NASLMINLEVEL 70300 This scrip...

GameSpy SDK Malformed \query\ Request Overflow DoS

The remote GameSpy server could be disabled by sending a malformed packet. An attacker could exploit this flaw to crash the affected application. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid12081; scriptversion"1.15"; scriptcvsdate"Date: 2018/11/15 20:50:21";...

AllMyLinks PHP Code Injection vulnerability

AllMyLinks PHP Code Injection vulnerability Product : AllMyLinks Vendor : www.php-resource.net Date : February 14, 2004 Problem : PHP Code Injection Vendor Contacted ? : No Source in /include/footer.inc.php -------------------------------------------------------------- $AMLfooterget =...

AllMyGuests.txt

AllMyGuests PHP Code Injection vulnerability Product : AllMyGuests Vendor : www.php-resource.net Date : February 14, 2004 Problem : PHP Code Injection Vendor Contacted ? : No Source in /include/info.inc.php -------------------------------------------------------------- $AMGinfoget =...

AllMyLinks.txt

AllMyLinks PHP Code Injection vulnerability Product : AllMyLinks Vendor : www.php-resource.net Date : February 14, 2004 Problem : PHP Code Injection Vendor Contacted ? : No Source in /include/footer.inc.php -------------------------------------------------------------- $AMLfooterget =...

NetInfo Arbitrary Remote File Access

Using NetInfo, it is possible to obtain the password file of the remote host by querying it directly. An attacker may use it to set up a brute-force attack to crack the passwords contained in the file, and then use the gained passwords to login into the remote host, either remotely or locally. C...

Default Password (db2as) for 'db2as' Account

The account 'db2as' has the password 'db2as'. An attacker may use it to gain further privileges on the system. %NASLMINLEVEL 70300 This script was written by Chris Foster See the Nessus Scripts License for details Changes by Tenable Add globalsettings/suppliedloginsonly scriptexcludekey 06/2015 A...

FsSniffer Backdoor Detection

This host appears to be running FsSniffer on this port. FsSniffer is backdoor which allows an intruder to steal PoP3/FTP and other passwords you use on your system. An attacker may use it to steal your passwords. This script was written by Joseph Mlodzianowski Changes by Tenable: - Revised plugin...

Magic Winmail Server PASS Command Remote Format String

The remote Winmail POP server, according to its banner, is vulnerable to a format string attack when processing the USER command. An unauthenticated attacker may use this flaw to execute arbitrary code on this host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11742...

PAFileDB SQL Injection Vulnerability & Ratings Cheat Fix

I recently found out that someone I knew was running this vuln application. After informing them it was vuln they were dissapointed at the fact that they could no longer use the program as the author has not supplied a fix. Anyway, here is a quick fix i threw together to take care of the problem...

PostNuke Sections Module Information Disclosure

The remote host is running PostNuke. It is possible to use the CMS to determine the full path to its installation on the server or the name of the database used, by doing a request like : /modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid= An attacker may use these flaws to ga...

BEA WebLogic SSIServlet Invocation Source Code Disclosure

BEA WebLogic may be tricked into revealing the source code of JSP scripts by prefixing the path to the .jsp files by /.shtml/ %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script is based on BEAweblogicRevealsourcecode.nasl Script audit and contributions from Carmichael Security Erik...

FTP Server root Directory .forward File Present

The remote anonymous FTP server has a .forward file set in its home. An attacker may use it to determine who is in charge of the FTP server and set up a social engineering attack. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11565; scriptversion "$Revision: 1.18 $";...