794 matches found
Solaris 2.6 (sparc) : 105377-06
SunOS 5.6: BCP patch. Date this patch was last updated by Sun : Apr/08/03 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit...
launchprotect.pl
Eudora 6.0.1 on Windows has LaunchProtect, to warn the user before running executable attachments. However this only works in the attach folder; using spoofed attachments, executables stored elsewhere may run without warning. In some setups, even executables in the attach folder may run without...
Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass (1)
source: https://www.securityfocus.com/bid/9101/info A problem has been identified in the implementation of LaunchProtect within Eudora. Because of this, it may be possible to trick users into performing dangerous actions. May 21, 2004 - Eudora version 6.1.1 has been released, however, it is...
Proxomitron GET Request Overflow Remote DoS
The remote host is running the Proxomitron proxy. There might be a bug in this software which may allow an attacker to disable it remotely. Nessus did not check for the presence of the flaw, so this might be a false positive. C Tenable Network Security, Inc. include"compat.inc"; ifdescription...
Novell NetWare ncp Service NDS Object Enumeration
This host is a Novell NetWare eDirectory server, and has browse rights on the PUBLIC object. It is possible to enumerate all NDS objects, including users, with crafted queries. An attacker can use this to gain information about this host. This script was written by Forrest Rae See the Nessus...
RemotelyAnywhere WWW Detection
A RemotelyAnywhere WWW server is running on the remote host. According to NAVCIRT, attackers use this management tool as a backdoor. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Erik Anderson nb: domain no longer exists Broken link...
processit CGI Environment Variable Remote Information Disclosure
The 'processit' CGI is installed. processit normally returns all environment variables. This gives an attacker valuable information about the configuration of your web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descriptio...
horde-imp.txt
Hi, this bug we discovered recently. HORDE 1.2.0 $from-bug and how to exploit with IMP 2.2.0 Disclaimer: This is intended as a paper for sysadmins who want to secure their systems. It is NOT a how to for scriptkiddies to run any attack on a IMP-using site. The authors of this text will not be hel...
Advisory CA-2000-08
CERT Advisory CA-2000-08 Inconsistent Warning Messages in Netscape Navigator Original release date: May 26, 2000 Last Revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Systems running Netscape Navigator, up to and including Navigator 4.73, withou...
Security Bulletin (MS00-022)
Patch Available for "XLM Text Macro" Vulnerability Originally Posted: April 03, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Excel. The vulnerability could allow a macro to run without generating the expected security warning. Frequent...
FTPGate Web Proxy Traversal Arbitrary File Access
It is possible to read arbitrary files on the remote server by prepending ../../ or ....\ in front of the file name. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10091; scriptversion "1.24"; scriptcvsdate"Date: 2018/08/10 18:07:08"; scriptnameenglish:"FTPGate Web...
RPC bootparamd Service Information Disclosure (Deprecated)
The bootparamd RPC service is running. It is used by diskless clients to get the necessary information needed to boot properly. If an attacker uses the BOOTPARAMPROCWHOAMI and provides the correct address of the client, then he will get its NIS domain back from the server. Once the attacker...
Real Video Server Telnet Malformed Data Remote DoS
It was possible to crash the remote Progressive Networks Real Video Server by sending it specially crafted data. An attacker may use this flaw to prevent you from sharing sound and video. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10183; scriptversion "1.26";...
DEBIAN-CVE-2023-53835
In the Linux kernel, the following vulnerability has been resolved: ext4: don't clear SBRDONLY when remounting r/w until quota is re-enabled When a file system currently mounted read/only is remounted read/write, if we clear the SBRDONLY flag too early, before the quota is initialized, and there ...