CVE-2020-7504

A CWE-20: Improper Input Validation vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to disable the webserver service on the device when specially crafted network packets are sent...

EUVD-2006-0235

Malware in sbrugna...

CVE-2024-45461

The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit system for cloud resources, and is disabled by default. In environments where the feature is enabled, due to missing access check enforcements, non-administrative CloudStack user accounts are able to acce...

SAMSUNG Exynos Security Breach

SAMSUNG Exynos is a SoC, Arm architecture-based processor developed and manufactured by Samsung Mobile, a South Korean company. A security vulnerability exists in the SAMSUNG Exynos Mobile Processor, Automotive Processor, and Modem, which stems from improperly performed standard security checks a...

[NetScaler] Graceful disable service may trigger TCP RESET immediately

According to eDoc:Graceful shutdown of services. If we disable an HTTP service with the following command: disable service HTTPSvcName 0 -graceFul YES We expect to see all ESTABLISHED connections alive. But in real cases, we may see partial connections got TCP RST from NetScaler ADC immediately...

Testing HA Failover on NetScaler SD-WAN

Site level HA works in a way independent to the virtual path state of the site with other sites. Meaning if the physical links are down while one appliance is serving as active, then it will be the same case for the standby as well as the same physical link will be used by standby too and hence...

Symantec Alert Management System Intel Alert Handler command execution

Added: 08/20/2010 BID: 41959 OSVDB: 66807 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. It includes an Intel Alert Handler service hndlrsvc.exe. This service handles messages forwarded to it by the Alert Originator Manager, which listens on port...

Microsoft Windows打印后台程序远程溢出漏洞(MS09-022)

BUGTRAQ ID: 35206 CVECAN ID: CVE-2009-0228 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的打印后台程序在解析某些打印数据结构时存在缓冲区溢出漏洞。远程攻击者可以首先诱骗用户访问恶意的打印服务器，然后向受影响系统发送特制的RPC请求，导致在枚举期间错误的解析打印服务器的ShareName。成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建新帐户。 Microsoft Windows 2000SP4 临时解决方法： 在防火墙阻断TCP 139和445端口。...

TFTP Daemon Detection

The remote host is running a TFTP Trivial File Transfer Protocol daemon. TFTP is often used by routers and diskless hosts to retrieve their configuration. It can also be used by worms to propagate. C Tenable Network Security, Inc. Revised 19/02/05 by Martin O'Neal of Corsaire to make the detectio...

fake identd (fakeidentd) Fragmented Packet Request Remote Overflow

The identd server on this port seems to be a version of fake identd that fails to properly validate user input before copying it into a buffer of fixed size. By splitting data into two or more packets, an anonymous remote attacker can overflow the input buffer and execute arbitrary code with root...

VisualRoute Web Server Detection

VisualRoute is a web-based solution which allows unauthenticated users to perform traceroutes against arbitrary hosts on the Internet. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10744; scriptversion "1.22"; name"english" = "VisualRoute Web Server Detection";...

Solaris Line Printer Daemon (in.lpd) vulnerable to buffer overflow via transfer job routine

Overview A buffer overflow exists in the Solaris line printer daemon in.lpd that may allow a remote intruder to execute arbitrary code with the privileges of the running in.lpd. This daemon runs with root privileges by default on all recent versions of Solaris. Description The Solaris in.lpd...