CVE-2007-4361

The CVE-2007-4361 issue affects NETGEAR ReadyNAS RAIDiator prior to 4.00b2-p2-T1 beta. The root cause is a default SSH root password derived from the hardware serial number, enabling remote attackers to guess the password and gain login access. The vulnerability is contextually severe: authentica...

Dell远程访问卡SSH远程拒绝服务漏洞

BUGTRAQ ID: 25291 Dell远程访问卡（DRAC）允许用户远程管理服务器。 DRAC的SSH服务在处理畸形的数据连接时存在漏洞，远程攻击者可能利用此漏洞导致SSH服务不可用。 如果使用Debian unstable或Ubuntu Depper所捆绑的nmap-4.03-3端口扫描工具对Dell远程访问卡的SSH服务执行端口扫描的话，就可能导致SSH端口不可用，必须使用racadm工具硬重启整个系统才能恢复。 Dell Remote Access Card 4/P 1.50 build 02.16...

NETGEAR ReadyNAS RAIDiator远程SSH后门漏洞

NETGEAR ReadyNAS RAIDiator是一款基于Linux的RAIDiator操作系统，是网络存储解决方案。 NETGEAR ReadyNAS RAIDiator由于存在设计问题，远程攻击者可以利用漏洞通过猜测超级用户密码获得对系统的控制。 NETGEAR ReadyNAS RAIDiator的SSH ROOT密码使用如下组件进行md5sum初始化： 1，MAC地址可从ifconfig获得 2，软件版本可从/etc/raidiatorversion获得 3，在SEED3中可获得工享字符串...

Design/Logic Flaw

BlockHosts before 2.0.4 does not properly parse 1 sshd and 2 vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh wi...

CVE-2007-4322

BlockHosts before 2.0.4 does not properly parse 1 sshd and 2 vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh wi...

CVE-2007-4322

BlockHosts vulnerability CVE-2007-4322 affects BlockHosts before 2.0.4 and CVE-2007-2765 affects BlockHosts before 2.0.3. The issue is improper parsing of daemon log files (sshd/vsftpd) that allows remote attackers to inject arbitrary deny entries into /etc/hosts.allow and cause a denial of servi...

CVE-2007-4321

fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol versi...

BlueCat Networks Adonis 5.0.2.8 - TFTP Privilege Escalation

BlueCat Networks Adonis 5.0.2.8 - TFTP Privilege Escalation source: https://www.securityfocus.com/bid/25214/info BlueCat Networks Adonis devices are prone to a remote privilege-escalation vulnerability. This issue occurs when Proteus appliances are used to upload files to an affected Adonis...

BlueCat Networks Adonis 5.0.2.8 - TFTP Privilege Escalation

source: https://www.securityfocus.com/bid/25214/info BlueCat Networks Adonis devices are prone to a remote privilege-escalation vulnerability. This issue occurs when Proteus appliances are used to upload files to an affected Adonis appliance for TFTP download. An attacker with administrative...

[ GLSA 200707-13 ] Fail2ban: Denial of Service

Gentoo Linux Security Advisory GLSA 200707-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

Fail2ban: Denial of service

Background Fail2ban is a tool for parsing log files and banning IP addresses which make too many password failures. Description A vulnerability has been discovered in Fail2ban when parsing log files. Impact A remote attacker could send specially crafted SSH login banners to the vulnerable host,...

Solaris 10 (sparc) : 121132-03

SunOS 5.10: cryptmod patch. Date this patch was last updated by Sun : Jul/05/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...

[Full-disclosure] Yoggie Pico Pro Remote Code Execution

This vulnerability affects the Yoggie Pico Pro and most certainly the Yoggie Pico, due to them being effectively identical security appliance. They expose a 'ping' function in their web interface for diagnostic purposes, which passes the IP/hostname given directly to ping in the form of 'ping -c ...

Solaris 9 (x86) : 114357-18

SunOS 5.9x86: /usr/bin/ssh patch. Date this patch was last updated by Sun : Sep/16/09 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

Solaris 10 (sparc) : 123324-03

SunOS 5.10: sshd patch. Date this patch was last updated by Sun : Jun/20/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...

Apple Safari 3 for Windows - Protocol Handler Command Injection

Apple Safari 3 for Windows - Protocol Handler Command Injection source: https://www.securityfocus.com/bid/24434/info Apple Safari for Windows is prone to a protocol handler command-injection vulnerability. Exploiting the issue allows remote attackers to pass arbitrary command-line arguments to an...

HP Tru64 - Remote Secure Shell User Enumeration

HP Tru64 - Remote Secure Shell User Enumeration !/usr/bin/perl use warnings; use strict; Remember: you need to accept ssh key first! use Tie::File; use Fcntl 'ORDONLY'; use Expect; use Time::HiRes qwgettimeofday; tru64-sshenum.pl HP Tru64 Remote Secure Shell user enumeration exploit CVE-2007-2791...

Use the telnet method export, import, Forum mysql database-vulnerability warning-the black bar safety net

To 1. The method presented here is mainly applicable to VB and other forums. Use the TELNET method can be existing on the server database to export,then import this data to another server,use this method can achieve the Forum in two Server Migration; or the server existing on the forum moved to...

SUSE-SA:2007:015: AppArmor

The remote host is missing the patch for the advisory SUSE-SA:2007:015 AppArmor. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This plugin text was extracted from SuSE Security Advisory SUSE-SA:2007:015 if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'...

SUSE-SA:2007:016: samba

The remote host is missing the patch for the advisory SUSE-SA:2007:016 samba. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This plugin text was extracted from SuSE Security Advisory SUSE-SA:2007:016 if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc';...