3 matches found
Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday
This months Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, Apple has also quashed a pair of...
Symantec AntiVirus Scan Engine Detection
Symantec AntiVirus Scan Engine, a TCP/IP service with a programming interface to allow integration with third-party products, is installed on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid31857; scriptversion"1.17";...
HP TCP/IP Services for OpenVMS用户枚举和安全绕过漏洞
HP OpenVMS是一款基于nix的操作系统。 HP OpenVMS下的TCP/IP服务存在用户枚举和安全绕过问题,远程攻击者可以利用漏洞获得合法用户名和进行暴力攻击。 当POP客户端请求访问VMS POP服务器Alpha VMS 8.3, TCPIP Services 5.6提供不正确用户名和密码,这个事件没有记录到审核服务器中。发送不包含原始请求任何信息的消息给OPCOM。因此攻击者可以通过暴力攻击进行猜测而不受审核。 另外通过USER命令,可通过返回的-ERR或+OK信息来枚举正确的用户名信息。 HP TCP/IP Service 5.6 HP OpenVMS 7.3 -2...