Session-timeout not being respected

As per the following KB I made changes that should have seen timeout reduced to 2 minutes. https://confluence.atlassian.com/pages/viewpage.action?pageId=126910597 in /confluence/WEB-INF/web.xml code 2 code I can't force Confluence to have a session timeout. This issue has been reproduced on first...

Session-timeout not being respected

As per the following KB I made changes that should have seen timeout reduced to 2 minutes. https://confluence.atlassian.com/pages/viewpage.action?pageId=126910597 in /confluence/WEB-INF/web.xml code 2 code I can't force Confluence to have a session timeout. This issue has been reproduced on first...

VSS Timeout when backing up Exchange VM

Article Applicability This article was initially created for Veeam Backup & Replication 6.1. While the article remains technically accurate regarding the behavior of Microsoft VSS and Veeam's interactions with VSS, the issue discussed rarely occurs thanks to the improvements made in Veeam Backup ...

CVE-2012-3421

The pduread function in pdu.c in libpcp in Performance Co-Pilot PCP before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service pmcd hang by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."...

DEBIAN-CVE-2012-3421

The pduread function in pdu.c in libpcp in Performance Co-Pilot PCP before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service pmcd hang by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."...

CVE-2012-3421

The pduread function in pdu.c in libpcp in Performance Co-Pilot PCP before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service pmcd hang by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."...

UBUNTU-CVE-2012-3421

The pduread function in pdu.c in libpcp in Performance Co-Pilot PCP before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service pmcd hang by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."...

http-slowloris-check NSE Script

Tests a web server for vulnerability to the Slowloris DoS attack without actually launching a DoS attack. Slowloris was described at Defcon 17 by RSnake see . This script opens two connections to the server, each without the final CRLF. After 10 seconds, second connection sends additional header...

llmnr-resolve NSE Script

Resolves a hostname by using the LLMNR Link-Local Multicast Name Resolution protocol. The script works by sending a LLMNR Standard Query containing the hostname to the 5355 UDP port on the 224.0.0.252 multicast address. It listens for any LLMNR responses that are sent to the local machine with a...

broadcast-igmp-discovery NSE Script

Discovers targets that have IGMP Multicast memberships and grabs interesting information. The scripts works by sending IGMP Membership Query message to the 224.0.0.1 All Hosts multicast address and listening for IGMP Membership Report messages. The script then extracts all the interesting...

OS X Gather Keychain Enumeration

This module presents a way to quickly go through the current user's keychains and collect data such as email accounts, servers, and other services. Please note: when using the GETPASS and GETPASSAUTOACCEPT option, the user may see an authentication alert flash briefly on their screen that gets...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

These new kernel packages contain fixes for the following security issues : - a flaw in the handling of IPv6 type 0 routing headers that allowed remote users to cause a denial of service that led to a network amplification between two routers CVE-2007-2242, Important. - a flaw in the nfnetlinklog...

Veeam ONE Monitor performance data collection times out

Challenge You are facing the following configuration issue: Veeam ONE Monitor performance graphs show the No Data Available message. Cause VeeamDCS.log file contains the following errors: ​Collecting thread has failed to initialize The operation has timed out and will be stopped Collecting thread...

Scientific Linux Security Update : openldap on SL5.x i386/x86_64

A flaw was found in the way OpenLDAP's slapd daemon handled malformed objectClasses LDAP attributes. A local or remote attacker could create an LDAP request which could cause a denial of service by crashing slapd. CVE-2007-5707 In addition, the following feature was added : - OpenLDAP client tool...

sip-call-spoof NSE Script

Spoofs a call to a SIP phone and detects the action taken by the target busy, declined, hung up, etc. This works by sending a fake sip invite request to the target phone and checking the responses. A response with status code 180 means that the phone is ringing. The script waits for the next...

Unable to collect files information from datastore in a timely manner due to high vCenter server load

Challenge Veeam ONE Reporter collects data from datastores using the SearchDatastoreSubFoldersTask tasks, which are pre-defined by vSphere. During that process, if a datastore becomes unavailable or experiences performance issues, Veeam ONE Reporter may be unable to complete data collection tasks...

pcanywhere-brute NSE Script

Performs brute force password auditing against the pcAnywhere remote access protocol. Due to certain limitations of the protocol, bruteforcing is limited to single thread at a time. After a valid login pair is guessed the script waits some time until server becomes available again. Script Argumen...

Hyperlinks in SSRS-based reports do not work

Challenge Some hyperlinks in SSRS-based reports expire in 20 minutes version 6.0-10.0. NOTE: In Veeam ONE Reporter v11 the timeout is 12 hours. Cause The behavior is caused by Microsoft SSRS implementation specifics. Solution This behavior is by Microsoft SSRS design. More Information If you have...

CVE-2011-1927

The ipexpire function in net/ipv4/ipfragment.c in the Linux kernel before 2.6.39 does not properly construct ICMPTIMEEXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service invalid pointer dereference via crafted fragmented packets...

gpsd-info NSE Script

Retrieves GPS time, coordinates and speed from the GPSD network daemon. Script Arguments gpsd-info.timeout timespec defining how long to wait for data default 10s Example Usage nmap -p 2947 --script gpsd-info Script Output PORT STATE SERVICE REASON 2947/tcp open gpsd-ng syn-ack | gpsd-info: | Tim...