CA BrightStor ARCserve Backup Tape Engine RPC Opcode 207 Buffer Overflow (CVE-2007-0169)

Computer Associates BrightStor ARCserve Backup products offer data protection for distributed servers, clients, databases and applications. They provide centralized control over a series of distributed operations including Backup and Restore, Data Migration, and Threat Management. There exists a...

Directory Traversal Vulnerability in TurboFTP Server

Vulnerability ID: HTB22514 Reference: http://www.htbridge.ch/advisory/directorytraversalvulnerabilityinturboftpserver.html Product: TurboFTP Server Vendor: TurboSoft, Inc http://turboftp.com/ Vulnerable Version: 1.20 Build 745 and Probably Prior Versions Vendor Notification: 19 July 2010...

Heart of the sea school mental management system Xday-vulnerability warning-the black bar safety net

Heart of the sea school mental management system Vulnerability type: upload vulnerability, the IIS parsing vulnerability Keywords: 1. inurl:zytest/main. asp? id= 2. Psychological inurl:article/print. asp? id= Vulnerability description: due to the IIS6. 0 there is parsing vulnerability, so the...

Wing FTP Server HTTP Directory Traversal Vulnerability

Christian Navarrete has discovered a vulnerability in Wing FTP Server, which can be exploited by malicious people to disclose sensitive information. The vulnerability is caused due to an input validation error when processing HTTP requests. This can be exploited to access files outside the web ro...

Check over WMI if Apache is installed (win)

Check over WMI if Apache is installed and Report the path and Version of the installation OpenVAS Vulnerability Test $Id: GSHBWMIApache.nasl 7067 2017-09-06 11:50:33Z teissa $ Check over WMI if Apache is installed win Authors: Thomas Rotter Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Tests if all Registry entrys set to prevent SYN-Attacks at an IIS Server (win)

Tests if all Registry entrys set to prevent SYN-Attacks at an IIS Server. OpenVAS Vulnerability Test $Id: GSHBWMIIISProtectSynAttack.nasl 7061 2017-09-05 11:50:40Z teissa $ Tests if all Registry entrys set to prevent SYN-Attacks at an IIS Server win Authors: Thomas Rotter Copyright: Copyright c...

Test if Microsoft Url scan filter is installed(win)

If IIS installed, Test over WMI if Microsoft Url scan filter is installed: OpenVAS Vulnerability Test $Id: GSHBWMIIISUrlScanFilter.nasl 7052 2017-09-04 11:50:51Z teissa $ If IIS installed, Test over WMI if Microsoft Url scan filter is installed Authors: Thomas Rotter Copyright: Copyright c 2009...

[CORE-2010-0121] Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Servers

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Servers 1. Advisory Information Title: Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Serve...

Core Security Technologies Advisory 2010.0121

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Servers 1. Advisory Information Title: Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Serve...

RealNetworks Helix Server DESCRIBE Request Buffer Overflow (CVE-2006-6026)

Helix Server is a multi-media server that is designed to serve streaming and static audio and video content. Helix project, Helix Server being part of it, is intended as a largely free software/open source digital media framework that runs on numerous operating systems and processors including...

Oracle Database Server DBMS_AQELM Package Buffer Overflow (CVE-2008-2607)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, e.g., procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...

smb-enum-groups NSE Script

Obtains a list of groups from the remote Windows system, as well as a list of the group's users. This works similarly to enum.exe with the /G switch. The following MSRPC functions in SAMR are used to find a list of groups and the RIDs of their users. Keep in mind that MSRPC refers to groups as...

MySQL MaxDB WebDBM Server Buffer Overflow (CVE-2006-4305)

MaxDB is an open source database application suite developed by MySQL AB that is available for various operating systems. The software bundles an HTTP server component, named Webtool, to provide a web-based application interface. Clients can connect to the Webtool with a web browser and access...

Pre-Windows 2000 Compatible Access (win)

The scripte check, if Everyone in the Usergroup Pre-Windows 2000 Compatible Access. OpenVAS Vulnerability Test $Id: GSHBWMIpre2000comp.nasl 7067 2017-09-06 11:50:33Z teissa $ Pre-Windows 2000 Compatible Access win Authors: Thomas Rotter Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit

No description provided by source. include stdio.h include windows.h include winioctl.h include stdlib.h include string.h include tlhelp32.h / Program : avast! 4.8.1335 Professionnel Homepage : http://www.avast.com Discovery : 2009/07/29 Author Contacted : 2009/07/31 Found by : Heurs This Advisor...

Avast! 4.8.1335 Professional - Kernel Local Buffer Overflow

Avast! 4.8.1335 Professional - Kernel Local Buffer Overflow include include include include include include / Program : avast! 4.8.1335 Professionnel Homepage : http://www.avast.com Discovery : 2009/07/29 Author Contacted : 2009/07/31 Found by : Heurs This Advisory : Heurs Contact :...

Microsoft DirectX QuickTime媒体文件解析代码执行漏洞

BUGTRAQ ID: 35139 CVECAN ID: CVE-2009-1537 Microsoft DirectX是Windows操作系统中的一项功能，流媒体在玩游戏或观看视频时通过这个功能支持图形和声音。 DirectX的DirectShow组件（quartz.dll）在解析畸形的QuickTime媒体文件时存在错误，用户受骗打开了恶意的媒体文件就会导致执行任意代码。由于用户可能在浏览器中安装媒体播放插件，因此访问恶意网页就足以导致播放QuickTime文件，触发Quartz.dll中的漏洞。 Microsoft DirectX 9.0 Microsoft DirectX 8.1...

Drupal Local File Inclusion

Hi guys, I was testing Acunetix WVS with AcuSensor enabled on Drupal http://www.drupal.org and the scanner found a possible File Inclusion vulnerability. The vulnerability is located in the file "includes\theme.inc" on line 1011. Vulnerable code: function themerendertemplate$templatefile,...

SuSE Update for Xorg and XFree SUSE-SA:2008:003

Check for the Version of Xorg and XFree OpenVAS Vulnerability Test $Id: gbsuse2008003.nasl 8050 2017-12-08 09:34:29Z santu $ SuSE Update for Xorg and XFree SUSE-SA:2008:003 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program i...

With GetHashes software get Windows System Hash password value-the value of vulnerability and early warning-the black bar safety net

For an intruder, get the Windows password is the entire attack process is crucial to a ring, have the system the original user password, will enable the network to penetrate and keep control more easily. Windows System Hash password values with LM-HASH and a NTLM-HASH value of the two parts, once...