Mandriva Update for php MDVSA-2010:254 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2010:254 php Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Microsoft .NET Framework Remote Code Execution Vulnerability (KB4565628)

This host is missing a critical security update according to Microsoft KB4565628 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Debian: Security Advisory (DLA-2133-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for python-urllib3 FEDORA-2019-fbda9f1e49

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

HPE Comware Network Products Remote Information Disclosure Vulnerability (HPSBHF03674)

HPE Comware 5 and Comware 7 network products are prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

PmWiki Pagelist 'order' Parameter PHP Code Injection Vulnerability

The host is running PmWiki and is prone to PHP code injection vulnerability. OpenVAS Vulnerability Test $Id: secpodpmwikipagelistorderparamphpcodeinjvuln.nasl 7029 2017-08-31 11:51:40Z teissa $ PmWiki Pagelist 'order' Parameter PHP Code Injection Vulnerability Authors: Sooraj KS Copyright:...

Apache HTTP Server < 2.4.38 mod_session_cookie Vulnerability - Linux

In Apache HTTP Server modsession checks the session expiry time before decoding the session. This causes session expiry time to be ignored for modsessioncookie sessions since the expiry time is loaded when the session is decoded. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions...

Apache HTTP Server ETag Header Information Disclosure Weakness

A weakness has been discovered in the Apache HTTP Server if configured to use the FileETag directive. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

elFinder < 2.1.48 Command Injection Vulnerability

elFinder is prone to a command injection vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:std42:elfinder";...

Mail relaying (thorough test)

The remote SMTP server appears to be insufficiently protected against relaying This means that spammers might be able to use your mail server to send their mails to the world. OpenVAS Vulnerability Test $Id: smtprelay2.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Mail relaying thorough te...

GeoVision GeoHttpServer WebCams <= 8.3.3.0 Directory Traversal Vulnerability - Active Check

GeoVision GeoHttpServer WebCams is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Non-Existant Page Physical Path Disclosure Vulnerability

Your web server reveals the physical path of the webroot when asked for a non-existent page. Whilst printing errors to the output is useful for debugging applications, this feature should not be enabled on production servers. OpenVAS Vulnerability Test $Id: 404pathdisclosure.nasl 6007 2017-04-21...

WatchGuard Firebox Appliance Detection (HTTP)

HTTP based detection of WatchGuard Firebox appliances. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671387)

This host is missing a critical security update according to Microsoft Bulletin MS12-020. OpenVAS Vulnerability Test $Id: secpodms12-020.nasl 5341 2017-02-18 16:59:12Z cfi $ Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities 2671387 Authors: Rachana Shetty Copyright: Copyrigh...

Fedora Update for libssh2 FEDORA-2019-f31c14682f

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

lwIP TCP/IP Stack Detection (HTTP)

HTTP based detection of the lwIP TCP/IP stack. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Microsoft Windows 10: Load and unload device drivers

This policy setting determines which users can dynamically load and unload device drivers. This user right is not required if a signed driver for the new hardware already exists in the driver.cab file on the device. Device drivers run as highly privileged code. Windows supports the Plug and Play...

ISC BIND DoS Vulnerability (CVE-2019-6471) - Windows

ISC BIND is prone to a denial of service vulnerability when discarding malformed packets. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Th...

OpenNetAdmin 'ona.log' File Remote PHP Code Execution Vulnerability

OpenNetAdmin is prone to a remote PHP code-execution vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Printer Job Language (PJL) / Printer Command Language (PCL) Detection

The remote service supports the Printer Job Language PJL and/or Printer Command Language PCL protocol and answered to a PJL and/or PCL request. This indicates the remote device is probably a printer running JetDirect. Through PJL/PCL, users can submit printing jobs, transfer files to or from the...

Odoo 'Backup Database Action' Authentication Bypass Vulnerability

Odoo is prone to an authentication bypass vulnerability. This VT has been deprecated since CVE-2018-6620 has been rejected. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CentOS Update for seamonkey CESA-2010:0810 centos4 i386

Check for the Version of seamonkey OpenVAS Vulnerability Test CentOS Update for seamonkey CESA-2010:0810 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

Microsoft SQL Server Remote Code Execution Vulnerability (KB4505224)

This host is missing an important security update according to Microsoft KB4505224 SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Apache Tomcat 'UTF-8 Decoder' Denial of Service Vulnerability - Windows

Apache Tomcat is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat";...

GPON Home Router Detection (HTTP)

HTTP based detection of GPON Home Router. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.113169...

Apache Tomcat Multiple Vulnerabilities (Feb 2020) - Windows

Apache Tomcat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat"; if descriptio...

PHP 'CVE-2019-13224' Use-After-Free Vulnerability - Windows

PHP is prone to a use-after-free vulnerability in a used third-pary library. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Debian Security Advisory DSA 3602-1 (php5 - security update)

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.22, which includes additional bug fixes. Please refer to the upstream changelog for mor...

Ubuntu Update for openjdk-6 USN-2124-1

Check for the Version of openjdk-6 OpenVAS Vulnerability Test $Id: gbubuntuUSN21241.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for openjdk-6 USN-2124-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

Apache Axis2 <= 1.6.2 Multiple Vulnerabilities

Apache Axis2 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE = "cpe:/a:apache:axis2"; if...

HP/HPE System Management Homepage (SMH) Detection (HTTP)

HTTP based detection of HP/HPE System Management Homepage SMH. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

NTP.org 'ntpd' Multiple Vulnerabilities (Apr 2016)

NTP.org SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ntp:ntp"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.807567";...

Multiple AVM FRITZ!Box Multiple Vulnerabilities - Version Check

AVM FRITZ!Box is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:avm:fritz%21os"; ifdescription...

XAMPP WebDAV PHP Upload Vulnerability

This host is running XAMPP and prone to PHP upload vulnerability. OpenVAS Vulnerability Test $Id: gbxamppwebdavphpuploadvuln.nasl 5841 2017-04-03 12:46:41Z cfi $ XAMPP WebDAV PHP Upload Vulnerability Authors: Sooraj KS Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net...

Fedora Update for openoffice.org FEDORA-2010-9576

Check for the Version of openoffice.org OpenVAS Vulnerability Test Fedora Update for openoffice.org FEDORA-2010-9576 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

Axis Network Camera Multiple Vulnerabilities (Jun 2018)

Axis Network Cameras is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows: MSS: (AutoAdminLogon) Enable Automatic Logon

This test checks the setting for policy SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.109313";...

Microsoft Windows Multiple Vulnerabilities (KB4022722)

This host is missing a critical security update according to Microsoft KB4022722 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress 'json' User Enumeration Vulnerability

WordPress is prone to a user enumeration vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Kanboard Default Credentials (HTTP)

The remote Kanboard web interface is using known default credentials. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...

NuCom NC-WR644GACV File Download Vulnerability

NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without credentials. By downloading this file, an attacker can access the admin password, WPA key, and any config information of the device. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions...

Microsoft Windows 'WebDAV' Remote Code Execution Vulnerability (KB3197835)

This host is missing a critical security update according to Microsoft KB3197835. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for qemu FEDORA-2019-88a98ce795

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Too Long OPTIONS Parameter DoS Vulnerability

It may be possible to make the web server crash or even execute arbitrary code by sending it a too long url through the OPTIONS method. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...

Microsoft SQL (MSSQL) Server Brute Force Logins With Default Credentials (TCP/IP Listener)

The remote Microsoft SQL MSSQL Server has a common / publicly known password for one or more accounts. SPDX-FileCopyrightText: 2005 HD Moore SPDX-FileCopyrightText: New / improved code since 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...

Exim <= 4.96.2 libspf2 RCE Vulnerability (Sep 2023)

Exim is prone to a remote code execution RCE vulnerability in the used libspf2 library. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

3CX Phone System < 15.5 Update 2 Directory Traversal Vulnerability

3CX Phone System is prone to a directory traversal attack where an authenticated attacker may read arbitrary files. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Jetty < 9.4.6.20170531 Security Bypass Vulnerability - Linux

Jetty is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty"; ifdescription...

VMware vCenter Server Remote Code Execution Vulnerability (VMSA-2017-0007)

Remote code execution vulnerability via BlazeDS. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:vcenterserver";...

CentOS Update for xulrunner CESA-2012:0143 centos5

Check for the Version of xulrunner OpenVAS Vulnerability Test CentOS Update for xulrunner CESA-2012:0143 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...