MacOS X Finder reveals contents of Apache Web files

MacOS X creates a hidden file, '.FBCIndex' in each directory that has been viewed with the Finder. This file contains the content of the files present in the directory, giving an attacker information on the HTML tags, JavaScript, passwords, or any other sensitive word used inside those files...

Fedora: Security Advisory (FEDORA-2025-851644b160)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Epson Printer Detection (SNMP)

SNMP based detection of Epson printer devices. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

GaussDB Kernel: Authentication Parameters

Set login parameters for scanning GaussDB Kernel database. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

Microsoft Windows Multiple Vulnerabilities (KB4503276)

This host is missing a critical security update according to Microsoft KB4503276 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

TYPO3 Multiple Vulnerabilities (TYPO3-CORE-SA-2019-011, TYPO3-CORE-SA-2019-012, TYPO3-CORE-SA-2019-013)

TYPO3 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; if description...

OSSEC/Wazuh ossec-authd Service Detection (TCP)

TCP based detection of a OSSEC/Wazuh ossec-authd service. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PuTTY SCP Multiple Spoofing Vulnerabilities - Windows

PuTTY is prone to multiple spoofing vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:putty:putty"; ifdescription...

Apache Tomcat Open Redirect Vulnerability - Windows

When the default servlet in Apache Tomcat returned a redirect to a directory e.g. redirecting to SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Apache Struts RCE Vulnerability (S2-048) - Active Check

Apache Struts is prone to a remote code execution RCE vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Nmap NSE net: ftp-proftpd-backdoor

Tests for the presence of the ProFTPD 1.3.3c backdoor reported as OSVDB-ID 69562. This script attempts to exploit the backdoor using the innocuous 'id' command by default, but that can be changed with the 'ftp-proftpd-backdoor.cmd' script argument. SYNTAX: ftp-proftpd-backdoor.cmd: Command to...

wapiti (NASL wrapper)

This plugin uses wapiti to find web security issues. Make sure to have wapiti 2.x as wapiti 1.x is not supported. See the preferences section for wapiti options. Note that OpenVAS is using limited set of wapiti options. Therefore, for more complete web assessment, you should use standalone wapiti...

Fedora: Security Advisory for mingw-expat (FEDORA-2022-d2abd0858e)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

TestLink <= 1.9.20 Multiple Vulnerabilities

TestLink is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-1987-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Admin Columns plugin <= 3.4.6 CSV Injection Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113559";...

Microsoft Windows Multiple Vulnerabilities (KB4503279)

This host is missing a critical security update according to Microsoft KB4503279 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Apache HTTP Server < 2.4.39 mod_ssl Access Control Bypass Vulnerability - Linux

In Apache HTTP Server a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpte...

Yokogawa SMARTDAC+ STANDARD IP Address Configurator Detection (Windows SMB Login)

Detects the installed version of Yokogawa SMARTDAC+ STANDARD IP Address Configurator for Windows. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

Microsoft Windows: Store RunAs credentials (RM Service)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winrmservrunascred.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Disallow WinRM from storing RunAs credentials Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This...

Oracle Mysql Security Updates (apr2018-3678067) 04 - Windows

Oracle MySQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; ifdescription...

Juniper Networks Junos OS Multiple NTP Vulnerabilities

Junos OS is prone to multiple vulnerabilities in NTP. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if...

QNAP QTS < 4.2.4 Build 20170313 Multiple Vulnerabilities - Active Check

QNAP QTS web user interface is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts";...

Fedora Update for php-swiftmailer FEDORA-2016-b65e546846

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HTTP 1.0 Header Overflow DoS Vulnerability

It was possible to kill the web server by sending an invalid request with a too long header From, If-Modified-Since, Referer or Content-Type. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

rConfig <= 3.9.4 Multiple SQL Injection Vulnerabilities

rConfig is prone to multiple SQL injection vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

MantisBT < 2.13.2 Information Disclosure Vulnerability - Windows

MantisBT is prone to an information disclosure vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Pydio Core <= 8.2.2 Information Disclosure Vulnerability - Active Check

Pydio Core is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:pydio:pydio";...

Microsoft .NET Framework Information Disclosure Vulnerability (KB4344146)

This host is missing an important security update according to Microsoft KB4344146 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

ManageEngine ServiceDesk Plus - MSP Detection (HTTP)

HTTP based detection of ManageEngine ServiceDesk Plus - MSP. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4038781)

This host is missing a critical security update according to Microsoft KB4038781 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Yealink IP Phone Detection (SIP)

SIP based detection of Yealink IP Phones. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.106325"...

Apple Mac OS X Multiple Vulnerabilities-05 (Oct 2015)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Telnet Service Remote Code Execution Vulnerability (3020393)

This host is missing a critical security update according to Microsoft Bulletin MS15-002. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft XML Core Services Remote Code Execution Vulnerabilities (2756145)

This host is missing a critical security update according to Microsoft Bulletin MS13-002. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Visual Studio Privilege Elevation Vulnerability (2651019)

This host is missing an important security update according to Microsoft Bulletin MS12-021. OpenVAS Vulnerability Test $Id: secpodms12-021.nasl 6532 2017-07-05 07:42:05Z cfischer $ Microsoft Visual Studio Privilege Elevation Vulnerability 2651019 Authors: Sooraj KS Copyright: Copyright c 2012...

Windows Application CPE Detection (SMB Login)

SMB login-based collection of information about installed applications from a Microsoft Windows system. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Nmap NSE: RealVNC Authentication Bypass

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HP Printers XSS Vulnerability (HPSBPI03624)

Multiple HP printers are vulnerable to a cross-site scripting vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

Joomla! < 3.9.11 Mail Submission Vulnerability

Joomla! is prone to inadequate checks in comcontact which could allow mail submission in disabled forms. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Debian: Security Advisory (DSA-4452-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-4445-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Avtech IP Camera Default Credentials (HTTP)

The remote installation of Avtech SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.114064";...

Tiki Wiki CMS Groupware < 17.2 SQLi Vulnerability

Tiki Wiki CMS Groupware is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Windows Multiple Vulnerabilities (KB4462923)

This host is missing a critical security update according to Microsoft KB4462923 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Atlassian FishEye and Crucible RCE Vulnerability

Atlassian FishEye and Crucible is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Office 2016 Remote Code Execution Vulnerability (KB3213545)

This host is missing an important security update according to Microsoft KB3213545 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Samsung DVR Authentication Bypass

The remote Samsung DVR is prone to an Authentication Bypass. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows TLS/SSL Spoofing Vulnerability (977377)

This host installed with TLS/SSL protocol which is prone to Spoofing Vulnerability OpenVAS Vulnerability Test $Id: gbmstlssslspoofingvuln.nasl 5364 2017-02-20 13:26:07Z cfi $ Microsoft Windows TLS/SSL Spoofing Vulnerability 977377 Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone Network...

YaPiG Multiple Flaws

The remote web server contains a PHP application that is affected by multiple flaws. Description : The remote host is running YaPiG, a web-based image gallery written in PHP. The installed version of YaPiG is vulnerable to multiple flaws: - Remote and local file inclusion. - Cross-site scripting...