177629 matches found
Microsoft HTTP.sys RCE Vulnerability (MS15-034) - Active Check
This host is missing an important security update according to Microsoft Bulletin MS15-034. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
iProtect Server Default Credentials (SSH)
The remote iProtect server is using known default credentials. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
This host is missing a critical security update according to Microsoft Bulletin MS09-053. OpenVAS Vulnerability Test $Id: secpodms09-053.nasl 6605 2017-07-07 11:22:07Z cfischer $ Microsoft IIS FTP Service Remote Code Execution Vulnerabilities 975254 Authors: Sharath S Updated By: Madhuri D on...
HTTP negative Content-Length buffer overflow
The web server was crashed by sending an invalid POST HTTP request with a negative Content-Length field. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Options for Brute Force NVTs
This VT sets some options for the brute force / default credentials checks. - Disable brute force checks: Disables the brute force checks done by the following VTs: HTTP Brute Force Logins With Default Credentials OID: 1.3.6.1.4.1.25623.1.0.108041 SSH Brute Force Logins With Default Credentials...
Service Detection with 'GET' Request
This plugin performs service detection. SPDX-FileCopyrightText: 2005 Michel Arboi SPDX-FileCopyrightText: New detection methods / pattern / code since 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
wwwboard passwd.txt
This WWWBoard board system comes with a password file passwd.txt installed next to the file SPDX-FileCopyrightText: 1999 Jonathan Provencher Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
MikroTik RouterOS < 6.44.5 (LTS), < 6.45.1 (Stable) Multiple DoS Vulnerabilities
MikroTik RouterOS is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
phpinfo() Output Detection (HTTP)
HTTP based detection of files containing the output of the phpinfo PHP function. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows 10: Remote host allows delegation of non-exportable credentials
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winallowprotectedcredentials.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for Remote host allows delegation of non-exportable credentials Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...
SPIP 3.2.x < 3.2.18, 4.x < 4.0.10, 4.1.x < 4.1.8, 4.2.x < 4.2.1 RCE Vulnerability
SPIP is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:spip:spip";...
Western Digital My Cloud Products Detection (SNMP)
SNMP based detection of Western Digital My Cloud products. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache JServ Protocol (AJP) v1.3 Detection (TCP)
TCP based detection of services supporting the Apache JServ Protocol AJP in version 1.3. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
SSL/TLS: Report 'Anonymous' Cipher Suites
This routine reports all SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.108147";...
ICMP Timestamp Reply Information Disclosure
The remote host responded to an ICMP timestamp request. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The rlogin service is running
This remote host is running a rlogin service. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Samba RCE Vulnerability (SambaCry)
Samba is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba";...
Microsoft SQL Server Multiple Vulnerabilities (MS15-058)
Microsoft SQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Technicolor TC7200 Modem/Router Detection (SNMP)
SNMP based detection of a Technicolor TC7200 Modem/Router. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MQTT Broker Does Not Require Authentication (TCP)
The remote MQTT broker does not require authentication. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Grafana Authentication Bypass Vulnerability
Grafana is prone to an Authentication Bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
OTRS 3.3.x <= 3.3.16, 4.x <= 4.0.23, 5.x <= 5.0.19 Privilege Escalation Vulnerability
OTRS is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if description...
Microsoft Windows 10: KMS Client Online AVS Validation
This test checks the setting for policy SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.109480";...
nginx Information Disclosure Vulnerability (Jul 2017)
nginx is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nginx:nginx";...
PHP End of Life (EOL) Detection - Windows
The PHP version on the remote host has reached the end of life EOL and should not be used anymore. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Mandriva Update for php MDVSA-2010:218 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2010:218 php Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
SMB NativeLanMan
It is possible to extract OS, domain and SMB server information from the Session Setup AndX Response packet which is generated during NTLM authentication. SPDX-FileCopyrightText: 2009 LSS SPDX-FileCopyrightText: New detection methods / pattern / code since 2009 Greenbone AG Some text descriptions...
Microsoft Windows 10: Service: Xbox Accessory Management Service
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winxboxaccessorymanagement.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Xbox Accessory Management Service XboxGipSvc Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.n...
HP/HPE System Management Homepage (SMH) Multiple Remote Vulnerabilities (HPESBMU03753)
HP/HPE System Management Homepage SMH is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...
SafeNet Sentinel Protection Server and Sentinel Keys Server Directory Traversal (Apr 2014) - Active Check
SafeNet Sentinel Protection Server and Sentinel Keys Server are prone to a directory traversal vulnerability because they fail to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...
Microsoft Windows: Hardened UNC Paths
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winhardeneduncpath.nasl 11098 2018-08-23 14:32:47Z emoss $ Check value for Hardened UNC Paths Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...
Microsoft .NET Framework RCE Vulnerability (KB4457044)
This host is missing a critical security update according to Microsoft KB4457044 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SPIP 'connect' Parameter PHP Code Injection Vulnerability (Aug 2013) - Active Check
SPIP is prone to a remote PHP code injection vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:spip:spip"; if...
Unprotected OSSEC/Wazuh ossec-authd (authd Protocol)
The remote OSSEC/Wazuh ossec-authd service is not protected by password authentication or client certificate verification. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
SSH SSH-1 Protocol Authentication Bypass Vulnerability
The host is running SSH and is prone to authentication bypass vulnerability. OpenVAS Vulnerability Test $Id: gbsshauthenticationbypassvuln.nasl 7015 2017-08-28 11:51:24Z teissa $ SSH SSH-1 Protocol Authentication Bypass Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2011 Greenbone...
Apache Struts Security Update (S2-045) - Active Check
Apache Struts is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Exchange Server Multiple Vulnerabilities (KB4509409)
This host is missing an important security update according to Microsoft KB4509409. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
thttpd Buffer Overflow Vulnerability
The htpasswd implementation of thttpd is affected by a buffer overflow that can be exploited remotely to perform code execution. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Microsoft Windows SMB2 Negotiation Protocol RCE Vulnerability
This host is missing a critical security update according to Microsoft Bulletin MS09-050. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MySQL Privilege Escalation Vulnerability - Linux
MySQL is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql"; ifdescripti...
Apache Tomcat 'CORS Filter' Setting Security Bypass Vulnerability
Apache Tomcat is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat";...
Microsoft Windows Unauthorized Digital Certificates Spoofing Vulnerability (2718704)
Microsoft Windows operating system is prone to a digital certificates spoofing vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows 10: Disable pre-release features or settings
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winprereleasefeaturesettings.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for Disable pre-release features or settings Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net...
Nmap NSE net: smb-check-vulns
Checks for vulnerabilities: MS08-067, a Windows RPC vulnerability Conficker, an infection by the Conficker worm Unnamed regsvc DoS, a denial-of-service vulnerability I accidentally found in Windows 2000 SMBv2 exploit CVE-2009-3103, Microsoft Security Advisory 975497 MS06-025, a Windows Ras RPC...
Palo Alto PAN-OS Kernel Vulnerability
A vulnerability exists in the Linux kernel of PAN-OS that may result in Remote Code Execution. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
phpLiteAdmin PHP Code Injection Vulnerability
phpLiteAdmin is prone to a PHP code injection vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
HTTP Proxy Server Detection
A HTTP proxy server is running at this Host and accepts unauthenticated requests from the scanner. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
SMTP Unencrypted Cleartext Login
The remote host is running a SMTP server that allows cleartext logins over unencrypted connections. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Microsoft .NET Framework Remote Code Execution Vulnerability (3000414)
This host is missing a critical security update according to Microsoft Bulletin MS14-057. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
TightVNC <= 1.3.10 Multiple Vulnerabilities - Linux
TightVNC is prone multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...