(PVS) Signatures - Tenable Network Security

More documents

Recommendations

Info

PHP 5 < 5.2.7 Multiple Vulnerabilities PVS ID: 4779 FAMILY: Web Servers RISK: HIGH NESSUS ID:35043 Description: Synopsis : \n\nThe remote web server uses a version of PHP that is affected by multiple flaws.\n\nAccording to its banner, the version of PHP installed on the remote host is older than 5.2.7. Such versions may be affected by several security issues : \n\n - Missing initialization of 'BG(page_uid)' and 'BG(page_gid)' when PHP is used as an Apache module may allow for bypassing security restrictions due to SAPI 'php_getuid()' overloading.\n\n - Incorrect 'php_value' order for Apache configuration may allow bypassing PHP's 'safe_mode' setting.\n\n - File truncation can occur when calling 'dba_replace()' with an invalid argument.\n\n - The ZipArchive: extractTo() method in the ZipArchive extension fails to filter directory traversal sequences from file names.\n\n - There is a buffer overflow in the bundled PCRE library fixed by 7.8. (CVE-2008-2371)\n\n - A buffer overflow in the 'imageloadfont()' function in 'ext/gd/gd.c' can be triggered when a specially crafted font is given. (CVE-2008-3658)\n\n - There is a buffer overflow in PHP's internal function 'memnstr()', which is exposed to userspace as 'explode()'. (CVE-2008-3659)\n\n - When used as a FastCGI module, PHP segfaults when opening a file whose name contains two dots (eg, 'file..php'). (CVE-2008-3660)\n\n - Multiple directory traversal vulnerabilities in functions such as 'posix_access()', 'chdir()', 'ftok()' may allow a remote attacker to bypass 'safe_mode' restrictions. (CVE-2008-2665 and CVE-2008-2666).\n\n - A buffer overflow may be triggered when processing long message headers in 'php_imap.c' due to use of an obsolete API call. (CVE-2008-2829)\n\nThe reported version of PHP is: \n %L Solution: Upgrade to version 5.2.7 or higher. CVE-2008-5557 Twiki < 4.2.4 Multiple Vulnerabilities PVS ID: 4780 FAMILY: CGI RISK: HIGH NESSUS ID:Not Available Description: Synopsis : \n\nThe remote host is vulnerable to multiple attack vectors.\n\nThe remote host is running the TWiki web application. This version of TWiki is vulnerable to a content-parsing flaw. An attacker exploiting this flaw would send commands to the TWiki application within backticks. Upon being parsed, the commands would be executed on the remote server with the permissions of the web process. This version of TWiki is also vulnerable to a flaw where users can execute a cross-site scripting (XSS) attack. The reported version of TWiki is: \n %L \n Solution: Upgrade or patch according to vendor recommendations. CVE-2008-5305 Web Server Allows Download of .ini Files Passive Vulnerability Scanner (PVS) Signatures PVS ID: 4781 FAMILY: Data Leakage RISK: INFO NESSUS ID:Not Available Family Internet Services 1259
Description: The remote web server is hosting .ini files. As an example, consider the following file %P\nThe webmaster should make sure that they do not contain confidential data. Solution: N/A CVE Not available Dovecot ManageSieve Server Detection PVS ID: 4782 FAMILY: Generic RISK: INFO NESSUS ID:Not Available Description: The remote host is running the Dovecot mail server with the Dovecot ManageSieve management application. Solution: N/A CVE Not available IBM WebSphere Application Server 7.0 < Fix Pack 1 Multiple Vulnerabilities PVS ID: 4783 FAMILY: Web Servers RISK: MEDIUM NESSUS ID:35082 Description: Synopsis : \n\nThe remote application server is affected by multiple vulnerabilities.\n\nIBM WebSphere Application Server 7.0 before Fix Pack 1 appears to be running on the remote host. Such versions are reportedly affected by multiple vulnerabilities.\n\n - A vulnerability in feature pack for web services could lead to information disclosure due to 'userNameToken' (PK67282).\n\n - A user locked by the underlying OS may be able to authenticate via the administrative console (PK67909).\n\n - Web authentication options 'Authenticate when any URI is accessed' and 'Use available authentication data when an unprotected URI is accessed' are ignored. Servlets with no security constraints are not authenticated and usernames with the '@' symbol fail to authenticate (PK71826).\n\n - WS-Security in JAX-WS does not remove UsernameTokens from client cache on failed logins (PK72435).\n\n - SSL traffic is routed over unencrypted TCP routes (PK74777). The reported version is: \n %L Solution: Apply Fix Pack 1 (7.0.0.1) or higher. CVE-2008-5414 PHP < 5.2.8 magic_quotes_gpc Security Bypass Passive Vulnerability Scanner (PVS) Signatures PVS ID: 4784 FAMILY: Web Servers RISK: HIGH NESSUS ID:35067 Description: Synopsis : \n\nThe remote web server uses a version of PHP that is affected by a security bypass weakness.\n\nAccording to its banner, the version of PHP installed on the remote host is 5.2.7. This version introduced a regression with regard to 'magic_quotes' functionality due to an incorrect fix to the filter extension. As a result, the 'magic_quotes_gpc' setting remains off even if it is set to on. The reported version of PHP is: \n %L Family Internet Services 1260
Page 1 and 2:
Passive Vulnerability Scanner (PVS)
Page 3 and 4:
Page 5 and 6:
PVS PLUGIN FAMILIES COUNT FAMILY NA
Page 7 and 8:
Family Backdoors PVS ID PLUGIN NAME
Page 9 and 10:
5721 Stuxnet Traffic Detection Back
Page 11 and 12:
Family CGI PVS ID PLUGIN NAME FAMIL
Page 13 and 14:
2317 Full Revolution aspWebCalendar
Page 15 and 16:
2549 JSBoard < 2.0.10 session.php A
Page 17 and 18:
2726 PHP-Fusion < 5.0.2 setuser.php
Page 19 and 20:
2903 PhotoPost PHP Pro < 5.02 RC4 m
Page 21 and 22:
3208 HP OpenView Network Node Manag
Page 23 and 24:
3454 vBulletin < 3.5.4 HTML Injecti
Page 25 and 26:
3753 SAP Internet Transaction Serve
Page 27 and 28:
4136 paFileDB includes/search.php c
Page 29 and 30:
4549 ListManager words Parameter Cr
Page 31 and 32:
5012 MyBB < 1.4.6 Multiple Vulnerab
Page 33 and 34:
5303 Sun Java System Identity Manag
Page 35 and 36:
(PMASA-2011-2) 5798 MySQL Eventum <
Page 37 and 38:
Page 39 and 40:
4333 PostgreSQL Multiple Vulnerabil
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
5707 MaxDB User Login Detection Dat
Page 47 and 48:
Family DNS Servers PVS ID PLUGIN NA
Page 49 and 50:
5718 5803 5909 BIND 9.4-ESV < 9.4-E
Page 51 and 52:
Family FTP Servers PVS ID PLUGIN NA
Page 53 and 54:
1852 War FTP Daemon Detection FTP S
Page 55 and 56:
4930 ProFTPD Username Variable Subs
Page 57 and 58:
Page 59 and 60:
1202 Trojan/Backdoor - PhatBOT Dete
Page 61 and 62:
Page 63 and 64:
2690 CA License Service Detection G
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
3719 Proxy / Firewall Detection Gen
Page 71 and 72:
4192 Helix Server < 11.1.4 RTSP Com
Page 73 and 74:
4586 Java Remote Management Platfor
Page 75 and 76:
5163 MS09-047: Vulnerabilities in W
Page 77 and 78:
Page 79 and 80:
6130 Successful Shell Attack Detect
Page 81 and 82:
6194 Successful Shell Attack Detect
Page 83 and 84:
Family Operating System Detection P
Page 85 and 86:
3474 3475 Mac OS X Multiple Vulnera
Page 87 and 88:
6122 Windows OS Version Information
Page 89 and 90:
2438 Mercury Mail Remote IMAP Stack
Page 91 and 92:
Family Internet Messengers PVS ID P
Page 93 and 94:
2366 Gaim < 1.0.2 Multiple Vulnerab
Page 95 and 96:
4280 Trillian Version Detection 431
Page 97 and 98:
Family IRC Clients PVS ID PLUGIN NA
Page 99 and 100:
Family IRC Servers PVS ID PLUGIN NA
Page 101 and 102:
2577 BitTorrent P2P Client Detectio
Page 103 and 104:
Family POP Server PVS ID PLUGIN NAM
Page 105 and 106:
Family RPC PVS ID 1018 PLUGIN NAME
Page 107 and 108:
1073 RPC sadmind Service In Use RPC
Page 109 and 110:
5538 Microsoft Group Policy Client
Page 111 and 112:
1296 Mutt < 1.4.1 / 1.5 UTF-7 IMAP
Page 113 and 114:
1336 Elm Mail Client Detection 2145
Page 115 and 116:
3860 Cumulative Security Update for
Page 117 and 118:
5483 Mozilla Thunderbird Unsupporte
Page 119 and 120:
Family SMTP Servers PVS ID PLUGIN N
Page 121 and 122:
2039 Sendmail < 8.12.8 Double Pipe
Page 123 and 124:
3039 DoS Servers Inframail SMTP Ser
Page 125 and 126:
4268 Ipswitch IMail Client < 2006.2
Page 127 and 128:
Family SNMP Traps PVS ID PLUGIN NAM
Page 129 and 130:
1382 SNMP security Community String
Page 131 and 132:
1421 SNMP internal Community String
Page 133 and 134:
2214 Cisco IOS CEF Packet Informati
Page 135 and 136:
2300 GNU Radius < 1.2.94 SNMP Reque
Page 137 and 138:
1995 LSH < 1.5 lshd Daemon Remote O
Page 139 and 140:
Family Web Clients PVS ID PLUGIN NA
Page 141 and 142:
1766 DeskNow Web Mail Cleartext Aut
Page 143 and 144:
2399 EZ-IPupdate show_message() Rem
Page 145 and 146:
3031 Metasploit Framework Engine De
Page 147 and 148:
3411 PointOfMail Email Tracker (Cli
Page 149 and 150:
3812 Firefox < 1.5.0.8 Multiple Vul
Page 151 and 152:
4099 Windows Safari Detection 4109
Page 153 and 154:
4375 ClamAV < 0.92.1 Multiple Overf
Page 155 and 156:
4593 F-PROT Attachment Handling DoS
Page 157 and 158:
Multiple Vulnerabilities Clients 47
Page 159 and 160:
5042 QuickTime < 7.6.2 Multiple Vul
Page 161 and 162:
5217 Opera < 10.01 Multiple Vulnera
Page 163 and 164:
5516 Google Chrome < 4.1.249.1059 M
Page 165 and 166:
5657 Firefox 3.6.x < 3.6.9 Multiple
Page 167 and 168:
5783 Flash Player Unsupported Versi
Page 169 and 170:
5965 Mozilla Firefox > 4.0 and < 5.
Page 171 and 172:
6105 Opera < 11.60 Multiple Vulnera
Page 173 and 174:
6455 Real Networks RealPlayer < 14.
Page 175 and 176:
6566 Mac Outlook Client Version Det
Page 177 and 178:
6659 Red Hat Satellite Client Commu
Page 179 and 180:
Family Web Servers PVS ID PLUGIN NA
Page 181 and 182:
1459 UltraSeek < 4.0 Malformed URL
Page 183 and 184:
1498 Apache < 2.0.40 Win32 Director
Page 185 and 186:
1547 Sambar Cleartext Password Remo
Page 187 and 188:
Page 189 and 190:
1647 cgforum.cgi Multiple Vulnerabi
Page 191 and 192:
1686 ws_mail.cgi Multiple Vulnerabi
Page 193 and 194:
Vulnerabilities Servers 1726 CuteNe
Page 195 and 196:
2176 Argosoft HTTP GET Request Satu
Page 197 and 198:
2339 W-Agora Multiple Input Validat
Page 199 and 200:
2496 Hassan Shopping Cart Detection
Page 201 and 202:
2608 Apache mod_python < 3.1.4 Info
Page 203 and 204:
2835 Monkey HTTP Daemon < 0.9.1 Mul
Page 205 and 206:
3206 Squid sslConnectTimeout Functi
Page 207 and 208:
3438 Fedora DS Administration Serve
Page 209 and 210:
3758 Mercury SiteScope Server Detec
Page 211 and 212:
4070 Openfire < 3.3.1 Admin Console
Page 213 and 214:
4331 PHP < 4.4.8 Multiple Vulnerabi
Page 215 and 216:
4533 Sun Java System ASP < 4.0.3 Mu
Page 217 and 218:
Disclosure Servers 4698 lighttpd <
Page 219 and 220:
4838 Alteon ACEswitch 180e Default
Page 221 and 222:
4878 NETGEAR WG602 Firmware Version
Page 223 and 224:
4917 longshine isscfg Default Passw
Page 225 and 226:
Servers 5076 IBM WebSphere Applicat
Page 227 and 228:
5283 5284 Adobe Flash Media Server
Page 229 and 230:
5782 OpenSSL < 0.9.8r / 1.0.0d OCSP
Page 231 and 232:
6331 Apache Tomcat 5.5.x < 5.5.35 H
Page 233 and 234:
Family Abuse PVS ID PLUGIN NAME FAM
Page 235 and 236:
3400 Nmap Scanner Detection Policy
Page 237 and 238:
Page 239 and 240:
6379 Facebook Game - Wooga Magic La
Page 241 and 242:
Page 243 and 244:
3871 Detection of .zip File Email A
Page 245 and 246:
4034 .pdf File Upload Detection 403
Page 247 and 248:
4672 Possible User ID and Password
Page 249 and 250:
6035 '.dll' File Download Detection
Page 251 and 252:
6265 6266 6267 6268 6269 Schweitzer
Page 253 and 254:
6597 IEC 60870-5-104 server detecti
Page 255 and 256:
5889 Apple iPhone/iPad OS 4.2.5 / 4
Page 257 and 258:
Family Internet Services PVS ID PLU
Page 259 and 260:
5959 LinkedIn Message Creation Dete
Page 261 and 262:
6564 Ustream mobile Android app det
Page 263 and 264:
Description: Synopsis :\n\nThe remo
Page 265 and 266:
ISC BIND < 8.3.4 Multiple Remote Vu
Page 267 and 268:
RPC rstatd Service In Use PVS ID: 1
Page 269 and 270:
PVS ID: 1029 FAMILY: RPC RISK: INFO
Page 271 and 272:
Description: The remote host is run
Page 273 and 274:
Page 275 and 276:
Page 277 and 278:
Page 279 and 280:
Page 281 and 282:
Page 283 and 284:
Microsoft Outlook Express IMAP Clie
Page 285 and 286:
PVS ID: 1104 FAMILY: Web Servers RI
Page 287 and 288:
PVS ID: 1112 FAMILY: Database RISK:
Page 289 and 290:
Description: The remote host respon
Page 291 and 292:
Page 293 and 294:
CVE-2003-0963 Symantec Antivirus Li
Page 295 and 296:
RADIUS Server Failed Login Detectio
Page 297 and 298:
PVS ID: 1153 FAMILY: Generic RISK:
Page 299 and 300:
Page 301 and 302:
Finjan SurfinGate Proxy FHTTP Comma
Page 303 and 304:
CVE-2004-0341 Zebra Routing Softwar
Page 305 and 306:
Policy - iroffer Software Detection
Page 307 and 308:
Page 309 and 310:
Solution: If not required, disable
Page 311 and 312:
Page 313 and 314:
Page 315 and 316:
Description: The H323 protocol is u
Page 317 and 318:
Policy - BARGAINBUDDY Software Dete
Page 319 and 320:
Solution: Upgrade to Mozilla 1.7 or
Page 321 and 322:
Solution: Upgrade to the latest ver
Page 323 and 324:
Page 325 and 326:
Page 327 and 328:
Page 329 and 330:
Page 331 and 332:
Page 333 and 334:
CVE-2000-0874 Microsoft Outlook and
Page 335 and 336:
Mutt < 1.4.1 / 1.5 Address Handling
Page 337 and 338:
Page 339 and 340:
Page 341 and 342:
Solution: Upgrade to the latest ver
Page 343 and 344:
Page 345 and 346:
PVS ID: 1331 FAMILY: SMTP Clients R
Page 347 and 348:
Page 349 and 350:
CVE Not available SNMP ilmi Communi
Page 351 and 352:
PVS ID: 1355 FAMILY: SNMP Traps RIS
Page 353 and 354:
Page 355 and 356:
Solution: This signature was obtain
Page 357 and 358:
string is easily guessed and should
Page 359 and 360:
CVE Not available SNMP rmon Communi
Page 361 and 362:
PVS ID: 1391 FAMILY: SNMP Traps RIS
Page 363 and 364:
Page 365 and 366:
Solution: This signature was obtain
Page 367 and 368:
string is easily guessed and should
Page 369 and 370:
CVE Not available SNMP internal Com
Page 371 and 372:
Page 373 and 374:
Description: The remote host is a w
Page 375 and 376:
Page 377 and 378:
Page 379 and 380:
Page 381 and 382:
Page 383 and 384:
CGI was not tested for. Solution: R
Page 385 and 386:
Page 387 and 388:
Page 389 and 390:
Solution: Upgrade to version 1.47 o
Page 391 and 392:
Domino < 5.0.7 NSF File Request Dir
Page 393 and 394:
Description: The remote Apache serv
Page 395 and 396:
Description: The remote web server
Page 397 and 398:
Description: The remote host is usi
Page 399 and 400:
Page 401 and 402:
Solution: Upgrade to YaBB SE 1.5.2
Page 403 and 404:
CVE Not available BadBlue < 2.2 Uns
Page 405 and 406:
PVS ID: 1562 FAMILY: CGI RISK: MEDI
Page 407 and 408:
Page 409 and 410:
Sambar testcgi.exe Default CGI Disc
Page 411 and 412:
Page 413 and 414:
CVE-2001-1372 Phorum < 3.4.3 Messag
Page 415 and 416:
Page 417 and 418:
Page 419 and 420:
Page 421 and 422:
Page 423 and 424:
Page 425 and 426:
Description: The cvslog.cgi script
Page 427 and 428:
Solution: Upgrade or patch accordin
Page 429 and 430:
mailfile.cgi Multiple Vulnerabiliti
Page 431 and 432:
Description: The sendmessage.cgi sc
Page 433 and 434:
Solution: If not required, disable
Page 435 and 436:
Solution: No solution is known at t
Page 437 and 438:
CVE-1999-0737 Microsoft IIS viewcod
Page 439 and 440:
Page 441 and 442:
RISK: MEDIUM Description: The remot
Page 443 and 444:
Page 445 and 446:
CVE-2002-1405 Lynx < 2.8.5 dev 6 Sy
Page 447 and 448:
CVE-2002-1565 Curl < 7.4.1 Long Err
Page 449 and 450:
Page 451 and 452:
CVE-2002-2338 Mozilla < 1.0.1 Plugi
Page 453 and 454:
Mozilla Web Client Detection PVS ID
Page 455 and 456:
RealNetwork RealPlayer Unspecified
Page 457 and 458:
CVE-2000-0320 qpopper < 4.0 PASS Co
Page 459 and 460:
Description: The remote qpopper ser
Page 461 and 462:
Solution: Upgrade to Xtramail versi
Page 463 and 464:
WU-FTPD < 2.6.1 "SITE EXEC" Command
Page 465 and 466:
Description: The remote FTP server
Page 467 and 468:
CVE Not available Platinum FTP serv
Page 469 and 470:
Page 471 and 472:
Page 473 and 474:
Description: The remote host is a W
Page 475 and 476:
BitchX IRC Clent DNS Response Remot
Page 477 and 478:
Page 479 and 480:
Trillian IRC Raw Message DoS PVS ID
Page 481 and 482:
Page 483 and 484:
Page 485 and 486:
Page 487 and 488:
CVE-2003-0015 MySQL < 3.23.56 Local
Page 489 and 490:
Solution: Upgrade to MySQL 3.23.55
Page 491 and 492:
Page 493 and 494:
to obtain sensitive information. So
Page 495 and 496:
CVE Not available Generic Shell Det
Page 497 and 498:
Solution: Ensure that the remote sh
Page 499 and 500:
Page 501 and 502:
Page 503 and 504:
Page 505 and 506:
and eventually get access to this h
Page 507 and 508:
Page 509 and 510:
PVS ID: 1982 FAMILY: SSH RISK: LOW
Page 511 and 512:
PVS ID: 1989 FAMILY: SSH RISK: HIGH
Page 513 and 514:
Description: Synopsis : \n\nThe rem
Page 515 and 516:
commands via a web query. Successfu
Page 517 and 518:
delete e-mails. Solution: Upgrade t
Page 519 and 520:
Page 521 and 522:
Page 523 and 524:
Page 525 and 526:
Page 527 and 528:
Description: A Bearshare node was d
Page 529 and 530:
MyNapster Detection CVE Not availab
Page 531 and 532:
CVE Not available Sympa < 4.1.3 Lis
Page 533 and 534:
thttpd CGI Test Script XSS PVS ID:
Page 535 and 536:
libNSS Hello Challenge Remote Heap
Page 537 and 538:
CVE-2001-1230 Icecast < 1.3.10 Mult
Page 539 and 540:
Page 541 and 542:
RISK: MEDIUM Description: Synopsis
Page 543 and 544:
Page 545 and 546:
Solution: Upgrade to Hastymail 1.0.
Page 547 and 548:
Page 549 and 550:
Page 551 and 552:
Page 553 and 554:
Cisco IOS ACL Bypass (Bug ID CSCdi3
Page 555 and 556:
Solution: http://www.cisco.com/warp
Page 557 and 558:
CVE-2002-1095 Cisco VPN Concentrato
Page 559 and 560:
Cisco VPN Concentrator Service Bann
Page 561 and 562:
Page 563 and 564:
Cisco VPN Concentrator ACL Bypass /
Page 565 and 566:
CVE-2002-1102 Cisco Multiple DoS (B
Page 567 and 568:
concentrator. The vulnerability is
Page 569 and 570:
Solution: Upgrade to version 2.0.51
Page 571 and 572:
een reported to be prone to a cross
Page 573 and 574:
Page 575 and 576:
Solution: http://docs.info.apple.co
Page 577 and 578:
with interactive access to the host
Page 579 and 580:
Page 581 and 582:
Page 583 and 584:
Page 585 and 586:
PVS ID: 2310 FAMILY: IMAP Servers R
Page 587 and 588:
PVS ID: 2317 FAMILY: CGI RISK: HIGH
Page 589 and 590:
Page 591 and 592:
CVE-2004-1558 Intellipeer User Acco
Page 593 and 594:
CVE-2004-0815 W-Agora Multiple Inpu
Page 595 and 596:
CVE-2004-2225 BugPort < 1.134 Remot
Page 597 and 598:
attacker can potentially read confi
Page 599 and 600:
Solution: http://www.microsoft.com/
Page 601 and 602:
Page 603 and 604:
Page 605 and 606:
PVS ID: 2380 FAMILY: Web Clients RI
Page 607 and 608:
Page 609 and 610:
Page 611 and 612:
Page 613 and 614:
Ipswitch IMail Server < 8.14.0 Dele
Page 615 and 616:
Page 617 and 618:
CVE-2004-2630 Invision PowerBoard <
Page 619 and 620:
Page 621 and 622:
CVE-2004-2501 WS_FTP Server < 5.04
Page 623 and 624:
CVE Not available Make Love Not Spa
Page 625 and 626:
OpenText FirstClass HTTP Daemon Sea
Page 627 and 628:
PHPGroupWare Multiple XSS and SQL I
Page 629 and 630:
Page 631 and 632:
Page 633 and 634:
Page 635 and 636:
database. Solution: No solution is
Page 637 and 638:
Solution: Use ACLs to protect the G
Page 639 and 640:
Gallery Configuration Mode Authenti
Page 641 and 642:
Description: The remote server is r
Page 643 and 644:
CVE Not available MikroTik Router D
Page 645 and 646:
Page 647 and 648:
Page 649 and 650:
Page 651 and 652:
Tor Tunnel Detection PVS ID: 2543 F
Page 653 and 654:
Page 655 and 656:
Page 657 and 658:
MRTG Web Application Detection PVS
Page 659 and 660:
Alt-N WebAdmin < 3.0.3 Multiple Rem
Page 661 and 662:
Page 663 and 664:
Page 665 and 666:
Solution: Upgarde or patch accordin
Page 667 and 668:
Microsoft Media Player Version Dete
Page 669 and 670:
Page 671 and 672:
Page 673 and 674:
services, and more.\nIn addition, a
Page 675 and 676:
Page 677 and 678:
initiate an SFTP connection to a ma
Page 679 and 680:
een discovered with this version of
Page 681 and 682:
punBB < 1.2.2 Multiple SQL Injectio
Page 683 and 684:
Page 685 and 686:
equest.\nSuccessful exploitation ma
Page 687 and 688:
not exist, then the server may cras
Page 689 and 690:
Page 691 and 692:
Page 693 and 694:
Description: The remote client is r
Page 695 and 696:
MySQL Multiple Vulnerabilities PVS
Page 697 and 698:
Page 699 and 700:
Dell Remote Access Controller Detec
Page 701 and 702:
punBB < 1.2.5 Multiple SQL Injectio
Page 703 and 704:
Page 705 and 706:
Page 707 and 708:
Solution: Ensure that TeamSpeak and
Page 709 and 710:
Page 711 and 712:
phpSysInfo < 2.5 Multiple Script XS
Page 713 and 714:
CVE Not available Windows XP SP1 De
Page 715 and 716:
Solution: Upgrade to version 5.0.3.
Page 717 and 718:
phpMyDirectory < 10.1.6 review.php
Page 719 and 720:
malicious email. Successful exploit
Page 721 and 722:
Page 723 and 724:
Solution: Upgrade to Pavuk 0.9.32 o
Page 725 and 726:
SurgeFTP < 2.2m2 LEAK Command Remot
Page 727 and 728:
CVE-2005-1700 Citrix MetaFrame Serv
Page 729 and 730:
Hydrogen Server Detection PVS ID: 2
Page 731 and 732:
user to browse to a malicious URI.
Page 733 and 734:
Page 735 and 736:
Xerox Document Centre Multiple Remo
Page 737 and 738:
Page 739 and 740:
Page 741 and 742:
Page 743 and 744:
Page 745 and 746:
Lotus Domino Server Web Service NRP
Page 747 and 748:
users:\ndex_init()\nsnb_en_init()\n
Page 749 and 750:
CVE-2006-1705 Software602 602Pro LA
Page 751 and 752:
Page 753 and 754:
CVE-2005-1009 Woppoware Postmaster
Page 755 and 756:
Solution: Upgrade to version 9.0.0.
Page 757 and 758:
Page 759 and 760:
Description: The remote server is a
Page 761 and 762:
Solution: Ensure that you are using
Page 763 and 764:
Page 765 and 766:
Page 767 and 768:
Page 769 and 770:
Page 771 and 772:
NNTP server fails. Successful explo
Page 773 and 774:
Page 775 and 776:
Page 777 and 778:
network usage. CVE Not available UB
Page 779 and 780:
Page 781 and 782:
Page 783 and 784:
Lotus Notes < 6.5.5 Web Mail Attach
Page 785 and 786:
Page 787 and 788:
Page 789 and 790:
Page 791 and 792:
SSH IPSEC Express 3.0.0 VPN Detecti
Page 793 and 794:
Page 795 and 796:
queries, possibly revealing sensiti
Page 797 and 798:
Solution: Enable PHP's 'magic_quote
Page 799 and 800:
Solution: Manually inspect the mach
Page 801 and 802:
PVS ID: 3123 FAMILY: IRC Clients RI
Page 803 and 804:
for\nsending spam\nrunning Denial o
Page 805 and 806:
Page 807 and 808:
PVS ID: 3139 FAMILY: IRC Servers RI
Page 809 and 810:
Denial of Service (DoS) attacks aga
Page 811 and 812:
Page 813 and 814:
Page 815 and 816:
Page 817 and 818:
Page 819 and 820:
connect securely and do not introdu
Page 821 and 822:
Page 823 and 824:
Description: An Informix telnet ser
Page 825 and 826:
is vulnerable to a remote buffer ov
Page 827 and 828:
parse user-supplied requests. Succe
Page 829 and 830:
Page 831 and 832:
exploitation would result in the re
Page 833 and 834:
Page 835 and 836:
exploit this issue to read arbitrar
Page 837 and 838:
attacker exploiting this flaw would
Page 839 and 840:
Page 841 and 842:
Page 843 and 844:
Page 845 and 846:
Page 847 and 848:
Page 849 and 850:
Computer Associates Message Queuing
Page 851 and 852:
Page 853 and 854:
Page 855 and 856:
Page 857 and 858:
Solution: Ensure that this applicat
Page 859 and 860:
Page 861 and 862:
CVE-2005-4194 Sights 'N Sounds Medi
Page 863 and 864:
Page 865 and 866:
would send a malformed HTTP query t
Page 867 and 868:
Page 869 and 870:
Page 871 and 872:
Page 873 and 874:
this issue, an unauthenticated remo
Page 875 and 876:
Page 877 and 878:
PVS ID: 3400 FAMILY: Policy RISK: I
Page 879 and 880:
DidTheyReadIt Email Tracker (Client
Page 881 and 882:
Page 883 and 884:
Page 885 and 886:
Page 887 and 888:
web server. Solution: Upgrade to ve
Page 889 and 890:
Page 891 and 892:
Page 893 and 894:
Page 895 and 896:
script. Successful exploitation may
Page 897 and 898:
Page 899 and 900:
the attacker. An attacker exploitin
Page 901 and 902:
CVE-2006-1338 MailEnable Multiple P
Page 903 and 904:
CVE-2006-1485 Horde < 3.1.1 Help Vi
Page 905 and 906:
CVE Not available Internet Explorer
Page 907 and 908:
Page 909 and 910:
code on the remote host. The versio
Page 911 and 912:
MyBB < 1.1.1 Multiple Script Variab
Page 913 and 914:
Page 915 and 916:
PVS ID: 3532 FAMILY: FTP Servers RI
Page 917 and 918:
COTP Server Detection (SCADA) PVS I
Page 919 and 920:
Page 921 and 922:
Solution: Ensure that the VPN is ac
Page 923 and 924:
Page 925 and 926:
StrongSwan 2.2.2 VPN Detection PVS
Page 927 and 928:
Page 929 and 930:
Page 931 and 932:
Netscreen VPN Detection PVS ID: 360
Page 933 and 934:
Page 935 and 936:
Description: Synopsis :\n\nIt is po
Page 937 and 938:
send a specially formed query to th
Page 939 and 940:
other files. Successful exploitatio
Page 941 and 942:
Firefox < 1.5.0.4 Multiple Vulnerab
Page 943 and 944:
Page 945 and 946:
Page 947 and 948:
Page 949 and 950:
CVE-2006-3331 MyBB < 1.1.4 SQL Inje
Page 951 and 952:
CVE-2006-3275 MailEnable SMTP Servi
Page 953 and 954:
CVE Not available Geeklog FCKeditor
Page 955 and 956:
Solution: Ensure that this applicat
Page 957 and 958:
Page 959 and 960:
Page 961 and 962:
Solution: Restrict recursive querie
Page 963 and 964:
Proxy / Firewall Detection PVS ID:
Page 965 and 966:
Page 967 and 968:
PHP < 4.4.4 / 5.1.4 Multiple Vulner
Page 969 and 970:
Page 971 and 972:
Description: The remote Windows hos
Page 973 and 974:
Page 975 and 976:
Sun Secure Global Desktop / Tarante
Page 977 and 978:
CVE Not available Asterisk VoIP Ser
Page 979 and 980:
Solution: Ensure that there are pol
Page 981 and 982:
CVE Not available Encryption Privat
Page 983 and 984:
Description: The remote client is a
Page 985 and 986:
CVE-2006-4819 Cerberus Helpdesk rpc
Page 987 and 988:
Page 989 and 990:
Description: Synopsis :\n\nA web br
Page 991 and 992:
Page 993 and 994:
Page 995 and 996:
CVE Not available Xerox WorkCentre
Page 997 and 998:
Description: Synopsis :\n\nThe anti
Page 999 and 1000:
Page 1001 and 1002:
CVE Not available PHP < 4.4.5 / 5.2
Page 1003 and 1004:
CVE Not available LogMeIn Listening
Page 1005 and 1006:
Description: The remote host was ju
Page 1007 and 1008:
Page 1009 and 1010:
Socks 5 Proxy Detection PVS ID: 388
Page 1011 and 1012:
Trend Micro InterScan VirusWall Ver
Page 1013 and 1014:
Geeklog < CVE Not available PVS ID:
Page 1015 and 1016:
Page 1017 and 1018:
SQLiX SQL Injection Tool Detection
Page 1019 and 1020:
Page 1021 and 1022:
using it in a database query. An un
Page 1023 and 1024:
Ipswitch IMail Server < 2006.2 Mult
Page 1025 and 1026:
Description: The remote host was ju
Page 1027 and 1028:
Page 1029 and 1030:
Solution: Ensure that such scanning
Page 1031 and 1032:
Page 1033 and 1034:
Page 1035 and 1036:
Tivoli Client Detection PVS ID: 397
Page 1037 and 1038:
Page 1039 and 1040:
Page 1041 and 1042:
Page 1043 and 1044:
Page 1045 and 1046:
Page 1047 and 1048:
Solution: N/A CVE Not available .wa
Page 1049 and 1050:
CVE Not available .ost File Upload
Page 1051 and 1052:
Page 1053 and 1054:
Solution: N/A of distributing infor
Page 1055 and 1056:
Solution: N/A CVE Not available FTP
Page 1057 and 1058:
CVE Not available FTP Server Zipped
Page 1059 and 1060:
PVS ID: 4068 FAMILY: Data Leakage R
Page 1061 and 1062:
CVE-2007-2650 BASE < 1.3.8 Redirect
Page 1063 and 1064:
CVE Not available GHOST UDP Network
Page 1065 and 1066:
CVE-2007-2227 Windows Vista Operati
Page 1067 and 1068:
Windows Safari Detection PVS ID: 40
Page 1069 and 1070:
Solution: N/A CVE Not available cPa
Page 1071 and 1072:
unauthenticated attacker can exploi
Page 1073 and 1074:
Page 1075 and 1076:
Description: The remote server is f
Page 1077 and 1078:
Page 1079 and 1080:
malformed torrent file. Successful
Page 1081 and 1082:
Page 1083 and 1084:
Solution: Ensure that such usage is
Page 1085 and 1086:
Description: The remote client is u
Page 1087 and 1088:
Description: Synopsis :\n\nArbitrar
Page 1089 and 1090:
Page 1091 and 1092:
Lotus Notes < 7.0.2 ntmulti.exe Loc
Page 1093 and 1094:
CVE Not available Netopia Timbuktu
Page 1095 and 1096:
EnterpriseDB Advanced Server < 8.2.
Page 1097 and 1098:
CVE-2007-4646 Samba < 3.0.26 idmap_
Page 1099 and 1100:
Page 1101 and 1102:
OpenSSL < 0.9.8f Multiple Vulnerabi
Page 1103 and 1104:
Description: The remote host appear
Page 1105 and 1106:
Solution: Microsoft has released a
Page 1107 and 1108:
Page 1109 and 1110:
Page 1111 and 1112:
Page 1113 and 1114:
Description: The remote host is a C
Page 1115 and 1116:
WebSphere UDDI Console Multiple Vul
Page 1117 and 1118:
CVE Not available PHP < 5.2.5 Multi
Page 1119 and 1120:
CVE Not available VMWare Server Pla
Page 1121 and 1122:
Description: The remote server is r
Page 1123 and 1124:
Page 1125 and 1126:
Page 1127 and 1128:
Page 1129 and 1130:
Page 1131 and 1132:
Page 1133 and 1134:
Page 1135 and 1136:
Page 1137 and 1138:
Page 1139 and 1140:
Page 1141 and 1142:
CVE-2008-0234 WordPress < 2.3.3 XML
Page 1143 and 1144:
Page 1145 and 1146:
PVS ID: 4377 FAMILY: CGI RISK: INFO
Page 1147 and 1148:
Apache < 2.2.8 Multiple Vulnerabili
Page 1149 and 1150:
Page 1151 and 1152:
ListManager < 9.3b / 9.2c / 8.95d M
Page 1153 and 1154:
Solution: Upgrade to version 6 buil
Page 1155 and 1156:
Page 1157 and 1158:
French administration in 2002 and t
Page 1159 and 1160:
Page 1161 and 1162:
Page 1163 and 1164:
Page 1165 and 1166:
CVE Not available GnuPG < 1.4.9 / 2
Page 1167 and 1168:
code execution (CVE-2008-1019, CVE-
Page 1169 and 1170:
Page 1171 and 1172:
CVE-2008-1024 Firefox < 2.0.0.14 Ja
Page 1173 and 1174:
PVS ID: 4480 FAMILY: Backdoors RISK
Page 1175 and 1176:
Page 1177 and 1178:
Page 1179 and 1180:
Solution: Microsoft has released a
Page 1181 and 1182:
oot directory. An attacker, exploit
Page 1183 and 1184:
Lotus Domino < 8.0.1 / 7.0.3 FP1 Mu
Page 1185 and 1186:
Mac OS X < 10.5.3 CVE-2008-1105 PVS
Page 1187 and 1188:
Page 1189 and 1190:
arbitrary code execution (CVE-2008-
Page 1191 and 1192:
Page 1193 and 1194:
CVE Not available Sun Java Calendar
Page 1195 and 1196:
Page 1197 and 1198:
same-origin policy could allow for
Page 1199 and 1200:
Page 1201 and 1202:
Page 1203 and 1204:
Page 1205 and 1206:
Page 1207 and 1208:
EMC Retrospect Server Detection PVS
Page 1209 and 1210:
Page 1211 and 1212: Description: Synopsis : \n\nThe rem
Page 1213 and 1214: Novell iManager < 2.7 SP1 Property
Page 1215 and 1216: Solution: Apply patch PHNE_38458 or
Page 1217 and 1218: Attachmate Reflection for Secure IT
Page 1219 and 1220: Stored Procedures' for Visual Studi
Page 1221 and 1222: CVE-2008-6976 Google Chrome Version
Page 1223 and 1224: CVE-2008-3629 MySQL Empty Binary St
Page 1225 and 1226: Ensure that such information is not
Page 1227 and 1228: Description: The remote web server
Page 1229 and 1230: Description: The remote web client
Page 1231 and 1232: Description: Synopsis :\n\nThe remo
Page 1233 and 1234: Solution: Apply Fix Pack 19 (6.1.0.
Page 1235 and 1236: CVE-2008-4068 Firefox < 2.0.0.17 Mu
Page 1237 and 1238: CVE-2008-4070 MailMarshal < 6.4 Spa
Page 1241 and 1242: Solution: Ensure that there is code
Page 1243 and 1244: Description: A DHCP client is runni
Page 1245 and 1246: IBM WebSphere Application Server <
Page 1247 and 1248: Solution: Upgrade to a newer versio
Page 1249 and 1250: PVS ID: 4741 FAMILY: Web Clients RI
Page 1253 and 1254: place a lock on a non-native object
Page 1255 and 1256: Description: The remote host is a M
Page 1257 and 1258: 2008-56)\n - There is an error in t
Page 1259 and 1260: PVS ID: 4769 FAMILY: Web Servers RI
Page 1261: of WordPress is: \n %L Solution: Up
Page 1265 and 1266: version of ClamAV is: \n %L Solutio
Page 1267 and 1268: Solution: Upgrade to version 2.0.0.
Page 1269 and 1270: 'calendarEdit.php' script before us
Page 1271 and 1272: CVE-2004-2761 SSL Certificate Signe
Page 1273 and 1274: Solution: Ensure that such usage is
Page 1275 and 1276: CVE-2009-0241 QuickTime < 7.6 Multi
Page 1281 and 1282: PVS ID: 4840 FAMILY: Web Servers RI
Page 1301 and 1302: CVE-2008-5911 Google Chrome < 1.0.1
Page 1303 and 1304: RISK: MEDIUM Description: Synopsis
Page 1305 and 1306: Solution: Ensure that such services
Page 1307 and 1308: PVS ID: 4938 FAMILY: CGI RISK: INFO
Page 1309 and 1310: the context of a different domain.
Page 1311 and 1312: PVS ID: 4952 FAMILY: FTP Servers RI
Page 1313 and 1314:
Page 1315 and 1316:
CVE-2009-0776 Umbraco Version Detec
Page 1317 and 1318:
Description: The remote host is a S
Page 1319 and 1320:
Page 1321 and 1322:
Page 1323 and 1324:
Page 1325 and 1326:
the ability to embed third-party st
Page 1327 and 1328:
Page 1329 and 1330:
Solution: Upgrade to ESET update 40
Page 1331 and 1332:
Solution: The vendor has released v
Page 1333 and 1334:
Page 1335 and 1336:
Solution: When available, upgrade t
Page 1337 and 1338:
Page 1339 and 1340:
host subject to the privileges of t
Page 1341 and 1342:
Microsoft SharePoint Detection PVS
Page 1343 and 1344:
Page 1345 and 1346:
Description: Based on the software
Page 1347 and 1348:
Description: The remote host is an
Page 1349 and 1350:
vulnerabilities : \n\n - The admini
Page 1351 and 1352:
CVE-2009-2121 Last Seen FTP Client
Page 1353 and 1354:
Page 1355 and 1356:
Solution: Upgrade to Bugzilla 3.2.4
Page 1357 and 1358:
to crash the browser or potentially
Page 1359 and 1360:
Page 1361 and 1362:
Page 1363 and 1364:
Authenticated attackers can exploit
Page 1365 and 1366:
Page 1367 and 1368:
documents which may allow an attack
Page 1369 and 1370:
Typically such an attack would resu
Page 1371 and 1372:
Solution: Upgrade to OpenOffice ver
Page 1373 and 1374:
Solution: Upgrade to SeaMonkey 1.1.
Page 1375 and 1376:
to create a URL which contains look
Page 1377 and 1378:
user into opening a specially craft
Page 1379 and 1380:
CVE-2009-3231 Horde < 3.3.4 / 3.3.5
Page 1381 and 1382:
Solution: Upgrade to RT 3.6.9 / 3.8
Page 1383 and 1384:
CVE-2009-3106 Ability Mail Server <
Page 1385 and 1386:
Page 1387 and 1388:
Page 1389 and 1390:
Page 1391 and 1392:
Page 1393 and 1394:
Page 1395 and 1396:
.NET application to modify memory o
Page 1397 and 1398:
CVE-2009-3862 Mac OS X 10.6 < 10.6.
Page 1399 and 1400:
Page 1401 and 1402:
Page 1403 and 1404:
IBM Solid Database < 6.30.0.37 Remo
Page 1405 and 1406:
Solution: Upgrade to eDirectory 8.8
Page 1407 and 1408:
Multiple SQL-injection vulnerabilit
Page 1409 and 1410:
Multiple vulnerabilities in 'libogg
Page 1411 and 1412:
Solution: Upgrade to Zabbix 1.6.7 o
Page 1413 and 1414:
CVE Not available Synapse Client De
Page 1415 and 1416:
Solution: Upgrade to Adobe Flash Me
Page 1417 and 1418:
Page 1419 and 1420:
user-supplied input to the 'p_p_id'
Page 1421 and 1422:
Page 1423 and 1424:
CVE Not available strongSwan 4.0.2
Page 1425 and 1426:
Page 1427 and 1428:
Page 1429 and 1430:
unspecified error allows XMLHttpReq
Page 1431 and 1432:
Page 1433 and 1434:
Solution: Upgrade to OpenOffice ver
Page 1435 and 1436:
Page 1437 and 1438:
CVE Not available Client ZIP Downlo
Page 1439 and 1440:
Page 1441 and 1442:
PVS ID: 5363 FAMILY: CGI RISK: INFO
Page 1443 and 1444:
DB2 Suspicious Command Detection PV
Page 1445 and 1446:
Description: The remote DB2 client
Page 1447 and 1448:
Solution: N/A CVE Not available Mic
Page 1449 and 1450:
Microsoft SQL Server Suspicious Com
Page 1451 and 1452:
Description: The remote MySQL clien
Page 1453 and 1454:
Solution: N/A CVE Not available MyS
Page 1455 and 1456:
Page 1457 and 1458:
CVE Not available Oracle Server Sus
Page 1459 and 1460:
Sybase ASE Server Suspicious Comman
Page 1461 and 1462:
Description: The remote Sybase ASE
Page 1463 and 1464:
Solution: N/A CVE Not available Syb
Page 1465 and 1466:
Sybase SQL Anywhere Server Suspicio
Page 1467 and 1468:
2.0.0.x\n\n - 1.5.0.x\n\n - 1.0.x\n
Page 1469 and 1470:
CVE Not available OpenSSL < 0.9.8n
Page 1471 and 1472:
CVE-2010-1795 QuickTime < 7.6.6 Mul
Page 1473 and 1474:
Page 1475 and 1476:
the observed version of ViewVC is:
Page 1477 and 1478:
Description: The remote client is a
Page 1479 and 1480:
CVE-2010-0393 MyBB < 1.4.12 Multipl
Page 1481 and 1482:
CVE Not available Zabbix 1.8.x < 1.
Page 1483 and 1484:
Microsoft Media Server Version Dete
Page 1485 and 1486:
Page 1487 and 1488:
a malicious website. Successful exp
Page 1489 and 1490:
CVE-2010-1975 MySQL Community Serve
Page 1491 and 1492:
CVE Not available Apache Axis2 < 1.
Page 1493 and 1494:
CVE Not available Kerio MailServer
Page 1495 and 1496:
memory access issue exists in WebKi
Page 1497 and 1498:
Page 1499 and 1500:
filter may allow registered users t
Page 1501 and 1502:
CVE-2010-1203 SeaMonkey < 2.0.5 Mul
Page 1503 and 1504:
MySQL Community Server < 5.1.47 / 5
Page 1505 and 1506:
Page 1507 and 1508:
Solution: Upgrade to IBM SolidDB 6.
Page 1509 and 1510:
'NodeIterator' implementation could
Page 1511 and 1512:
SeaMonkey 2.0.x < 2.0.6 Multiple Vu
Page 1513 and 1514:
(CVE-2010-2068) Solution: Either en
Page 1515 and 1516:
Page 1517 and 1518:
Page 1519 and 1520:
Page 1521 and 1522:
Page 1523 and 1524:
EXPLAIN with specially crafted quer
Page 1525 and 1526:
in the application's current workin
Page 1527 and 1528:
e executed within the context of th
Page 1529 and 1530:
code used to normalize a document c
Page 1531 and 1532:
Page 1533 and 1534:
Page 1535 and 1536:
CVE Not available Mantis 1.2.x < 1.
Page 1537 and 1538:
CVE-2010-4042 Mozilla Firefox 3.5.x
Page 1539 and 1540:
the SSL certificate was created wit
Page 1541 and 1542:
Solution: Upgrade to Firefox 3.5.15
Page 1543 and 1544:
Page 1545 and 1546:
Solution: Upgrade to SmartFTP 4.0.1
Page 1547 and 1548:
memory corruption vulnerability in
Page 1549 and 1550:
Page 1551 and 1552:
possible to downgrade the ciphersui
Page 1553 and 1554:
than 5.601 are potentially affected
Page 1555 and 1556:
code execution. (MFSA 2010-74)\n\n
Page 1557 and 1558:
affected by multiple vulnerabilitie
Page 1559 and 1560:
Page 1561 and 1562:
statically-sized arrays on the heap
Page 1563 and 1564:
PVS ID: 5752 FAMILY: SMTP Servers R
Page 1565 and 1566:
affects Google Chrome on Mac OS. (4
Page 1567 and 1568:
Description: the remote host is run
Page 1569 and 1570:
Description: the remote host is run
Page 1571 and 1572:
Page 1573 and 1574:
CVE-2011-0013 Apache Tomcat 6.0.x <
Page 1575 and 1576:
and 'libclamav/sis.c'. (Report from
Page 1577 and 1578:
CVE-2011-1147 BIND 9.7.1-9.7.2-P3 I
Page 1579 and 1580:
2011-04)\n\n - A buffer overflow vu
Page 1581 and 1582:
Page 1583 and 1584:
CVE Not available Google Chrome < 1
Page 1585 and 1586:
'precision' is set to a large value
Page 1587 and 1588:
Description: The remote client sent
Page 1589 and 1590:
Page 1591 and 1592:
for several prominent public websit
Page 1593 and 1594:
Page 1595 and 1596:
Page 1597 and 1598:
Description: The remote server is s
Page 1599 and 1600:
Description: The remote client was
Page 1601 and 1602:
Page 1603 and 1604:
Page 1605 and 1606:
overflow issue in the handling of n
Page 1607 and 1608:
CVE-2011-1456 Mozilla Firefox < 3.5
Page 1609 and 1610:
HP Network Node Manager i (NNMi) Mu
Page 1611 and 1612:
Page 1613 and 1614:
Page 1615 and 1616:
Solution: Upgrade to Opera 11.11 or
Page 1617 and 1618:
IBM Tivoli Management Framework End
Page 1619 and 1620:
Page 1621 and 1622:
83275)\n\n - A same origin bypass e
Page 1623 and 1624:
Description: The remote host is a B
Page 1625 and 1626:
Description: The remote client acce
Page 1627 and 1628:
the application to crash. (CVE-2011
Page 1629 and 1630:
Solution: Upgrade to Google Chrome
Page 1631 and 1632:
Description: The remote host is an
Page 1633 and 1634:
code execution vulnerability in the
Page 1635 and 1636:
'USERNAME' parameter of the 'login.
Page 1637 and 1638:
enabled. (CVE-2011-2526) Solution:
Page 1639 and 1640:
crash or arbitrary code execution.
Page 1641 and 1642:
elies on called 'jsvc' contains an
Page 1643 and 1644:
Mozilla SeaMonkey 2.x < 2.3.0 Multi
Page 1645 and 1646:
Apache Tomcat 6.0.x < 6.0.33 Multip
Page 1647 and 1648:
Page 1649 and 1650:
Page 1651 and 1652:
93788)\n\n - A stale font issue exi
Page 1653 and 1654:
Solution: Upgrade to Mac OS X 10.7.
Page 1655 and 1656:
information disclosure vulnerabilit
Page 1657 and 1658:
handling of PICT files. (CVE-2011-3
Page 1659 and 1660:
Page 1661 and 1662:
Description: The remote device just
Page 1663 and 1664:
Page 1665 and 1666:
Page 1667 and 1668:
vulnerabilities :\n\n - A double-fr
Page 1669 and 1670:
Description: The remote host is a B
Page 1671 and 1672:
Page 1673 and 1674:
Page 1675 and 1676:
Page 1677 and 1678:
Solution: The command activity obse
Page 1679 and 1680:
Page 1681 and 1682:
Page 1683 and 1684:
Successful Shell Attack Detected -
Page 1685 and 1686:
CVE Not available Successful Shell
Page 1687 and 1688:
CVE Not available Successful Shell
Page 1689 and 1690:
Page 1691 and 1692:
Page 1693 and 1694:
Description: A successful 'time' co
Page 1695 and 1696:
Page 1697 and 1698:
Page 1699 and 1700:
ealtimeonly Solution: The command a
Page 1701 and 1702:
Trojan/Backdoor Detection - BACKDOO
Page 1703 and 1704:
Solution: As the system appears to
Page 1705 and 1706:
Trojan/Backdoor Detection - WinEggD
Page 1707 and 1708:
Description: The remote host is acc
Page 1709 and 1710:
PVS ID: 6249 FAMILY: SCADA RISK: LO
Page 1711 and 1712:
Description: The remote ICCP server
Page 1713 and 1714:
CVE Not available Google Chrome < 1
Page 1715 and 1716:
Description: The remote client just
Page 1717 and 1718:
Description: The remote Modicon SCA
Page 1719 and 1720:
Description: The remote host has be
Page 1721 and 1722:
Page 1723 and 1724:
CVE-2012-0814 RealWin Management Se
Page 1725 and 1726:
CVE-2012-0449)\n\n - The HTML5 fram
Page 1727 and 1728:
Page 1729 and 1730:
Solution: Restrict access to the se
Page 1731 and 1732:
Description: The remote host is a 7
Page 1733 and 1734:
Page 1735 and 1736:
Page 1737 and 1738:
iHeartRadio Stream Detection PVS ID
Page 1739 and 1740:
in the DB2 Administration Server (D
Page 1741 and 1742:
Header security bypass vulnerabilit
Page 1743 and 1744:
Page 1745 and 1746:
Page 1747 and 1748:
Page 1749 and 1750:
Page 1751 and 1752:
Page 1753 and 1754:
Page 1755 and 1756:
craigslist.org Personals Access Det
Page 1757 and 1758:
Page 1759 and 1760:
Page 1761 and 1762:
Page 1763 and 1764:
RealWin Management Server Detection
Page 1765 and 1766:
Page 1767 and 1768:
Skype Client Detection CVE Not avai
Page 1769 and 1770:
Description: The remote host has be
Page 1771 and 1772:
Page 1773 and 1774:
potentially execute arbitrary code.
Page 1775 and 1776:
movie files. (CVE-2012-0665)\n\n -
Page 1777 and 1778:
Solution: Upgrade to PHP version 5.
Page 1779 and 1780:
CVE-2012-0677 Facebook SocialCam Ap
Page 1781 and 1782:
(CVE-2012-02817)\n\n - An unspecifi
Page 1783 and 1784:
Page 1785 and 1786:
cross-site scripting attacks. (CVE-
Page 1787 and 1788:
CVE-2012-3656, CVE-2012-3661, CVE-2
Page 1789 and 1790:
Description: Synopsis:\n\nThe remot
Page 1791 and 1792:
Tridium SCADA Server Detection PVS
Page 1793 and 1794:
lead to code execution. (CVE-2012-2
Page 1795 and 1796:
Description: The remote Apple iPad
Page 1797 and 1798:
exist. (CVE-2012-1970,CVE-2012-1971
Page 1799 and 1800:
uttons. This can allow arbitrary co
Page 1801 and 1802:
Carbonite 'Cloud' Backup Service De
Page 1803 and 1804:
Description: The remote client is s
Page 1805 and 1806:
CVE-2012-3723 Mac OS X 10.8 < 10.8.
Page 1807 and 1808:
CVE-2011-3044, CVE-2011-3050, CVE-2
Page 1809 and 1810:
CVE Not available Slacker applicati
Page 1811 and 1812:
to audio device handling. (CVE-2012
Page 1813 and 1814:
site. An attacker can also exploit
Page 1815 and 1816:
access to the 'location' object. (C
Page 1817 and 1818:
CVE-2012-3180 BigFix Client Patch U
Page 1819 and 1820:
Page 1821 and 1822:
Page 1823 and 1824:
Page 1825 and 1826:
Page 1827 and 1828:
Description: The remote server is a
Page 1829 and 1830:
affected by multiple vulnerabilitie
Page 1831 and 1832:
Flash Player < CVE-2012-2749 PVS ID
Page 1833 and 1834:
for successful exploitation.\n\n -
Page 1835 and 1836:
Page 1837 and 1838:
Page 1839 and 1840:
Page 1841 and 1842:
Page 1843 and 1844:
Solution: Update to JDK / JRE 7 Upd
Page 1845 and 1846:
has an unspecified impact. (CVE-201
Page 1847 and 1848:
decoding. (CVE-2013-0894)\n\n - Mem
show all

(PVS) Signatures - Tenable Network Security

Create successful ePaper yourself

Delete template?

Save as template?