(PVS) Signatures - Tenable Network Security

More documents

Recommendations

Info

Apache 2.2 < 2.2.20 Multiple Vulnerabilities PVS ID: 6021 FAMILY: Web Servers RISK: HIGH NESSUS ID:55976 Description: Synopsis :\n\nThe remote web server is vulnerable to a denial of service attack.\n\nFor your information, the observed version of Apache HTTP server is \n%L\n\nVersions of Apache 2.2 earlier than 2.2.20 are potentially affected by a denial of service vulnerability. Making a series of HTTP requests with overlapping ranges in the Range or Request-Range request headers can result in memory and CPU exhaustion. A remote, unauthenticated attacker could exploit this flaw to make the system unresponsive. Solution: Upgrade to Apache version 2.2.20 or later or use one of the workarounds in Apache's advisories for CVE-2011-3192. CVE-2011-3192 OpenSSL 1.x < 1.0.0e Multiple Vulnerabilities PVS ID: 6022 FAMILY: Web Servers RISK: MEDIUM NESSUS ID:56162 Description: Synopsis : \n\nThe remote web server is affected by multiple vulnerabilities.\n\nFor your information, the observed version of OpenSSL is : \n %L \n\nVersions of OpenSSL 1.0.0 earlier than and 1.0.0e are potentially affected by the following vulnerabilities : \n\n - An error exists in the internal certificate verification process that can allow improper acceptance of a certificate revolcation list (CRL) if the lists's 'nextUpdate' field contains a date in teh past. Note that this internal CRL checking is not enabled by defaut. (CVE-2011-3207)\n\n - An error exists in the code for the ephemeral (EC)DH ciphersuites that can allow a remote attacker to crash the process. (CVE-2011-3210) Solution: Upgrade to OpenSSL 1.0.0e or later. CVE-2011-3210 Google Chrome < 14.0.835.186 Multiple Vulnerabilities PVS ID: 6023 FAMILY: Web Clients RISK: HIGH NESSUS ID:56241 Description: Synopsis : \n\nThe remote host contains a web browser that is vulnerable to multiple attack vectors.\n\nFor your information, the observed version of Google Chrome is : \n %L \n\nVersions of Google Chrome earlier than 14.0.835.186 contain a vulnerable version of Adobe Flash Player that is affected by the following vulnerabilities : \n\n - An unspecified, critical error for which no further details are available at this time.\n\n - An unspecified cross-site scripting vulnerability. Solution: Upgrade to Google Chrome 14.0.835.186 or later. 2011-2444 Passive Vulnerability Scanner (PVS) Signatures Google Chrome < 14.0.835.163 Multiple Vulnerabilities Family Internet Services 1643
PVS ID: 6024 FAMILY: Web Clients RISK: HIGH NESSUS ID:56230 Description: Synopsis : \n\nThe remote host contains a web browser that is vulnerable to multiple attack vectors.\n\nFor your information, the observed version of Google Chrome is : \n %L \n\nVersions of Google Chrome earlier than 14.0.835.163 are affected by multiple vulnerabilities : \n\n - A race condition exists related to the certificate cache. (Issue 49377)\n\n - The Windows Media Player plugin allows click-free access to the system Flash. (Issue 51464)\n - PIC / pie compiler lags are not used. (Linux only)(Issue 57908)\n - MIME types are not treated authoritatively at plugin load time. (Issue 75070)\n - An unspecified error allows V8 script object wrappers to crash. (Issue 76771)\n - The included PDF functionality contains a garbage collection error. (Issue 78639)\n - The Mac installer insecurely handles lock files. (Mac only)(Issue 80680) - Out-of-bounds read issues exist related to media buffers, mp3 files, box handling, Khmer characters, video handling, Tibetan characters, and triangle arrays. (Issues 82438, 85041, 89991, 90134, 90173, 95563, 95625)\n - An unspecified error allows data displayed in the URL to be spoofed. (Issue 83031)\n - Use-after-free error exist related to unload event handling, the document loader, plugin handling, ruby table style handling, and the focus controller. (Issues 89219, 89330, 91197, 92651, 94800, 93420, 93587)\n - The URL bar can be spoofed in an unspecified manner related to the forward button. (Issue 89564)\n - A NULL pointer error exists related to WebSockets. Issue 89795)\n An off-by-one error exists related to the V8 JavaScript engine. (Issue 91120)\n - A stale node error exists related to CSS stylesheet handling. (Issue 92959)\n - A cross-origin bypass error exists related to the V8 JavaScript engine. (Issue 93416)\n - A double-free error exists related to XPath handling in libxml. (Issue 93472)\n - Incorrect permissions are assigned to non-gallery pages. (Issue 93497)\n - An improper string read occurs in the included PDF functionality. (Issue 93596)\n - An unspecified error allows unintended access to objects build in to the V8 JavaScript engine. (Issue 93906)\n - Self-signed certificates are not pinned properly. (Issue 95917)\n - A variable-type confusion issue exists in the V8 JavaScript engine related to object sealing. (Issue 95920) Solution: Upgrade to Google Chrome 14.0.835.163 or later. CVE-2011-3234 Passive Vulnerability Scanner (PVS) Signatures Flash Player < 10.3.183.10 Multiple Vulnerabilities (APSB11-26) PVS ID: 6025 FAMILY: Web Clients RISK: HIGH NESSUS ID:56259 Description: Synopsis : \n\nThe remote host contains a browser plug-in that is vulnerable to multiple attack vectors.\n\nThe remote host has Adobe Flash Player installed. For your information, the observed version of Adobe Flash Player is : \n %L \nVersions of Flash Player earlier than 10.3.183.10 are potentially affected by multiple vulnerabilities : \n - Multiple AVM stack overflow vulnerabilities could lead to code execution. (CVE-2011-2426, CVE-2011-2427)\n - A logic error issue could lead to code execution or a browser crash. (CVE-2011-2428)\n - A Flash Player security control bypass vulnerability could lead to information disclosure. (CVE-2011-2429)\n - A streaming media logic error vulnerability could lead to code execution. (CVE-2011-2430)\n - A universal cross-site scripting vulnerability could be abused to take actions on a user's behalf on any website if the user is tricked into visiting a malicious website. Note that this issue is reportedly being actively exploited in targeted attacks. (CVE-2011-2444) Family Internet Services 1644
Page 1 and 2:
Passive Vulnerability Scanner (PVS)
Page 3 and 4:
Page 5 and 6:
PVS PLUGIN FAMILIES COUNT FAMILY NA
Page 7 and 8:
Family Backdoors PVS ID PLUGIN NAME
Page 9 and 10:
5721 Stuxnet Traffic Detection Back
Page 11 and 12:
Family CGI PVS ID PLUGIN NAME FAMIL
Page 13 and 14:
2317 Full Revolution aspWebCalendar
Page 15 and 16:
2549 JSBoard < 2.0.10 session.php A
Page 17 and 18:
2726 PHP-Fusion < 5.0.2 setuser.php
Page 19 and 20:
2903 PhotoPost PHP Pro < 5.02 RC4 m
Page 21 and 22:
3208 HP OpenView Network Node Manag
Page 23 and 24:
3454 vBulletin < 3.5.4 HTML Injecti
Page 25 and 26:
3753 SAP Internet Transaction Serve
Page 27 and 28:
4136 paFileDB includes/search.php c
Page 29 and 30:
4549 ListManager words Parameter Cr
Page 31 and 32:
5012 MyBB < 1.4.6 Multiple Vulnerab
Page 33 and 34:
5303 Sun Java System Identity Manag
Page 35 and 36:
(PMASA-2011-2) 5798 MySQL Eventum <
Page 37 and 38:
Page 39 and 40:
4333 PostgreSQL Multiple Vulnerabil
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
5707 MaxDB User Login Detection Dat
Page 47 and 48:
Family DNS Servers PVS ID PLUGIN NA
Page 49 and 50:
5718 5803 5909 BIND 9.4-ESV < 9.4-E
Page 51 and 52:
Family FTP Servers PVS ID PLUGIN NA
Page 53 and 54:
1852 War FTP Daemon Detection FTP S
Page 55 and 56:
4930 ProFTPD Username Variable Subs
Page 57 and 58:
Page 59 and 60:
1202 Trojan/Backdoor - PhatBOT Dete
Page 61 and 62:
Page 63 and 64:
2690 CA License Service Detection G
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
3719 Proxy / Firewall Detection Gen
Page 71 and 72:
4192 Helix Server < 11.1.4 RTSP Com
Page 73 and 74:
4586 Java Remote Management Platfor
Page 75 and 76:
5163 MS09-047: Vulnerabilities in W
Page 77 and 78:
Page 79 and 80:
6130 Successful Shell Attack Detect
Page 81 and 82:
6194 Successful Shell Attack Detect
Page 83 and 84:
Family Operating System Detection P
Page 85 and 86:
3474 3475 Mac OS X Multiple Vulnera
Page 87 and 88:
6122 Windows OS Version Information
Page 89 and 90:
2438 Mercury Mail Remote IMAP Stack
Page 91 and 92:
Family Internet Messengers PVS ID P
Page 93 and 94:
2366 Gaim < 1.0.2 Multiple Vulnerab
Page 95 and 96:
4280 Trillian Version Detection 431
Page 97 and 98:
Family IRC Clients PVS ID PLUGIN NA
Page 99 and 100:
Family IRC Servers PVS ID PLUGIN NA
Page 101 and 102:
2577 BitTorrent P2P Client Detectio
Page 103 and 104:
Family POP Server PVS ID PLUGIN NAM
Page 105 and 106:
Family RPC PVS ID 1018 PLUGIN NAME
Page 107 and 108:
1073 RPC sadmind Service In Use RPC
Page 109 and 110:
5538 Microsoft Group Policy Client
Page 111 and 112:
1296 Mutt < 1.4.1 / 1.5 UTF-7 IMAP
Page 113 and 114:
1336 Elm Mail Client Detection 2145
Page 115 and 116:
3860 Cumulative Security Update for
Page 117 and 118:
5483 Mozilla Thunderbird Unsupporte
Page 119 and 120:
Family SMTP Servers PVS ID PLUGIN N
Page 121 and 122:
2039 Sendmail < 8.12.8 Double Pipe
Page 123 and 124:
3039 DoS Servers Inframail SMTP Ser
Page 125 and 126:
4268 Ipswitch IMail Client < 2006.2
Page 127 and 128:
Family SNMP Traps PVS ID PLUGIN NAM
Page 129 and 130:
1382 SNMP security Community String
Page 131 and 132:
1421 SNMP internal Community String
Page 133 and 134:
2214 Cisco IOS CEF Packet Informati
Page 135 and 136:
2300 GNU Radius < 1.2.94 SNMP Reque
Page 137 and 138:
1995 LSH < 1.5 lshd Daemon Remote O
Page 139 and 140:
Family Web Clients PVS ID PLUGIN NA
Page 141 and 142:
1766 DeskNow Web Mail Cleartext Aut
Page 143 and 144:
2399 EZ-IPupdate show_message() Rem
Page 145 and 146:
3031 Metasploit Framework Engine De
Page 147 and 148:
3411 PointOfMail Email Tracker (Cli
Page 149 and 150:
3812 Firefox < 1.5.0.8 Multiple Vul
Page 151 and 152:
4099 Windows Safari Detection 4109
Page 153 and 154:
4375 ClamAV < 0.92.1 Multiple Overf
Page 155 and 156:
4593 F-PROT Attachment Handling DoS
Page 157 and 158:
Multiple Vulnerabilities Clients 47
Page 159 and 160:
5042 QuickTime < 7.6.2 Multiple Vul
Page 161 and 162:
5217 Opera < 10.01 Multiple Vulnera
Page 163 and 164:
5516 Google Chrome < 4.1.249.1059 M
Page 165 and 166:
5657 Firefox 3.6.x < 3.6.9 Multiple
Page 167 and 168:
5783 Flash Player Unsupported Versi
Page 169 and 170:
5965 Mozilla Firefox > 4.0 and < 5.
Page 171 and 172:
6105 Opera < 11.60 Multiple Vulnera
Page 173 and 174:
6455 Real Networks RealPlayer < 14.
Page 175 and 176:
6566 Mac Outlook Client Version Det
Page 177 and 178:
6659 Red Hat Satellite Client Commu
Page 179 and 180:
Family Web Servers PVS ID PLUGIN NA
Page 181 and 182:
1459 UltraSeek < 4.0 Malformed URL
Page 183 and 184:
1498 Apache < 2.0.40 Win32 Director
Page 185 and 186:
1547 Sambar Cleartext Password Remo
Page 187 and 188:
Page 189 and 190:
1647 cgforum.cgi Multiple Vulnerabi
Page 191 and 192:
1686 ws_mail.cgi Multiple Vulnerabi
Page 193 and 194:
Vulnerabilities Servers 1726 CuteNe
Page 195 and 196:
2176 Argosoft HTTP GET Request Satu
Page 197 and 198:
2339 W-Agora Multiple Input Validat
Page 199 and 200:
2496 Hassan Shopping Cart Detection
Page 201 and 202:
2608 Apache mod_python < 3.1.4 Info
Page 203 and 204:
2835 Monkey HTTP Daemon < 0.9.1 Mul
Page 205 and 206:
3206 Squid sslConnectTimeout Functi
Page 207 and 208:
3438 Fedora DS Administration Serve
Page 209 and 210:
3758 Mercury SiteScope Server Detec
Page 211 and 212:
4070 Openfire < 3.3.1 Admin Console
Page 213 and 214:
4331 PHP < 4.4.8 Multiple Vulnerabi
Page 215 and 216:
4533 Sun Java System ASP < 4.0.3 Mu
Page 217 and 218:
Disclosure Servers 4698 lighttpd <
Page 219 and 220:
4838 Alteon ACEswitch 180e Default
Page 221 and 222:
4878 NETGEAR WG602 Firmware Version
Page 223 and 224:
4917 longshine isscfg Default Passw
Page 225 and 226:
Servers 5076 IBM WebSphere Applicat
Page 227 and 228:
5283 5284 Adobe Flash Media Server
Page 229 and 230:
5782 OpenSSL < 0.9.8r / 1.0.0d OCSP
Page 231 and 232:
6331 Apache Tomcat 5.5.x < 5.5.35 H
Page 233 and 234:
Family Abuse PVS ID PLUGIN NAME FAM
Page 235 and 236:
3400 Nmap Scanner Detection Policy
Page 237 and 238:
Page 239 and 240:
6379 Facebook Game - Wooga Magic La
Page 241 and 242:
Page 243 and 244:
3871 Detection of .zip File Email A
Page 245 and 246:
4034 .pdf File Upload Detection 403
Page 247 and 248:
4672 Possible User ID and Password
Page 249 and 250:
6035 '.dll' File Download Detection
Page 251 and 252:
6265 6266 6267 6268 6269 Schweitzer
Page 253 and 254:
6597 IEC 60870-5-104 server detecti
Page 255 and 256:
5889 Apple iPhone/iPad OS 4.2.5 / 4
Page 257 and 258:
Family Internet Services PVS ID PLU
Page 259 and 260:
5959 LinkedIn Message Creation Dete
Page 261 and 262:
6564 Ustream mobile Android app det
Page 263 and 264:
Description: Synopsis :\n\nThe remo
Page 265 and 266:
ISC BIND < 8.3.4 Multiple Remote Vu
Page 267 and 268:
RPC rstatd Service In Use PVS ID: 1
Page 269 and 270:
PVS ID: 1029 FAMILY: RPC RISK: INFO
Page 271 and 272:
Description: The remote host is run
Page 273 and 274:
Page 275 and 276:
Page 277 and 278:
Page 279 and 280:
Page 281 and 282:
Page 283 and 284:
Microsoft Outlook Express IMAP Clie
Page 285 and 286:
PVS ID: 1104 FAMILY: Web Servers RI
Page 287 and 288:
PVS ID: 1112 FAMILY: Database RISK:
Page 289 and 290:
Description: The remote host respon
Page 291 and 292:
Page 293 and 294:
CVE-2003-0963 Symantec Antivirus Li
Page 295 and 296:
RADIUS Server Failed Login Detectio
Page 297 and 298:
PVS ID: 1153 FAMILY: Generic RISK:
Page 299 and 300:
Page 301 and 302:
Finjan SurfinGate Proxy FHTTP Comma
Page 303 and 304:
CVE-2004-0341 Zebra Routing Softwar
Page 305 and 306:
Policy - iroffer Software Detection
Page 307 and 308:
Page 309 and 310:
Solution: If not required, disable
Page 311 and 312:
Page 313 and 314:
Page 315 and 316:
Description: The H323 protocol is u
Page 317 and 318:
Policy - BARGAINBUDDY Software Dete
Page 319 and 320:
Solution: Upgrade to Mozilla 1.7 or
Page 321 and 322:
Solution: Upgrade to the latest ver
Page 323 and 324:
Page 325 and 326:
Page 327 and 328:
Page 329 and 330:
Page 331 and 332:
Page 333 and 334:
CVE-2000-0874 Microsoft Outlook and
Page 335 and 336:
Mutt < 1.4.1 / 1.5 Address Handling
Page 337 and 338:
Page 339 and 340:
Page 341 and 342:
Solution: Upgrade to the latest ver
Page 343 and 344:
Page 345 and 346:
PVS ID: 1331 FAMILY: SMTP Clients R
Page 347 and 348:
Page 349 and 350:
CVE Not available SNMP ilmi Communi
Page 351 and 352:
PVS ID: 1355 FAMILY: SNMP Traps RIS
Page 353 and 354:
Page 355 and 356:
Solution: This signature was obtain
Page 357 and 358:
string is easily guessed and should
Page 359 and 360:
CVE Not available SNMP rmon Communi
Page 361 and 362:
PVS ID: 1391 FAMILY: SNMP Traps RIS
Page 363 and 364:
Page 365 and 366:
Solution: This signature was obtain
Page 367 and 368:
string is easily guessed and should
Page 369 and 370:
CVE Not available SNMP internal Com
Page 371 and 372:
Page 373 and 374:
Description: The remote host is a w
Page 375 and 376:
Page 377 and 378:
Page 379 and 380:
Page 381 and 382:
Page 383 and 384:
CGI was not tested for. Solution: R
Page 385 and 386:
Page 387 and 388:
Page 389 and 390:
Solution: Upgrade to version 1.47 o
Page 391 and 392:
Domino < 5.0.7 NSF File Request Dir
Page 393 and 394:
Description: The remote Apache serv
Page 395 and 396:
Description: The remote web server
Page 397 and 398:
Description: The remote host is usi
Page 399 and 400:
Page 401 and 402:
Solution: Upgrade to YaBB SE 1.5.2
Page 403 and 404:
CVE Not available BadBlue < 2.2 Uns
Page 405 and 406:
PVS ID: 1562 FAMILY: CGI RISK: MEDI
Page 407 and 408:
Page 409 and 410:
Sambar testcgi.exe Default CGI Disc
Page 411 and 412:
Page 413 and 414:
CVE-2001-1372 Phorum < 3.4.3 Messag
Page 415 and 416:
Page 417 and 418:
Page 419 and 420:
Page 421 and 422:
Page 423 and 424:
Page 425 and 426:
Description: The cvslog.cgi script
Page 427 and 428:
Solution: Upgrade or patch accordin
Page 429 and 430:
mailfile.cgi Multiple Vulnerabiliti
Page 431 and 432:
Description: The sendmessage.cgi sc
Page 433 and 434:
Solution: If not required, disable
Page 435 and 436:
Solution: No solution is known at t
Page 437 and 438:
CVE-1999-0737 Microsoft IIS viewcod
Page 439 and 440:
Page 441 and 442:
RISK: MEDIUM Description: The remot
Page 443 and 444:
Page 445 and 446:
CVE-2002-1405 Lynx < 2.8.5 dev 6 Sy
Page 447 and 448:
CVE-2002-1565 Curl < 7.4.1 Long Err
Page 449 and 450:
Page 451 and 452:
CVE-2002-2338 Mozilla < 1.0.1 Plugi
Page 453 and 454:
Mozilla Web Client Detection PVS ID
Page 455 and 456:
RealNetwork RealPlayer Unspecified
Page 457 and 458:
CVE-2000-0320 qpopper < 4.0 PASS Co
Page 459 and 460:
Description: The remote qpopper ser
Page 461 and 462:
Solution: Upgrade to Xtramail versi
Page 463 and 464:
WU-FTPD < 2.6.1 "SITE EXEC" Command
Page 465 and 466:
Description: The remote FTP server
Page 467 and 468:
CVE Not available Platinum FTP serv
Page 469 and 470:
Page 471 and 472:
Page 473 and 474:
Description: The remote host is a W
Page 475 and 476:
BitchX IRC Clent DNS Response Remot
Page 477 and 478:
Page 479 and 480:
Trillian IRC Raw Message DoS PVS ID
Page 481 and 482:
Page 483 and 484:
Page 485 and 486:
Page 487 and 488:
CVE-2003-0015 MySQL < 3.23.56 Local
Page 489 and 490:
Solution: Upgrade to MySQL 3.23.55
Page 491 and 492:
Page 493 and 494:
to obtain sensitive information. So
Page 495 and 496:
CVE Not available Generic Shell Det
Page 497 and 498:
Solution: Ensure that the remote sh
Page 499 and 500:
Page 501 and 502:
Page 503 and 504:
Page 505 and 506:
and eventually get access to this h
Page 507 and 508:
Page 509 and 510:
PVS ID: 1982 FAMILY: SSH RISK: LOW
Page 511 and 512:
PVS ID: 1989 FAMILY: SSH RISK: HIGH
Page 513 and 514:
Description: Synopsis : \n\nThe rem
Page 515 and 516:
commands via a web query. Successfu
Page 517 and 518:
delete e-mails. Solution: Upgrade t
Page 519 and 520:
Page 521 and 522:
Page 523 and 524:
Page 525 and 526:
Page 527 and 528:
Description: A Bearshare node was d
Page 529 and 530:
MyNapster Detection CVE Not availab
Page 531 and 532:
CVE Not available Sympa < 4.1.3 Lis
Page 533 and 534:
thttpd CGI Test Script XSS PVS ID:
Page 535 and 536:
libNSS Hello Challenge Remote Heap
Page 537 and 538:
CVE-2001-1230 Icecast < 1.3.10 Mult
Page 539 and 540:
Page 541 and 542:
RISK: MEDIUM Description: Synopsis
Page 543 and 544:
Page 545 and 546:
Solution: Upgrade to Hastymail 1.0.
Page 547 and 548:
Page 549 and 550:
Page 551 and 552:
Page 553 and 554:
Cisco IOS ACL Bypass (Bug ID CSCdi3
Page 555 and 556:
Solution: http://www.cisco.com/warp
Page 557 and 558:
CVE-2002-1095 Cisco VPN Concentrato
Page 559 and 560:
Cisco VPN Concentrator Service Bann
Page 561 and 562:
Page 563 and 564:
Cisco VPN Concentrator ACL Bypass /
Page 565 and 566:
CVE-2002-1102 Cisco Multiple DoS (B
Page 567 and 568:
concentrator. The vulnerability is
Page 569 and 570:
Solution: Upgrade to version 2.0.51
Page 571 and 572:
een reported to be prone to a cross
Page 573 and 574:
Page 575 and 576:
Solution: http://docs.info.apple.co
Page 577 and 578:
with interactive access to the host
Page 579 and 580:
Page 581 and 582:
Page 583 and 584:
Page 585 and 586:
PVS ID: 2310 FAMILY: IMAP Servers R
Page 587 and 588:
PVS ID: 2317 FAMILY: CGI RISK: HIGH
Page 589 and 590:
Page 591 and 592:
CVE-2004-1558 Intellipeer User Acco
Page 593 and 594:
CVE-2004-0815 W-Agora Multiple Inpu
Page 595 and 596:
CVE-2004-2225 BugPort < 1.134 Remot
Page 597 and 598:
attacker can potentially read confi
Page 599 and 600:
Solution: http://www.microsoft.com/
Page 601 and 602:
Page 603 and 604:
Page 605 and 606:
PVS ID: 2380 FAMILY: Web Clients RI
Page 607 and 608:
Page 609 and 610:
Page 611 and 612:
Page 613 and 614:
Ipswitch IMail Server < 8.14.0 Dele
Page 615 and 616:
Page 617 and 618:
CVE-2004-2630 Invision PowerBoard <
Page 619 and 620:
Page 621 and 622:
CVE-2004-2501 WS_FTP Server < 5.04
Page 623 and 624:
CVE Not available Make Love Not Spa
Page 625 and 626:
OpenText FirstClass HTTP Daemon Sea
Page 627 and 628:
PHPGroupWare Multiple XSS and SQL I
Page 629 and 630:
Page 631 and 632:
Page 633 and 634:
Page 635 and 636:
database. Solution: No solution is
Page 637 and 638:
Solution: Use ACLs to protect the G
Page 639 and 640:
Gallery Configuration Mode Authenti
Page 641 and 642:
Description: The remote server is r
Page 643 and 644:
CVE Not available MikroTik Router D
Page 645 and 646:
Page 647 and 648:
Page 649 and 650:
Page 651 and 652:
Tor Tunnel Detection PVS ID: 2543 F
Page 653 and 654:
Page 655 and 656:
Page 657 and 658:
MRTG Web Application Detection PVS
Page 659 and 660:
Alt-N WebAdmin < 3.0.3 Multiple Rem
Page 661 and 662:
Page 663 and 664:
Page 665 and 666:
Solution: Upgarde or patch accordin
Page 667 and 668:
Microsoft Media Player Version Dete
Page 669 and 670:
Page 671 and 672:
Page 673 and 674:
services, and more.\nIn addition, a
Page 675 and 676:
Page 677 and 678:
initiate an SFTP connection to a ma
Page 679 and 680:
een discovered with this version of
Page 681 and 682:
punBB < 1.2.2 Multiple SQL Injectio
Page 683 and 684:
Page 685 and 686:
equest.\nSuccessful exploitation ma
Page 687 and 688:
not exist, then the server may cras
Page 689 and 690:
Page 691 and 692:
Page 693 and 694:
Description: The remote client is r
Page 695 and 696:
MySQL Multiple Vulnerabilities PVS
Page 697 and 698:
Page 699 and 700:
Dell Remote Access Controller Detec
Page 701 and 702:
punBB < 1.2.5 Multiple SQL Injectio
Page 703 and 704:
Page 705 and 706:
Page 707 and 708:
Solution: Ensure that TeamSpeak and
Page 709 and 710:
Page 711 and 712:
phpSysInfo < 2.5 Multiple Script XS
Page 713 and 714:
CVE Not available Windows XP SP1 De
Page 715 and 716:
Solution: Upgrade to version 5.0.3.
Page 717 and 718:
phpMyDirectory < 10.1.6 review.php
Page 719 and 720:
malicious email. Successful exploit
Page 721 and 722:
Page 723 and 724:
Solution: Upgrade to Pavuk 0.9.32 o
Page 725 and 726:
SurgeFTP < 2.2m2 LEAK Command Remot
Page 727 and 728:
CVE-2005-1700 Citrix MetaFrame Serv
Page 729 and 730:
Hydrogen Server Detection PVS ID: 2
Page 731 and 732:
user to browse to a malicious URI.
Page 733 and 734:
Page 735 and 736:
Xerox Document Centre Multiple Remo
Page 737 and 738:
Page 739 and 740:
Page 741 and 742:
Page 743 and 744:
Page 745 and 746:
Lotus Domino Server Web Service NRP
Page 747 and 748:
users:\ndex_init()\nsnb_en_init()\n
Page 749 and 750:
CVE-2006-1705 Software602 602Pro LA
Page 751 and 752:
Page 753 and 754:
CVE-2005-1009 Woppoware Postmaster
Page 755 and 756:
Page 757 and 758:
Page 759 and 760:
Description: The remote server is a
Page 761 and 762:
Solution: Ensure that you are using
Page 763 and 764:
Page 765 and 766:
Page 767 and 768:
Page 769 and 770:
Page 771 and 772:
NNTP server fails. Successful explo
Page 773 and 774:
Page 775 and 776:
Page 777 and 778:
network usage. CVE Not available UB
Page 779 and 780:
Page 781 and 782:
Page 783 and 784:
Lotus Notes < 6.5.5 Web Mail Attach
Page 785 and 786:
Page 787 and 788:
Page 789 and 790:
Page 791 and 792:
SSH IPSEC Express 3.0.0 VPN Detecti
Page 793 and 794:
Page 795 and 796:
queries, possibly revealing sensiti
Page 797 and 798:
Solution: Enable PHP's 'magic_quote
Page 799 and 800:
Solution: Manually inspect the mach
Page 801 and 802:
PVS ID: 3123 FAMILY: IRC Clients RI
Page 803 and 804:
for\nsending spam\nrunning Denial o
Page 805 and 806:
Page 807 and 808:
PVS ID: 3139 FAMILY: IRC Servers RI
Page 809 and 810:
Denial of Service (DoS) attacks aga
Page 811 and 812:
Page 813 and 814:
Page 815 and 816:
Page 817 and 818:
Page 819 and 820:
connect securely and do not introdu
Page 821 and 822:
Page 823 and 824:
Description: An Informix telnet ser
Page 825 and 826:
is vulnerable to a remote buffer ov
Page 827 and 828:
parse user-supplied requests. Succe
Page 829 and 830:
Page 831 and 832:
exploitation would result in the re
Page 833 and 834:
Page 835 and 836:
exploit this issue to read arbitrar
Page 837 and 838:
attacker exploiting this flaw would
Page 839 and 840:
Page 841 and 842:
Page 843 and 844:
Page 845 and 846:
Page 847 and 848:
Page 849 and 850:
Computer Associates Message Queuing
Page 851 and 852:
Page 853 and 854:
Page 855 and 856:
Page 857 and 858:
Solution: Ensure that this applicat
Page 859 and 860:
Page 861 and 862:
CVE-2005-4194 Sights 'N Sounds Medi
Page 863 and 864:
Page 865 and 866:
would send a malformed HTTP query t
Page 867 and 868:
Page 869 and 870:
Page 871 and 872:
Page 873 and 874:
this issue, an unauthenticated remo
Page 875 and 876:
Page 877 and 878:
PVS ID: 3400 FAMILY: Policy RISK: I
Page 879 and 880:
DidTheyReadIt Email Tracker (Client
Page 881 and 882:
Page 883 and 884:
Page 885 and 886:
Page 887 and 888:
web server. Solution: Upgrade to ve
Page 889 and 890:
Page 891 and 892:
Page 893 and 894:
Page 895 and 896:
script. Successful exploitation may
Page 897 and 898:
Page 899 and 900:
the attacker. An attacker exploitin
Page 901 and 902:
CVE-2006-1338 MailEnable Multiple P
Page 903 and 904:
CVE-2006-1485 Horde < 3.1.1 Help Vi
Page 905 and 906:
CVE Not available Internet Explorer
Page 907 and 908:
Page 909 and 910:
code on the remote host. The versio
Page 911 and 912:
MyBB < 1.1.1 Multiple Script Variab
Page 913 and 914:
Page 915 and 916:
PVS ID: 3532 FAMILY: FTP Servers RI
Page 917 and 918:
COTP Server Detection (SCADA) PVS I
Page 919 and 920:
Page 921 and 922:
Solution: Ensure that the VPN is ac
Page 923 and 924:
Page 925 and 926:
StrongSwan 2.2.2 VPN Detection PVS
Page 927 and 928:
Page 929 and 930:
Page 931 and 932:
Netscreen VPN Detection PVS ID: 360
Page 933 and 934:
Page 935 and 936:
Description: Synopsis :\n\nIt is po
Page 937 and 938:
send a specially formed query to th
Page 939 and 940:
other files. Successful exploitatio
Page 941 and 942:
Firefox < 1.5.0.4 Multiple Vulnerab
Page 943 and 944:
Page 945 and 946:
Page 947 and 948:
Page 949 and 950:
CVE-2006-3331 MyBB < 1.1.4 SQL Inje
Page 951 and 952:
CVE-2006-3275 MailEnable SMTP Servi
Page 953 and 954:
CVE Not available Geeklog FCKeditor
Page 955 and 956:
Solution: Ensure that this applicat
Page 957 and 958:
Page 959 and 960:
Page 961 and 962:
Solution: Restrict recursive querie
Page 963 and 964:
Proxy / Firewall Detection PVS ID:
Page 965 and 966:
Page 967 and 968:
PHP < 4.4.4 / 5.1.4 Multiple Vulner
Page 969 and 970:
Page 971 and 972:
Description: The remote Windows hos
Page 973 and 974:
Page 975 and 976:
Sun Secure Global Desktop / Tarante
Page 977 and 978:
CVE Not available Asterisk VoIP Ser
Page 979 and 980:
Solution: Ensure that there are pol
Page 981 and 982:
CVE Not available Encryption Privat
Page 983 and 984:
Description: The remote client is a
Page 985 and 986:
CVE-2006-4819 Cerberus Helpdesk rpc
Page 987 and 988:
Page 989 and 990:
Description: Synopsis :\n\nA web br
Page 991 and 992:
Page 993 and 994:
Page 995 and 996:
CVE Not available Xerox WorkCentre
Page 997 and 998:
Description: Synopsis :\n\nThe anti
Page 999 and 1000:
Page 1001 and 1002:
CVE Not available PHP < 4.4.5 / 5.2
Page 1003 and 1004:
CVE Not available LogMeIn Listening
Page 1005 and 1006:
Description: The remote host was ju
Page 1007 and 1008:
Page 1009 and 1010:
Socks 5 Proxy Detection PVS ID: 388
Page 1011 and 1012:
Trend Micro InterScan VirusWall Ver
Page 1013 and 1014:
Geeklog < CVE Not available PVS ID:
Page 1015 and 1016:
Page 1017 and 1018:
SQLiX SQL Injection Tool Detection
Page 1019 and 1020:
Page 1021 and 1022:
using it in a database query. An un
Page 1023 and 1024:
Ipswitch IMail Server < 2006.2 Mult
Page 1025 and 1026:
Description: The remote host was ju
Page 1027 and 1028:
Page 1029 and 1030:
Solution: Ensure that such scanning
Page 1031 and 1032:
Page 1033 and 1034:
Page 1035 and 1036:
Tivoli Client Detection PVS ID: 397
Page 1037 and 1038:
Page 1039 and 1040:
Page 1041 and 1042:
Page 1043 and 1044:
Page 1045 and 1046:
Page 1047 and 1048:
Solution: N/A CVE Not available .wa
Page 1049 and 1050:
CVE Not available .ost File Upload
Page 1051 and 1052:
Page 1053 and 1054:
Solution: N/A of distributing infor
Page 1055 and 1056:
Solution: N/A CVE Not available FTP
Page 1057 and 1058:
CVE Not available FTP Server Zipped
Page 1059 and 1060:
PVS ID: 4068 FAMILY: Data Leakage R
Page 1061 and 1062:
CVE-2007-2650 BASE < 1.3.8 Redirect
Page 1063 and 1064:
CVE Not available GHOST UDP Network
Page 1065 and 1066:
CVE-2007-2227 Windows Vista Operati
Page 1067 and 1068:
Windows Safari Detection PVS ID: 40
Page 1069 and 1070:
Solution: N/A CVE Not available cPa
Page 1071 and 1072:
unauthenticated attacker can exploi
Page 1073 and 1074:
Page 1075 and 1076:
Description: The remote server is f
Page 1077 and 1078:
Page 1079 and 1080:
malformed torrent file. Successful
Page 1081 and 1082:
Page 1083 and 1084:
Solution: Ensure that such usage is
Page 1085 and 1086:
Description: The remote client is u
Page 1087 and 1088:
Description: Synopsis :\n\nArbitrar
Page 1089 and 1090:
Page 1091 and 1092:
Lotus Notes < 7.0.2 ntmulti.exe Loc
Page 1093 and 1094:
CVE Not available Netopia Timbuktu
Page 1095 and 1096:
EnterpriseDB Advanced Server < 8.2.
Page 1097 and 1098:
CVE-2007-4646 Samba < 3.0.26 idmap_
Page 1099 and 1100:
Page 1101 and 1102:
OpenSSL < 0.9.8f Multiple Vulnerabi
Page 1103 and 1104:
Description: The remote host appear
Page 1105 and 1106:
Solution: Microsoft has released a
Page 1107 and 1108:
Page 1109 and 1110:
Page 1111 and 1112:
Page 1113 and 1114:
Description: The remote host is a C
Page 1115 and 1116:
WebSphere UDDI Console Multiple Vul
Page 1117 and 1118:
CVE Not available PHP < 5.2.5 Multi
Page 1119 and 1120:
CVE Not available VMWare Server Pla
Page 1121 and 1122:
Description: The remote server is r
Page 1123 and 1124:
Page 1125 and 1126:
Page 1127 and 1128:
Page 1129 and 1130:
Page 1131 and 1132:
Page 1133 and 1134:
Page 1135 and 1136:
Page 1137 and 1138:
Page 1139 and 1140:
Page 1141 and 1142:
CVE-2008-0234 WordPress < 2.3.3 XML
Page 1143 and 1144:
Page 1145 and 1146:
PVS ID: 4377 FAMILY: CGI RISK: INFO
Page 1147 and 1148:
Apache < 2.2.8 Multiple Vulnerabili
Page 1149 and 1150:
Page 1151 and 1152:
ListManager < 9.3b / 9.2c / 8.95d M
Page 1153 and 1154:
Solution: Upgrade to version 6 buil
Page 1155 and 1156:
Page 1157 and 1158:
French administration in 2002 and t
Page 1159 and 1160:
Page 1161 and 1162:
Page 1163 and 1164:
Page 1165 and 1166:
CVE Not available GnuPG < 1.4.9 / 2
Page 1167 and 1168:
code execution (CVE-2008-1019, CVE-
Page 1169 and 1170:
Page 1171 and 1172:
CVE-2008-1024 Firefox < 2.0.0.14 Ja
Page 1173 and 1174:
PVS ID: 4480 FAMILY: Backdoors RISK
Page 1175 and 1176:
Page 1177 and 1178:
Page 1179 and 1180:
Solution: Microsoft has released a
Page 1181 and 1182:
oot directory. An attacker, exploit
Page 1183 and 1184:
Lotus Domino < 8.0.1 / 7.0.3 FP1 Mu
Page 1185 and 1186:
Mac OS X < 10.5.3 CVE-2008-1105 PVS
Page 1187 and 1188:
Page 1189 and 1190:
arbitrary code execution (CVE-2008-
Page 1191 and 1192:
Page 1193 and 1194:
CVE Not available Sun Java Calendar
Page 1195 and 1196:
Page 1197 and 1198:
same-origin policy could allow for
Page 1199 and 1200:
Page 1201 and 1202:
Page 1203 and 1204:
Page 1205 and 1206:
Page 1207 and 1208:
EMC Retrospect Server Detection PVS
Page 1209 and 1210:
Page 1211 and 1212:
Page 1213 and 1214:
Novell iManager < 2.7 SP1 Property
Page 1215 and 1216:
Solution: Apply patch PHNE_38458 or
Page 1217 and 1218:
Attachmate Reflection for Secure IT
Page 1219 and 1220:
Stored Procedures' for Visual Studi
Page 1221 and 1222:
CVE-2008-6976 Google Chrome Version
Page 1223 and 1224:
CVE-2008-3629 MySQL Empty Binary St
Page 1225 and 1226:
Ensure that such information is not
Page 1227 and 1228:
Page 1229 and 1230:
Description: The remote web client
Page 1231 and 1232:
Page 1233 and 1234:
Solution: Apply Fix Pack 19 (6.1.0.
Page 1235 and 1236:
CVE-2008-4068 Firefox < 2.0.0.17 Mu
Page 1237 and 1238:
CVE-2008-4070 MailMarshal < 6.4 Spa
Page 1239 and 1240:
Page 1241 and 1242:
Solution: Ensure that there is code
Page 1243 and 1244:
Description: A DHCP client is runni
Page 1245 and 1246:
IBM WebSphere Application Server <
Page 1247 and 1248:
Solution: Upgrade to a newer versio
Page 1249 and 1250:
Page 1251 and 1252:
Page 1253 and 1254:
place a lock on a non-native object
Page 1255 and 1256:
Description: The remote host is a M
Page 1257 and 1258:
2008-56)\n - There is an error in t
Page 1259 and 1260:
Page 1261 and 1262:
of WordPress is: \n %L Solution: Up
Page 1263 and 1264:
Page 1265 and 1266:
version of ClamAV is: \n %L Solutio
Page 1267 and 1268:
Page 1269 and 1270:
'calendarEdit.php' script before us
Page 1271 and 1272:
CVE-2004-2761 SSL Certificate Signe
Page 1273 and 1274:
Page 1275 and 1276:
CVE-2009-0241 QuickTime < 7.6 Multi
Page 1277 and 1278:
Page 1279 and 1280:
Page 1281 and 1282:
Page 1283 and 1284:
Page 1285 and 1286:
Page 1287 and 1288:
Page 1289 and 1290:
Page 1291 and 1292:
Page 1293 and 1294:
Page 1295 and 1296:
Page 1297 and 1298:
Page 1299 and 1300:
Page 1301 and 1302:
CVE-2008-5911 Google Chrome < 1.0.1
Page 1303 and 1304:
Page 1305 and 1306:
Solution: Ensure that such services
Page 1307 and 1308:
Page 1309 and 1310:
the context of a different domain.
Page 1311 and 1312:
PVS ID: 4952 FAMILY: FTP Servers RI
Page 1313 and 1314:
Page 1315 and 1316:
CVE-2009-0776 Umbraco Version Detec
Page 1317 and 1318:
Description: The remote host is a S
Page 1319 and 1320:
Page 1321 and 1322:
Page 1323 and 1324:
Page 1325 and 1326:
the ability to embed third-party st
Page 1327 and 1328:
Page 1329 and 1330:
Solution: Upgrade to ESET update 40
Page 1331 and 1332:
Solution: The vendor has released v
Page 1333 and 1334:
Page 1335 and 1336:
Solution: When available, upgrade t
Page 1337 and 1338:
Page 1339 and 1340:
host subject to the privileges of t
Page 1341 and 1342:
Microsoft SharePoint Detection PVS
Page 1343 and 1344:
Page 1345 and 1346:
Description: Based on the software
Page 1347 and 1348:
Description: The remote host is an
Page 1349 and 1350:
vulnerabilities : \n\n - The admini
Page 1351 and 1352:
CVE-2009-2121 Last Seen FTP Client
Page 1353 and 1354:
Page 1355 and 1356:
Solution: Upgrade to Bugzilla 3.2.4
Page 1357 and 1358:
to crash the browser or potentially
Page 1359 and 1360:
Page 1361 and 1362:
Page 1363 and 1364:
Authenticated attackers can exploit
Page 1365 and 1366:
Page 1367 and 1368:
documents which may allow an attack
Page 1369 and 1370:
Typically such an attack would resu
Page 1371 and 1372:
Solution: Upgrade to OpenOffice ver
Page 1373 and 1374:
Solution: Upgrade to SeaMonkey 1.1.
Page 1375 and 1376:
to create a URL which contains look
Page 1377 and 1378:
user into opening a specially craft
Page 1379 and 1380:
CVE-2009-3231 Horde < 3.3.4 / 3.3.5
Page 1381 and 1382:
Solution: Upgrade to RT 3.6.9 / 3.8
Page 1383 and 1384:
CVE-2009-3106 Ability Mail Server <
Page 1385 and 1386:
Page 1387 and 1388:
Page 1389 and 1390:
Page 1391 and 1392:
Page 1393 and 1394:
Page 1395 and 1396:
.NET application to modify memory o
Page 1397 and 1398:
CVE-2009-3862 Mac OS X 10.6 < 10.6.
Page 1399 and 1400:
Page 1401 and 1402:
Page 1403 and 1404:
IBM Solid Database < 6.30.0.37 Remo
Page 1405 and 1406:
Solution: Upgrade to eDirectory 8.8
Page 1407 and 1408:
Multiple SQL-injection vulnerabilit
Page 1409 and 1410:
Multiple vulnerabilities in 'libogg
Page 1411 and 1412:
Solution: Upgrade to Zabbix 1.6.7 o
Page 1413 and 1414:
CVE Not available Synapse Client De
Page 1415 and 1416:
Solution: Upgrade to Adobe Flash Me
Page 1417 and 1418:
Page 1419 and 1420:
user-supplied input to the 'p_p_id'
Page 1421 and 1422:
Page 1423 and 1424:
CVE Not available strongSwan 4.0.2
Page 1425 and 1426:
Page 1427 and 1428:
Page 1429 and 1430:
unspecified error allows XMLHttpReq
Page 1431 and 1432:
Page 1433 and 1434:
Solution: Upgrade to OpenOffice ver
Page 1435 and 1436:
Page 1437 and 1438:
CVE Not available Client ZIP Downlo
Page 1439 and 1440:
Page 1441 and 1442:
Page 1443 and 1444:
DB2 Suspicious Command Detection PV
Page 1445 and 1446:
Description: The remote DB2 client
Page 1447 and 1448:
Solution: N/A CVE Not available Mic
Page 1449 and 1450:
Microsoft SQL Server Suspicious Com
Page 1451 and 1452:
Description: The remote MySQL clien
Page 1453 and 1454:
Solution: N/A CVE Not available MyS
Page 1455 and 1456:
Page 1457 and 1458:
CVE Not available Oracle Server Sus
Page 1459 and 1460:
Sybase ASE Server Suspicious Comman
Page 1461 and 1462:
Description: The remote Sybase ASE
Page 1463 and 1464:
Solution: N/A CVE Not available Syb
Page 1465 and 1466:
Sybase SQL Anywhere Server Suspicio
Page 1467 and 1468:
2.0.0.x\n\n - 1.5.0.x\n\n - 1.0.x\n
Page 1469 and 1470:
CVE Not available OpenSSL < 0.9.8n
Page 1471 and 1472:
CVE-2010-1795 QuickTime < 7.6.6 Mul
Page 1473 and 1474:
Page 1475 and 1476:
the observed version of ViewVC is:
Page 1477 and 1478:
Description: The remote client is a
Page 1479 and 1480:
CVE-2010-0393 MyBB < 1.4.12 Multipl
Page 1481 and 1482:
CVE Not available Zabbix 1.8.x < 1.
Page 1483 and 1484:
Microsoft Media Server Version Dete
Page 1485 and 1486:
Page 1487 and 1488:
a malicious website. Successful exp
Page 1489 and 1490:
CVE-2010-1975 MySQL Community Serve
Page 1491 and 1492:
CVE Not available Apache Axis2 < 1.
Page 1493 and 1494:
CVE Not available Kerio MailServer
Page 1495 and 1496:
memory access issue exists in WebKi
Page 1497 and 1498:
Page 1499 and 1500:
filter may allow registered users t
Page 1501 and 1502:
CVE-2010-1203 SeaMonkey < 2.0.5 Mul
Page 1503 and 1504:
MySQL Community Server < 5.1.47 / 5
Page 1505 and 1506:
Page 1507 and 1508:
Solution: Upgrade to IBM SolidDB 6.
Page 1509 and 1510:
'NodeIterator' implementation could
Page 1511 and 1512:
SeaMonkey 2.0.x < 2.0.6 Multiple Vu
Page 1513 and 1514:
(CVE-2010-2068) Solution: Either en
Page 1515 and 1516:
Page 1517 and 1518:
Page 1519 and 1520:
Page 1521 and 1522:
Page 1523 and 1524:
EXPLAIN with specially crafted quer
Page 1525 and 1526:
in the application's current workin
Page 1527 and 1528:
e executed within the context of th
Page 1529 and 1530:
code used to normalize a document c
Page 1531 and 1532:
Page 1533 and 1534:
Page 1535 and 1536:
CVE Not available Mantis 1.2.x < 1.
Page 1537 and 1538:
CVE-2010-4042 Mozilla Firefox 3.5.x
Page 1539 and 1540:
the SSL certificate was created wit
Page 1541 and 1542:
Solution: Upgrade to Firefox 3.5.15
Page 1543 and 1544:
Page 1545 and 1546:
Solution: Upgrade to SmartFTP 4.0.1
Page 1547 and 1548:
memory corruption vulnerability in
Page 1549 and 1550:
Page 1551 and 1552:
possible to downgrade the ciphersui
Page 1553 and 1554:
than 5.601 are potentially affected
Page 1555 and 1556:
code execution. (MFSA 2010-74)\n\n
Page 1557 and 1558:
affected by multiple vulnerabilitie
Page 1559 and 1560:
Page 1561 and 1562:
statically-sized arrays on the heap
Page 1563 and 1564:
PVS ID: 5752 FAMILY: SMTP Servers R
Page 1565 and 1566:
affects Google Chrome on Mac OS. (4
Page 1567 and 1568:
Description: the remote host is run
Page 1569 and 1570:
Description: the remote host is run
Page 1571 and 1572:
Page 1573 and 1574:
CVE-2011-0013 Apache Tomcat 6.0.x <
Page 1575 and 1576:
and 'libclamav/sis.c'. (Report from
Page 1577 and 1578:
CVE-2011-1147 BIND 9.7.1-9.7.2-P3 I
Page 1579 and 1580:
2011-04)\n\n - A buffer overflow vu
Page 1581 and 1582:
Page 1583 and 1584:
CVE Not available Google Chrome < 1
Page 1585 and 1586:
'precision' is set to a large value
Page 1587 and 1588:
Description: The remote client sent
Page 1589 and 1590:
Page 1591 and 1592:
for several prominent public websit
Page 1593 and 1594:
Page 1595 and 1596: RISK: MEDIUM Description: Synopsis
Page 1597 and 1598: Description: The remote server is s
Page 1599 and 1600: Description: The remote client was
Page 1601 and 1602: Description: Synopsis : \n\nThe rem
Page 1603 and 1604: Description: Synopsis :\n\nThe remo
Page 1605 and 1606: overflow issue in the handling of n
Page 1607 and 1608: CVE-2011-1456 Mozilla Firefox < 3.5
Page 1609 and 1610: HP Network Node Manager i (NNMi) Mu
Page 1613 and 1614: Description: The remote host is run
Page 1615 and 1616: Solution: Upgrade to Opera 11.11 or
Page 1617 and 1618: IBM Tivoli Management Framework End
Page 1619 and 1620: PVS ID: 5939 FAMILY: Generic RISK:
Page 1621 and 1622: 83275)\n\n - A same origin bypass e
Page 1623 and 1624: Description: The remote host is a B
Page 1625 and 1626: Description: The remote client acce
Page 1627 and 1628: the application to crash. (CVE-2011
Page 1629 and 1630: Solution: Upgrade to Google Chrome
Page 1631 and 1632: Description: The remote host is an
Page 1633 and 1634: code execution vulnerability in the
Page 1635 and 1636: 'USERNAME' parameter of the 'login.
Page 1637 and 1638: enabled. (CVE-2011-2526) Solution:
Page 1639 and 1640: crash or arbitrary code execution.
Page 1641 and 1642: elies on called 'jsvc' contains an
Page 1643 and 1644: Mozilla SeaMonkey 2.x < 2.3.0 Multi
Page 1645: Apache Tomcat 6.0.x < 6.0.33 Multip
Page 1651 and 1652: 93788)\n\n - A stale font issue exi
Page 1653 and 1654: Solution: Upgrade to Mac OS X 10.7.
Page 1655 and 1656: information disclosure vulnerabilit
Page 1657 and 1658: handling of PICT files. (CVE-2011-3
Page 1659 and 1660: PVS ID: 6058 FAMILY: Web Servers RI
Page 1661 and 1662: Description: The remote device just
Page 1667 and 1668: vulnerabilities :\n\n - A double-fr
Page 1669 and 1670: Description: The remote host is a B
Page 1673 and 1674: PVS ID: 6113 FAMILY: CGI RISK: HIGH
Page 1677 and 1678: Solution: The command activity obse
Page 1683 and 1684: Successful Shell Attack Detected -
Page 1685 and 1686: CVE Not available Successful Shell
Page 1687 and 1688: CVE Not available Successful Shell
Page 1693 and 1694: Description: A successful 'time' co
Page 1697 and 1698:
Solution: The command activity obse
Page 1699 and 1700:
ealtimeonly Solution: The command a
Page 1701 and 1702:
Trojan/Backdoor Detection - BACKDOO
Page 1703 and 1704:
Solution: As the system appears to
Page 1705 and 1706:
Trojan/Backdoor Detection - WinEggD
Page 1707 and 1708:
Description: The remote host is acc
Page 1709 and 1710:
PVS ID: 6249 FAMILY: SCADA RISK: LO
Page 1711 and 1712:
Description: The remote ICCP server
Page 1713 and 1714:
CVE Not available Google Chrome < 1
Page 1715 and 1716:
Description: The remote client just
Page 1717 and 1718:
Description: The remote Modicon SCA
Page 1719 and 1720:
Description: The remote host has be
Page 1721 and 1722:
Page 1723 and 1724:
CVE-2012-0814 RealWin Management Se
Page 1725 and 1726:
CVE-2012-0449)\n\n - The HTML5 fram
Page 1727 and 1728:
Page 1729 and 1730:
Solution: Restrict access to the se
Page 1731 and 1732:
Description: The remote host is a 7
Page 1733 and 1734:
Page 1735 and 1736:
Page 1737 and 1738:
iHeartRadio Stream Detection PVS ID
Page 1739 and 1740:
in the DB2 Administration Server (D
Page 1741 and 1742:
Header security bypass vulnerabilit
Page 1743 and 1744:
Page 1745 and 1746:
Page 1747 and 1748:
Page 1749 and 1750:
Page 1751 and 1752:
Page 1753 and 1754:
Page 1755 and 1756:
craigslist.org Personals Access Det
Page 1757 and 1758:
Page 1759 and 1760:
Page 1761 and 1762:
Page 1763 and 1764:
RealWin Management Server Detection
Page 1765 and 1766:
Page 1767 and 1768:
Skype Client Detection CVE Not avai
Page 1769 and 1770:
Description: The remote host has be
Page 1771 and 1772:
Page 1773 and 1774:
potentially execute arbitrary code.
Page 1775 and 1776:
movie files. (CVE-2012-0665)\n\n -
Page 1777 and 1778:
Solution: Upgrade to PHP version 5.
Page 1779 and 1780:
CVE-2012-0677 Facebook SocialCam Ap
Page 1781 and 1782:
(CVE-2012-02817)\n\n - An unspecifi
Page 1783 and 1784:
Page 1785 and 1786:
cross-site scripting attacks. (CVE-
Page 1787 and 1788:
CVE-2012-3656, CVE-2012-3661, CVE-2
Page 1789 and 1790:
Description: Synopsis:\n\nThe remot
Page 1791 and 1792:
Tridium SCADA Server Detection PVS
Page 1793 and 1794:
lead to code execution. (CVE-2012-2
Page 1795 and 1796:
Description: The remote Apple iPad
Page 1797 and 1798:
exist. (CVE-2012-1970,CVE-2012-1971
Page 1799 and 1800:
uttons. This can allow arbitrary co
Page 1801 and 1802:
Carbonite 'Cloud' Backup Service De
Page 1803 and 1804:
Description: The remote client is s
Page 1805 and 1806:
CVE-2012-3723 Mac OS X 10.8 < 10.8.
Page 1807 and 1808:
CVE-2011-3044, CVE-2011-3050, CVE-2
Page 1809 and 1810:
CVE Not available Slacker applicati
Page 1811 and 1812:
to audio device handling. (CVE-2012
Page 1813 and 1814:
site. An attacker can also exploit
Page 1815 and 1816:
access to the 'location' object. (C
Page 1817 and 1818:
CVE-2012-3180 BigFix Client Patch U
Page 1819 and 1820:
Page 1821 and 1822:
Page 1823 and 1824:
Page 1825 and 1826:
Page 1827 and 1828:
Description: The remote server is a
Page 1829 and 1830:
affected by multiple vulnerabilitie
Page 1831 and 1832:
Flash Player < CVE-2012-2749 PVS ID
Page 1833 and 1834:
for successful exploitation.\n\n -
Page 1835 and 1836:
Page 1837 and 1838:
Page 1839 and 1840:
Page 1841 and 1842:
Page 1843 and 1844:
Solution: Update to JDK / JRE 7 Upd
Page 1845 and 1846:
has an unspecified impact. (CVE-201
Page 1847 and 1848:
decoding. (CVE-2013-0894)\n\n - Mem
show all

(PVS) Signatures - Tenable Network Security

Create successful ePaper yourself

Delete template?

Save as template?