1. Trang chủ
  2. » Công Nghệ Thông Tin

Open Source Security Tools : Practical Guide to Security Applications part 48 docx

10 304 0

Đang tải... (xem toàn văn)

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 10
Dung lượng 109,36 KB

Nội dung

Appendix E • Nessus Plug-ins 449 Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) Backdoors Dansie Shopping Cart backdoor CVE-2000-0252 1115 Backdoors Kuang2 the Virus CAN-1999-0660 Backdoors Stacheldraht Detect CAN-2000-0138 Backdoors PC Anywhere TCP Backdoors Portal of Doom CAN-1999-0660 Backdoors Wollf backdoor detection Backdoors BackOrifice CAN-1999-0660 Backdoors Alcatel OmniSwitch 7700/ 7800 switches backdoor CAN-2002-1272 Backdoors IIS Possible Compromise Backdoors GateCrasher CAN-1999-0660 Backdoors FsSniffer Detection Backdoors MPEi/X Default Accounts Backdoors Remote PC Access Server Detection Backdoors RemotelyAnywhere WWW detection Backdoors SyGate Backdoor CVE-2000-0113 952 Backdoors Trin00 Detect CAN-2000-0138 Backdoors Fluxay Sensor Detection CGI abuses bttlxeForum SQL injection CAN-2003-0215 CGI abuses rpm_query CGI CVE-2000-0192 1036 CGI abuses WebsitePro buffer overflow CAN-2000-0623 1492 CGI abuses Ocean12 Database Download 7328 Howlett_AppE.fm Page 449 Friday, June 25, 2004 1:50 PM 450 Appendix E • Nessus Plug-ins Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) CGI abuses AtomicBoard file reading 8236 CGI abuses ftp.pl shows the listing of any dir CVE-2000-0674 1471 CGI abuses php file upload CVE-2000-0860 1649 CGI abuses cgitest.exe buffer overrun CVE-2002-0128 3885 CGI abuses Webfroot Shoutbox Directory Traversal 7717 CGI abuses ServletExec 4.1 / JRun ISAPI DoS CAN-2002-0894, CVE-2000-0681 4796, 1570 CGI abuses IkonBoard arbitrary command execution 7361 CGI abuses AutomatedShops WebC.cgi buffer overflows 7268 CGI abuses typo3 arbitrary file reading 6993, 6988, 6986, 6985, 6984, 6983, 6982 CGI abuses alibaba.pl CAN-1999-0885 770 CGI abuses Sambar Web Server CGI scripts CAN-2000-0213 1002 CGI abuses pals-cgi CAN-2001-0216 2372 CGI abuses iiprotect bypass 7661 CGI abuses Turba Path Disclosure CGI abuses sglMerchant Information Disclosure Vulnerability CAN-2001-1019 3309 CGI abuses VP-ASP SQL Injection 4861 CGI abuses multihtml cgi CVE-2000-0912 CGI abuses Coppermine Gallery SQL injection 7471 CGI abuses Outlook Web anonymous access CVE-2001-0660 3301 Howlett_AppE.fm Page 450 Friday, June 25, 2004 1:50 PM Appendix E • Nessus Plug-ins 451 Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) CGI abuses ibillpm.pl 3476 CGI abuses jj cgi CVE-1999-0260 2002 CGI abuses e107 database dump 8273 CGI abuses Oracle 9iAS access to SOAP documentation CGI abuses view_source CVE-1999-0174 2251 CGI abuses TrendMicro Emanager software check CAN-2001-0958 3327 CGI abuses texi.exe information disclosure 7105 CGI abuses Check for bdir.htr files CGI abuses Check for IIS .cnf file leakage 4078 CGI abuses test-cgi CVE-1999-0070 2003 CGI abuses testcgi.exe Cross Site Scripting 7214 CGI abuses gallery code injection CVE-2001-1234 3397 CGI abuses PHPix directory traversal vulnerability CVE-2000-0919 1773 CGI abuses Avenger’s News System Command Execution CAN-2002-0307 4147 CGI abuses Neoteris IVE XSS CAN-2003-0217 CGI abuses Netscape Administration Server admin password 1579 CGI abuses IIS .IDA ISAPI filter applied CVE-2001-0500 2880 CGI abuses Oracle 9iAS DAD Admin interface CGI abuses directory pro web traversal CAN-2001-0780 2793 Howlett_AppE.fm Page 451 Friday, June 25, 2004 1:50 PM 452 Appendix E • Nessus Plug-ins Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) CGI abuses UploadLite cgi 7051 CGI abuses InterScan VirusWall Remote Configuration Vulnerability CAN-2001-0432 2579 CGI abuses Bonsai Mutiple Flaws CAN-2003-0152, CAN-2003-0153, CAN-2003-0154, CAN-2003-0155 CGI abuses gallery code injection (2) 8814 CGI abuses Mantis Detection CGI abuses PHP-Nuke security vulnerability (bb_smilies.php) CAN-2001-0320 CGI abuses eLDAPo cleartext passwords 7535 CGI abuses php socket_iovec_alloc() integer overflow CAN-2003-0172 7187, 7197, 7198, 7199, 7210, 7256, 7259 CGI abuses Mnogosearch overflows CGI abuses OpenBB SQL injection 7401, 7404, 7405 CGI abuses Agora CGI Cross Site Scripting CVE-2001-1199 3702 CGI abuses admin.cgi overflow CAN-2002-0199 3934 CGI abuses Super Guestbook config disclosure 7319 CGI abuses WebLogic management servlet 7122, 7124, 7130, 7131 CGI abuses GroupWise Web Inter- face ‘HTMLVER’ hole CAN-2002-0341 CGI abuses phpMyAdmin multiple flaws 7965, 7964, 7963, 7962 Howlett_AppE.fm Page 452 Friday, June 25, 2004 1:50 PM Appendix E • Nessus Plug-ins 453 Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) CGI abuses auktion.cgi CAN-2001-0212 2367 CGI abuses MSQL CGI overflow CVE-1999-0753 591 CGI abuses Simple File Manager File- name Script Injection 7035 CGI abuses Sambar sendmail /session/ sendmail CGI abuses Poll It v2.0 cgi CVE-2000-0590 1431 CGI abuses Netscape Server ? PageServices bug CVE-1999-0269 CGI abuses empower cgi path CAN-2001-0224 2374 CGI abuses CERN httpd problem CAN-2000-0079 936 CGI abuses ICECast FileSystem disclosure 5189 CGI abuses Adcycle Password Disclosure CAN-2000-1161 1969 CGI abuses album.pl Command Execution 7444 CGI abuses tektronix’s _ncl_items.shtml CAN-2001-0484 2659 CGI abuses ht://Dig’s htsearch potential exposure/dos CVE-2001-0834 3410 CGI abuses UltraSeek 3.1.x Remote DoS CVE-2000-1019 1866 CGI abuses Novell Web Server NDS Tree Browsing CAN-1999-1020 484 CGI abuses WebSphere Cross Site Scripting 2401 CGI abuses paFileDB XSS 6021 CGI abuses Coppermine Gallery Remote Command Execution 7300 Howlett_AppE.fm Page 453 Friday, June 25, 2004 1:50 PM 454 Appendix E • Nessus Plug-ins Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) CGI abuses sojourn.cgi CVE-2000-0180 1052 CGI abuses printenv CGI abuses Beanwebb’s guestbook 7232, 7231 CGI abuses Ocean12 Guestbook XSS 7329 CGI abuses IMP SQL injection CGI abuses TalentSoft Web+ Input Validation Bug Vulnerability CVE-2000-0282 1102 CGI abuses Xoops path disclosure CAN-2002-0216, CAN-2002-0217 3977, 3978, 3981, 5785, 6344, 6393 CGI abuses Directory listing through Sambar’s search.dll CAN-2000-0835 1684 CGI abuses store.cgi CAN-2001-0305 2385 CGI abuses ttCMS code injection 7542, 7543, 7625 CGI abuses Philboard database access CGI abuses Non-Existant Page Physical Path Disclosure Vulnerability 4261 CGI abuses webdriver 2166 CGI abuses SLMail WebMail overflows CGI abuses whois_raw CAN-1999-1063 304 CGI abuses Extent RBS ISP CVE-2000-1036 1704 CGI abuses Cobalt siteUserMod cgi CVE-2000-0117 951 CGI abuses cpanel remote command execution 6882 CGI abuses ddicgi.exe vulnerability CAN-2000-0826 1657 CGI abuses myPHPcalendar injection CGI abuses AspUpload vulnerability CAN-2001-0938 Howlett_AppE.fm Page 454 Friday, June 25, 2004 1:50 PM Appendix E • Nessus Plug-ins 455 Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) CGI abuses Microsoft Frontpage ‘authors’ exploits CGI abuses FormHandler.cgi CAN-1999-1051 799 CGI abuses TextPortal Default Passwords 7673 CGI abuses /scripts/repost.asp CGI abuses ht://Dig’s htsearch reveals web server path CAN-2000-1191 CGI abuses ASP.NET Cross Site Scripting CAN-2003-0223 CGI abuses Auction Deluxe XSS CAN-2002-0257 4069 CGI abuses KW whois CVE-2000-0941 1883 CGI abuses Owl Login bypass CGI abuses IIS directory traversal CVE-2000-0884 1806 CGI abuses Cobalt RaQ2 cgiwrap CVE-1999-1530, CVE-2000-0431 777, 1238 CGI abuses PHP-Nuke is installed on the remote host CAN-2001-0292, CAN-2001-0320, CAN-2001-0854, CAN-2001-0911, CAN-2001-1025, CAN-2002-0206, CAN-2002-0483, CAN-2002-1242 6446, 6465, 6503, 6750, 6887, 6890, 7031, 7060, 7078, 7079 CGI abuses PHP-Nuke Gallery Add-on File View CVE-2001-0900 CGI abuses PHP Ashnews code injection 8241 CGI abuses shtml.exe reveals full path CAN-2000-0413 1174 CGI abuses webspirs.cgi CAN-2001-0211 2362 Howlett_AppE.fm Page 455 Friday, June 25, 2004 1:50 PM 456 Appendix E • Nessus Plug-ins Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) CGI abuses Ultimate PHP Board admin_ip.php code injection 7678 CGI abuses WebSite pro reveals the physical file path of web directories CAN-2000-0066 932 CGI abuses glimpse CVE-1999-0147 2026 CGI abuses WebLogic source code disclosure CVE-2000-0682 1518 CGI abuses Poster version.two privilege escalation CGI abuses mod_ssl off by one CVE-2002-0653 5084 CGI abuses Sun’s Java Web Server remote command execution CAN-2000-0629 1459 CGI abuses Apache 2.0.39 Win32 directory traversal CAN-2002-0661 5434 CGI abuses quickstore traversal CAN-1999-0607, CAN-2000-1188 CGI abuses EZShopper 3.0 CAN-2000-0187 1014 CGI abuses Oracle 9iAS mod_plsql Buffer Overflow CAN-2001-1216 3726 CGI abuses TalentSoft Web+ version detection CGI abuses mod_ssl overflow CVE-2002-0082 4189 CGI abuses viewpage.php arbitrary file reading 7191 CGI abuses gallery xss 8288 CGI abuses Dune Web Server Overflow 7945 CGI abuses Apache Tomcat Directory Listing and File disclosure CAN-2003-0042 6721 Howlett_AppE.fm Page 456 Friday, June 25, 2004 1:50 PM Appendix E • Nessus Plug-ins 457 Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) CGI abuses args.bat CAN-1999-1180 CGI abuses SimpleBBS users disclosure 7045 CGI abuses Web Wiz Forums database disclosure 7380 CGI abuses Redhat Stronghold File System Disclosure CAN-2001-0868 CGI abuses bigconf CVE-1999-1550 778 CGI abuses Interactive Story Directory Traversal Vulnerability CVE-2001-0804 3028 CGI abuses MyAbraCadaWeb Cross Site Scripting 7126, 7127 CGI abuses AltaVista Intranet Search CVE-2000-0039 896 CGI abuses JServ Cross Site Scripting CGI abuses infosrch.cgi CVE-2000-0207 1031 CGI abuses Oracle 9iAS Globals.jsa access CAN-2002-0562 4034 CGI abuses /scripts directory browsable CGI abuses Reading CGI script sources using /cgi-bin-sdb CVE-2000-0868 1658 CGI abuses PHP-Nuke’ opendir CVE-2001-0321 CGI abuses guestbook tr3 password storage 7167 CGI abuses IIS dangerous sample files CGI abuses Read any file thanks to ~nobody/ CGI abuses IBM-HTTP-Server View Code 3518 Howlett_AppE.fm Page 457 Friday, June 25, 2004 1:50 PM 458 Appendix E • Nessus Plug-ins Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) CGI abuses MacOS X Finder reveals contents of Apache Web files 3325 CGI abuses uploader.exe CVE-1999-0177 CGI abuses Microsoft Frontpage XSS CAN-2000-0746 1594, 1595 CGI abuses bizdb1-search.cgi located CVE-2000-0287 1104 CGI abuses nph-publish.cgi CVE-1999-1177, CVE-2001-0400 CGI abuses MPC SoftWeb Guestbook database disclosure 7390, 7389 CGI abuses YaBB CVE-2000-0853 1668 CGI abuses Pi3Web tstisap.dll overflow CAN-2001-0302 2381 CGI abuses GTcatalog password disclosure CGI abuses Apache Tomcat /servlet Cross Site Scripting CAN-2002-0682 5193 CGI abuses Sambar XSS 7209 CGI abuses PDGSoft Shopping cart vulnerability CAN-2000-0401 1256 CGI abuses php POST file uploads CVE-2002-0081 4183 CGI abuses AnyForm CVE-1999-0066 719 CGI abuses ows-bin CVE-2000-0169 1053 CGI abuses Cognos Powerplay WE Vulnerability 491 CGI abuses PHP3 Physical Path Disclosure Vulnerability CGI abuses DCP-Portal Code Injection 6525 CGI abuses rot13sj.cgi Howlett_AppE.fm Page 458 Friday, June 25, 2004 1:50 PM . /scripts directory browsable CGI abuses Reading CGI script sources using /cgi-bin-sdb CVE-2000-0868 1658 CGI abuses PHP-Nuke’ opendir CVE-2001-0321 CGI abuses guestbook tr3 password storage 7167 CGI. Server Overflow 7945 CGI abuses Apache Tomcat Directory Listing and File disclosure CAN-2003-0042 6721 Howlett_AppE.fm Page 456 Friday, June 25, 2004 1:5 0 PM Appendix E • Nessus Plug-ins 457 Family. CVE-1999-0260 2002 CGI abuses e107 database dump 8273 CGI abuses Oracle 9iAS access to SOAP documentation CGI abuses view _source CVE-1999-0174 2251 CGI abuses TrendMicro Emanager software check CAN-2001-0958

Ngày đăng: 04/07/2014, 13:20

Xem thêm

TỪ KHÓA LIÊN QUAN

TÀI LIỆU CÙNG NGƯỜI DÙNG

TÀI LIỆU LIÊN QUAN