1. Trang chủ
  2. » Công Nghệ Thông Tin

Open Source Security Tools : Practical Guide to Security Applications part 57 pdf

10 163 0
Open Source Security Tools : Practical Guide to Security Applications part 57 pdf

Đang tải... (xem toàn văn)

Thông tin tài liệu

Appendix E • Nessus Plug-ins 539 Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) SNMP Obtain Cisco type via SNMP Useless services X Display Manager Con- trol Protocol (XDMCP) Useless services rexecd CAN-1999-0618 Useless services Systat CVE-1999-0103 Useless services rsh CAN-1999-0651 Useless services Finger CVE-1999-0612 Useless services Telnet CAN-1999-0619 Useless services Echo port open CVE-1999-0103, CAN-1999-0635 Useless services Check for Webmin Useless services rlogin CAN-1999-0651 Useless services Chargen CVE-1999-0103 Useless services Quote of the day CVE-1999-0103 Useless services GameSpy detection 6636 Useless services Identd enabled CAN-1999-0629 Useless services Check for a Citrix server 7276 Useless services Windows Terminal Service Enabled CAN-2001-0540 7258 Useless services netstat CAN-1999-0650 Useless services Daytime CVE-1999-0103 Useless services Writesrv Useless services Discard port open CAN-1999-0636 Useless services xtux server detection CVE-2002-0431 4260 Windows SMB Registry : SQL7 Patches CVE-2002-0642 5205 Howlett_AppE.fm Page 539 Friday, June 25, 2004 1:50 PM 540 Appendix E • Nessus Plug-ins Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) Windows Multiple ICQ Vulner- abilities CAN-2003-0235, CAN-2003-0236, CAN-2003-0237, CAN-2003-0238, CAN-2003-0239 7461, 7462, 7463, 7464, 7465, 7466 Windows Visual Basic for Applica- tion Overflow CAN-2003-0347 8534 Windows Domain account lockout vulnerability 1973 Windows Certificate Validation Flaw Could Enable Iden- tity Spoofing (Q328145) CAN-2002-1183, CAN-2002-0862 5410 Windows DirectX MIDI Overflow (819696) CAN-2003-0346 7370 Windows Cumulative Patch for Internet Information Services (Q327696) CVE-2002-0147, CVE-2002-0149, CVE-2002-0150, CAN-2002-0224, CAN-2002-0869, CAN-2002-1182, CAN-2002-1180, CAN-2002-1181 4474 Windows SMB get domain SID CVE-2000-1200 959 Windows CuteFTP multiple flaws 6786, 6642 Windows RPC Endpoint Mapper can Cause RPC Service to Fail CVE-2001-0662 3313 Windows SMB Registry : is the remote host a PDC/BDC CAN-1999-0659 Windows Buffer Overrun in Mes- senger Service (828035) CAN-2003-0717 8826 Windows scan for UPNP hosts CVE-2001-0876 3723 Windows Incomplete TCP/IP packet vulnerability CAN-2000-1039 2022 Howlett_AppE.fm Page 540 Friday, June 25, 2004 1:50 PM Appendix E • Nessus Plug-ins 541 Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) Windows WinAMP3 buffer overflow 6515 Windows Opening Group Policy Files (Q318089) CVE-2002-0051 4438 Windows SMB Registry : Classic Logon Screen Windows NetBIOS Name Server Protocol Spoofing patch CVE-2000-0673 1514 Windows Possible RPC Interface compromise CAN-2003-0528 Windows Buffer overrun in NT kernel message handling CAN-2003-0112 7370 Windows SMB Registry : Do not show the last user name Windows Telnet Client NTLM Authentication Vulnerability CVE-2000-0834 1683 Windows Flaw in Windows Function may allow DoS (823803) CAN-2003-0525 Windows SmartFTP Overflow Windows Flaw in message handling through utility mgr CAN-2003-0350 8205 Windows The ScriptLogic service is running 7477, 7575 Windows Relative Shell Path patch CVE-2000-0663 1507 Windows Quicktime player buffer overflow CAN-2003-0168 7247 Windows SMB accessible registry CAN-1999-0562 Windows SMB NativeLanMan Windows scan for UPNP/Tcp hosts Howlett_AppE.fm Page 541 Friday, June 25, 2004 1:50 PM 542 Appendix E • Nessus Plug-ins Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) Windows XML Core Services patch (Q318203) CVE-2002-0057 3699 Windows Windows Messenger is installed CAN-1999-1484, CAN-2002-0228, CAN-2002-0472 668, 4028, 4316, 4675, 4827 Windows Using NetBIOS to retrieve information from a Win- dows host CAN-1999-0621 Windows Blackmoon FTP stores passwords in cleartext CAN-2003-0342 7646 Windows Unchecked buffer in Windows Shell CVE-2002-0070 4248 Windows Vulnerability in Authenti- code Verification Could Allow Remote Code Exe- cution (823182) CAN-2003-0660 Windows Drag And Zip Overflow Windows SMB use domain SID to enumerate users CVE-2000-1200 959 Windows Microsoft’s SQL Overflows CAN-2002-1137, CAN-2002-1138, CAN-2002-0649, CVE-2002-0650, CAN-2002-1145, CAN-2002-0644, CAN-2002-0645, CAN-2002-0721 5310, 5311 Windows Flaw in SMB Signing Could Enable Group Policy to be Modified (329170) CAN-2002-1256 Windows SMB Registry : Winlogon caches passwords Windows Flaw in RPC Endpoint Mapper (MS03-010) CAN-2002-1561 Howlett_AppE.fm Page 542 Friday, June 25, 2004 1:50 PM Appendix E • Nessus Plug-ins 543 Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) Windows Unchecked Buffer in XP upnp CVE-2001-0876 3723 Windows SMB on port 445 Windows SMB log in as users CAN-1999-0504, CAN-1999-0506 Windows FlashFXP Overflow 7857, 7859 Windows DrWeb Folder Name Overflow 7022 Windows SMB Windows9x pass- word verification vulnerability CVE-2000-0979 1780 Windows Unprotected PC Any- where Service Windows Cumulative Patch for Internet Information Services (Q11114) CAN-2003-0224, CAN-2003-0225, 2003-0226 7731, 7735, 7733 Windows SMB Registry : permis- sions of keys that can lead to admin CAN-1999-0589 Windows Malformed RPC Packet patch CAN-2000-0544 1304 Windows IrDA access violation patch CVE-2001-0659 3215 Windows CesarFTP stores pass- words in cleartext CAN-2003-0329 Windows IRCXPro Clear Text Passwords 7792 Windows Unchecked buffer in Locate Service CAN-2003-0003 Windows Buffer Overflow in Windows Troubleshooter ActiveX Control (826232) CAN-2003-0661 Howlett_AppE.fm Page 543 Friday, June 25, 2004 1:50 PM 544 Appendix E • Nessus Plug-ins Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) Windows Yahoo!Messenger is installed CAN-2002-0320, CAN-2002-0321, CAN-2002-0031, CVE-2002-0032, CAN-2002-0322 2299, 4162, 4163, 4164, 4173, 4837, 4838, 5579, 6121 Windows Buffer overrun in Windows Shell (821557) CAN-2003-0351 Windows Unchecked Buffer in PPTP Implementation Could Enable DOS Attacks (Q329834) CAN-2002-1214 Windows SMB Registry : permis- sions of winlogon CAN-1999-0589 Windows Flaw in Certificate Enroll- ment Control (Q323172) CAN-2002-0699 Windows Local Security Policy Corruption CVE-2000-0771 1613 Windows Buffer overrun in RPC Interface (823980) CAN-2003-0352 Windows IE VBScript Handling patch (Q318089) CVE-2002-0052 4158 Windows NT IP fragment reassem- bly patch not applied (jolt2) CVE-2000-0305 1236 Windows PFTP clear-text passwords Windows SMB log in CAN-1999-0504, CAN-1999-0506, CVE-2000-0222, CAN-1999-0505, CAN-2002-1117 490 Windows Opera remote heap cor- ruption vulnerability 7450 Windows Word can lead to Script execution on mail reply CVE-2002-1056 4397 Howlett_AppE.fm Page 544 Friday, June 25, 2004 1:50 PM Appendix E • Nessus Plug-ins 545 Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) Windows The remote host is infected by a virus Windows SMB Registry : No dial in Windows The alerter service is running CAN-1999-0630 Windows NTLMSSP Privilege Escalation CVE-2001-0016 2348 Windows Microsoft ISA Server DNS - Denial Of Service (MS03-009) CAN-2003-0011 7145 Windows Cumulative patch for Windows Media Player CVE-2002-0372, CVE-2002-0373, CAN-2002-0615 5107, 5109, 5110 Windows Malformed PPTP Packet Stream vulnerability CVE-2001-0017 2368 Windows CA Unicenter’s Transport Service is running Windows Microsoft ISA Server Winsock Proxy DoS (MS03-012) CAN-2003-0110 7314 Windows SMB Registry : permis- sions of WinVNC’s key CVE-2000-1164 1961 Windows Cumulative VM update CAN-2002-0058, CVE-2002-0078 4228, 4392 Windows Unchecked buffer in ASP.NET worker process CVE-2002-0369 4958 Windows Unchecked Buffer in XP Redirector (Q810577) CAN-2003-0004 Windows SMB Registry : permis- sions of HKLM CAN-1999-0589 Windows NT ResetBrowser frame & HostAnnouncement flood patc CVE-2000-0404 1262 Howlett_AppE.fm Page 545 Friday, June 25, 2004 1:50 PM 546 Appendix E • Nessus Plug-ins Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) Windows Windows Media Player Library Access CAN-2003-0348 8034 Windows Windows Debugger flaw can Lead to Elevated Priv- ileges (Q320206) CVE-2002-0367 4287 Windows Unchecked buffer in MDAC Function CVE-2002-0695, CVE-2003-0353, 2002-0695, CAN- 2003-0353 5372 Windows Multiple flaws in the Opera web browser 7056, 6962, 6811, 6814, 6754, 6755, 6756, 6757, 6759, 6218 Windows Buffer Overrun in Mes- senger Service (real test) CAN-2003-0717 8826 Windows SMB get host SID CVE-2000-1200 959 Windows Windows Network Man- ager Privilege Elevation (Q326886) CVE-2002-0720 5480 Windows Microsoft SQL TCP/IP listener is running CAN-1999-0652 Windows Windows RAS overflow (Q318138) CVE-2002-0366 4852 Windows Detect CIS ports Windows Webserver file request parsing CVE-2000-0886 1912 Windows RealPlayer PNG deflate heap corruption CAN-2003-0141 7177 Windows Unchecked Buffer in Windows Help(Q323255) CAN-2002-0693, CAN-2002-0694 Windows Flaw in WinXP Help center could enable file deletion CAN-2002-0974 5478 Howlett_AppE.fm Page 546 Friday, June 25, 2004 1:50 PM Appendix E • Nessus Plug-ins 547 Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) Windows Unchecked buffer in Network Share Provider (Q326830) CAN-2002-0724 5556 Windows Gator/GAIN Spyware Installed Windows WM_TIMER Message Handler Privilege Eleva- tion (Q328310) CAN-2002-1230 5927 Windows Java Media Framework (JMF) Vulnerability Windows ARCserve hidden share CAN-2001-0960 3343 Windows SMB Registry : permis- sions of the SNMP key CAN-2001-0046 2066 Windows Cumulative patches for Excel and Word for Windows CVE-2002-0616, CVE-2002-0617, CVE-2002-0618, CVE-2002-0619 4821 Windows SMB Registry : permis- sions of the Microsoft Transaction Server key CAN-2001-0047 2065 Windows scriptlogic logging share 7476 Windows NetBIOS Name Service Reply Information Leakage CAN-2003-0661 8532 Windows SMB log in with W32/ Deloder passwords Windows DCE Services Enumeration Windows Flaw in Microsoft VM (816093) CAN-2003-0111 Howlett_AppE.fm Page 547 Friday, June 25, 2004 1:50 PM 548 Appendix E • Nessus Plug-ins Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) Windows Microsoft’s SQL Version Query CAN-2000-1081, CVE-2000-0202, CVE-2000-0485, CAN-2000-1087, CAN-2000-1088, CAN-2002-0982, CAN-2001-0542, CVE-2001-0344 4135, 4847, 5014, 5205 Windows Opera web browser HREF overflow CAN-2003-0870 Windows Microsoft’s SQL Hello Overflow CAN-2002-1123 5411 Windows SMB shares enumeration Windows SMB Registry : value of SFCDisable Windows Gupta SQLBase EXECUTE buffer overflow 6808 Windows Buffer Overrun In HTML Converter Could Allow Code Execution (823559) CAN-2003-0469 Windows Unchecked Buffer in ntdll.dll (Q815021) CAN-2003-0109 7116 Windows SMB enum services Windows Cumulative Patch for MS SQL Server (815495) CAN-2003-0230, CAN-2003-0231, CAN-2003-0232 8274, 8275, 8276 Windows Windows Media Player Skin Download Overflow CAN-2003-0228 Howlett_AppE.fm Page 548 Friday, June 25, 2004 1:50 PM . port open CAN-1999-0636 Useless services xtux server detection CVE-2002-0431 4260 Windows SMB Registry : SQL7 Patches CVE-2002-0642 5205 Howlett_AppE.fm Page 539 Friday, June 25, 2004 1:5 0 PM 540. worker process CVE-2002-0369 4958 Windows Unchecked Buffer in XP Redirector (Q81 0577 ) CAN-2003-0004 Windows SMB Registry : permis- sions of HKLM CAN-1999-0589 Windows NT ResetBrowser frame &. Friday, June 25, 2004 1:5 0 PM Appendix E • Nessus Plug-ins 541 Family Plug-in Name CVE ID Number(s) BugTraq ID Number(s) Windows WinAMP3 buffer overflow 6515 Windows Opening Group Policy Files

Ngày đăng: 04/07/2014, 13:20

Xem thêm: Open Source Security Tools : Practical Guide to Security Applications part 57 pdf

Tài liệu cùng người dùng

Tài liệu liên quan