ID

17973

Nom

Lime Wire Multiple Remote Unauthorized Access

Auteurs

This script is Copyright (C) 2005 David Maciejak

Catégorie

Misc.

Action

infos

Résumé

Checks for remote unauthorized access flaw in Lime Wire

Description

The remote host seems to be running Lime Wire, a P2P file sharing program. This version is vulnerable to remote unauthorized access flaws. An attacker can access to potentially sensitive files on the remote vulnerable host. Solution: Upgrade at least to version 4.8 Risk factor: High

Macallan IMAP Server Directory Traversal Vulnerabilities
MAILsweeper Archive File Filtering Bypass
SNMPc Management Server Default Credentials
SSH Tectia Server SFTP Filename Logging Format String
Samba 3.2.0 - 3.2.6 Unauthorized Access
rsync modules
ZyXEL Routers Default Web Account
Motorola Vanguard with No Password
TinyWeb 1.9
OpenSSH Reverse DNS Lookup bypass
3Com Superstack 3 Switch Multiple Default Accounts
WinComLPD LPD Monitoring Server Default Credentials
Xen Guest Detection
FortressSSH SSH_MSG_KEXINIT Logging Remote Overflow
Websense reporting console detection
RIP-1 Poisoning
Unreal IRCd IP cloaking weakness
Nortel Networks passwordless router (user level)
Cabletron Web View Administrative Access
EMC Legato Networker Multiple Vulnerabilities
Kerberos Server Spoofed Packet Amplification DoS (PingPong)
VNC security types
Traceroute
Samba NDR MS-RPC Request Heap-Based Remote Buffer Overflow
CUPS < 1.3.8 PNG File Handling Multiple Overflows
Multiple Ethernet Driver Frame Padding Information Disclosure (Etherleak)
Netscape /.perf accessible
Lotus Domino Detection
CUPS < 1.3.10 Multiple Vulnerabilities
Default password (0000) for user on WIP5000 IP Phone
POP2 Unencrypted Cleartext Logins
Cheops NG Unauthenticated Access
ClamAV < 0.95.1 Multiple Vulnerabilities
CUPS Printer List Disclosure
Passwordless Lexmark Printer
StarWind Control Port Default Credentials
HP LaserJet Direct Print Filter Bypass
HylaFAX hfaxd with PAM Password Policy Bypass
eDirectory < 8.8 SP3 Multiple Vulnerabilities (OF, XSS, MC)
Sun Java System Web Proxy Server Unspecified Remote Denial Of Service Vulnerability
Intrusion.com SecureNet sensor detection
WebShield Appliance detection
Qpopper Insecure File Handling Vulnerabilities
XtraMail Control Service Username Overflow
SSH Tectia Server Host Authentication Authorization Bypass Vulnerability
Trend Micro IWSS console management detection
KeyServer Default Credentials
XEROX WorkCentre Multiple Vulnerabilities (XRX05-006)
XEROX DocuCentre / WorkCentre Postscript Interpreter Traversal (XRX05-001)
CUPS < 1.1.18 Multiple Vulnerabilities
SurgeMail IMAP Service APPEND Command Remote DoS
UPnP Internet Gateway Device port mapping
Hobbit Monitor config Method Traversal Arbitrary File Access
RedHat 6.2 inetd
Allied Telesyn Router/Switch Web Interface Default Password
Firewall ECE-bit bypass
Intrusion.com SecureNet provider detection
ClamAV < 0.95 Scan Evasion
MikroTik RouterOS with Blank Password (HTTP)
DeleGate Proxy Server < 9.7.5 Multiple Vulnerabilities
Enterasys Dragon Enterprise Reporting detection
POP Password Changer Unauthorized Password Change Vulnerability
Record route
F5 BIG-IP web management interface version
Linux Kernel IP Stack ICMP Error Response Arbitrary Memory Information Disclosure
Dropbear SSH privilege escalation
Retrospect Backup Client Multiple Vulnerabilities (ESA-08-009)
Avocent KVM over IP Switch Detection
OpenSSH GSSAPI Credential Disclosure Vulnerability
Check Point Secure Platform Detection
Samba < 3.0.24 Multiple Flaws
Portable OpenSSH PAM timing attack
CUPS < 1.3.6 process_browse_data() Function Double Free DoS
NetworkActive Web Server Overflow
RIP Poisoning (Adjacent Network)
4D WebSTAR Symlink Privilege Escalation
notes.ini checker
Bay Networks Accelar 1200 Switch Default Password (password) for usrname Account
Default password (000000) for admin on WIP5000 IP Phone
Attachmate Reflection for Secure IT UNIX server < 7.0 SP1 Multiple Vulnerabilities
SurgeMail IMAP Server SEARCH Command Remote Buffer Overflow
Insecure UPnP Internet Gateway Device
XEROX WorkCentre Multiple Samba Vulnerabilities (XRX08-001)
OpenSSH X11 Forwarding Session Hijacking
XEROX WorkCentre Samba Overflow (XRX08-009)
ArGoSoft Mail Server _DUMP Command System Information Disclosure
Microsoft IIS Authentication Method Enumeration
Adobe Flash Media Server RPC Privilege Escalation (APSB09-05)
Intellipeer POP3 server user account enumeration
Alcatel ADSL Modem Unpassworded Access
Network daemons not managed by the package system
CUPS < 1.3.7 Multiple Vulnerabilities (Overflow, Info Disc)
sipXtapi INVITE Message CSeq Field Header Remote Overflow
OpenSSH < 4.4 Multiple GSSAPI Vulnerabilities
ZyXEL Router Default Telnet Password Present
VMware Guest
Alcatel ADSL Modem Unrestricted Remote Access
Sun Java System Directory Proxy Server Unauthorized Access
POP3 Unencrypted Cleartext Logins
ZyXEL Prestige Router Configuration Reset
AirConnect Default Password
Squid Proxy Set-Cookie Headers Information Disclosure Vulnerability
HP JetDirect Vulnerabilities
AttachmateWRQ Reflection for Secure IT Server < 6.0 Build 24 Multiple Vulnerabilities
RealServer Memory Content Disclosure
Several GET Requests Lock Web Server
Nortel/Bay Networks default password
UW-IMAP CRAM-MD5 Remote Authentication Bypass Vulnerability
Memcached / MemcacheDB ASLR Bypass Weakness
Retrospect Client Malformed Packet DoS
Ethernet card brand
CUPS < 1.1.23 Multiple Vulnerabilities
OpenSSL password interception
UPnP Internet Gateway Device external IP address
Shiva LanRover Blank Password
INN buffer overflow
Mailman Password Retrieval
Squid < 2.5.STABLE8 Multiple Vulnerabilities
WinComLPD LPD Monitoring Server Authentication Bypass
Open X11 Server
Samba ACL Modification Security Bypass Vulnerability
Trend Micro IMSS console management detection
Samba 3.0.29 - 3.2.4 Potential Memory Disclosure
SAPlpd < 6.29 Multiple Vulnerabilities
IgnitionServer Irc operator privilege escalation vulnerability
XEROX WorkCentre Multiple Vulnerabilities (XRX06-002)
SunOne Web Proxy Unspecified Remote Buffer Overflows
Samba < 3.0.25 Multiple Vulnerabilities
VNC Server Unauthenticated Access
Pocsag password
IMAP Unencrypted Cleartext Logins
eDirectory < 8.7.3 SP10 FTF1 Multiple Vulnerabilities (OF, DoS)
VNC Server Remote Authentication Bypass
IBM AS400 and iSeries POP3 Server Remote Information Disclosure
ShareMailPro Username Identification
Citrix Published Applications Remote Enumeration
Polipo Local Web Root Restriction Bypass Vulnerability
RIP-2 Poisoning
eDirectory eMBox Utility Unauthorized Access (remote check)
eStara SoftPhone SIP Packet SDP Data attribute Field Overflow
CUPS Internet Printing Protocol (IPP) Implementation Empty UDP Datagram Remote DoS
Nortel/Bay Networks/Xylogics Annex default password
Default password router Pirelli AGE mB
LDAP server information
SMC2804WBR Default Password
Samba < 3.0.27 Multiple Vulnerabilities
Clearswift MIMEsweeper Manager Console Detection
BlackBerry Enterprise Server / Unite! Detection
Nortel Multiple Default Accounts
Axis Camera Default Password
Cayman DSL Router Single Character String Authentication Bypass
IP Protocols Scan
Samba Machine Trust Account Local Information Disclosure Vulnerability
MikroTik RouterOS with Blank Password (Telnet)
Netscape Messenging Server User List
AttachmateWRQ Reflection for Secure IT Server SFTP Format String
XEROX WorkCentre Multi-Page Document Scan/Fax Information Disclosure (XRX05-002)
Open Port Re-check
ClamAV Version Detection
Nortel Baystack switch password test
Netopia SNMP password disclosure flaw
Asterisk SIP Remote Authentication Bypass
XEROX WorkCentre Multiple Vulnerabilities (XRX06-006)
WebWasher Classic HTTP CONNECT Unauthorized Access Weakness
UPnP Internet Gateway Device
CUPS SNMP Back End (backend/snmp.c) asn1_get_string Function Crafted SNMP Response Remote Overflow
CUPS Incomplete SSL Negotiation Remote DoS
Avaya P330 Stackable Switch Default Password
Apple AirPort Base Station Authentication Credential Encryption Weakness
NAI Management Agent leaks info
Allied Telesyn Router/Switch Default Password
Shiva Integrator Default Password
Nortel Networks passwordless router (manager level)
qpopper options buffer overflow
Proxy Web Server Cross Site Scripting
RIP Poisoning
Dovecot Multiple Command Traversal Arbitrary Directory Listing
ISS deployment manager detection
Tektronix /ncl_items.html
Lime Wire Multiple Remote Unauthorized Access
MagniComp SysInfo Agent Accessible
Tomcat /status information disclosure
LDAP allows anonymous binds
BNC IRC Server Incorrect Password Authentication Bypass
CUPS < 1.3.9 Multiple Vulnerabilities
XEROX WorkCentre Multiple Vulnerabilities (XRX06-001)
Samba < 3.0.30 receive_smb_raw Function Remote Buffer Overflow
Irix Performance Copilot Service Information Disclosure
Squid null character unauthorized access
Passwordless Cayman DSL router
CUPS cups/ipp.c ippReadIO Function IPP Tag Handling Overflow
HylaFAX Remote Access Control Bypass Vulnerability
Qpopper Username Information Disclosure
ClamAV < 0.95.2 Multiple Scan Evasion Vulnerabilities
Samba < 3.0.28 send_mailslot Function Remote Buffer Overflow
Squid Proxy Failed DNS Lookup Random Error Messages
OpenVPN Unprotected Management Interface
HP LaserJet Display Modification
Kismet Server Information Disclosure
pam_ssh User Enumeration Vulnerability
XEROX WorkCentre Multiple OpenSSL Vulnerabilities (XRX07-001)
Dovecot passdbs Argument Injection Authentication Bypass
Trend Micro TMCM console management detection
Passwordless HP LaserJet
Netgear ProSafe Router password disclosure
NetScaler web management cookie information
ArGoSoft Mail Server Pro IMAP RENAME Command Traversal Arbitrary Directory Creation
XEROX WorkCentre MicroServer Multiple Vulnerabilities (XRX05-005)
eStara SoftPhone Detection
Identd scan