Chercher :
Newsletter :  
Exoscan : audit gratuit de failles
Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- SecuObs




Livres Blancs :

Le Cahier de Sécurité Business Orange Services présente les solutions existantes pour sécuriser une solution de ToIP




Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- Commentaires

Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top :
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs
- Commentaires


Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours

Exostat :
:: Détails tests
:: Top Failles
:: Top Divers
:: Top Tests

Secumail :
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS/XML :
- Articles
- Brèves
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS SecuObs :
- sécurité
- windows
- exploit
- microsoft
- réseau
- attaque

RSS Revue :
- security
- microsoft
- vulnérabilité
- windows
- vulnerability
- network

RSS Videos :
- virus
- spyware
- vmware
- firmware
- security
- malware

RSS Twitter :
- patch
- conficker
- twitter
- attack
- metasploit
- firewall

RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours

RSS OPML :
- Français
- International



Revue de presse francophone :
- La ToIP progresse dans les entreprises grâce aux box
- Cisco annonce sa certification la plus élevée : mariage entre les réseaux et les métiers
- Chorégie calibre ses machines virtuelles grâce à un outil ad hoc
- Grève de 2500 employés chez Alcatel-Lucent
- Passeport d'urgence : les Etats-Unis n'acceptent que la version électronique
- Facebook veut répondre aux critiques sur la protection de la vie privée
- Le Nokia N97 chez Orange courant juillet à 279 euros
- The Pirate Bay vendu
- Le Barreau de Bruxelles élit ses représentants via le web
- Téléphonie sur Wifi pour 350 utilisateurs au CHU de Clermont-Ferrand
- Coup de poker chez les pirates Chinois
- securite 55 bugs décelés dans Firefox 3.5
- Bulletin d'actualité numéro 027 de l'année 2009 (03 juillet 2009)
- phion airlock Web Application Firewall : Injection de Commande
- SSTIC 2009 Challenge vs Metasm

Dernier articles de SecuObs :
- MuDoS un générateur générique de Dénis de Service se basant sur la modélisation de facteurs communs
- Origami pour forger, analyser et manipuler des fichiers PDF malicieux
- Récupérer l'historique Web du navigateur d'une victime sans recourir à du code Javascript
- Slowloris exploite, en Déni de Service, une faille de conception dans Apache 1.x et 2.x, Squid, dhttpd et GoAhead WebServer
- Veiled un réseau chiffré et anonyme type Darknet avec un simple navigateur Web
- Le traçage de traître(s) pas aussi simple qu’il n’y paraît
- Fuzzgrind, un fuzzer intelligent et automatique
- Une compromission via le bus PCI et l’aide d’un processeur FPGA
- ARPFreeze facilite la protection de Microsoft Windows contre l'ARP Poisonning et les Man in the Middle
- Quelques statistiques et les évolutions à venir pour le projet Metasploit

Revue de presse internationale :
- Celebrity Deaths Drive Spam, with Jackson Pervasive
- Panda Reversing Challenge - Starts Tuesday
- OWASP Podcast #031 - Interview with Mark Curphey
- RADII and SDSD
- Trout Is A Lightweight Free Music Player
- Automatic Video Capture Software WebVideoCap
- Free Gift: Independence Day USA flag
- Xilinx Memory Controller
- Hacker Robs Bullitt County Of $415,000 1hr
- c|net: Symantec's Ramzan on solving the antivirus puzzle
- SANS Forensics: System State Backup
- BackTrack 4 Pre Final ? Feel the pwnsauce!
- WepBuster v1.0 beta0.5 released
- ThreatChaos Weekly Updates for 2009-07-03
- Va Pbaterff Nffrzoyrq, Whyl 4 1776

Annuaire des videos
- PDC Episode 151 Part II w3af Console Seth Misenar
- PDC Episode 151 Part I w3af GUI Seth Misenar
- Man In the Middle Attacks in a Virtual World
- Stoned Vienna Bootkit Introduction
- MAQ00327
- Lockpicking ABUS 55/35 [Tutorial]
- CNet Segment on Defcon 4
- Defcon 10 Random Footage
- Systm Episode 62 Bluetooth Speakerphone Mod
- CNN Segment on Defcon 13
- Systm 89: Boot Windows of a USB Drive Best Of...
- Script Injection Demonstration
- XSS Cross Site Scripting Demonstration
- Hak.5 Episode 2x10
- Hak.5 Whiteboard with mubix part 2/2

Revue Twitter
- Metasploit Framework eXploit Builder v3 -http://bit.ly/vbrn7
- [Video] Ettercap bEEf Mashup http://bit.ly/kvQ9j
- @garnettb Cloudy, but supposed to be in the 80's. Gotta work tonight myself :(
- RT @cyberwar Twitter is not an effective DDoS tool: http://tinyurl.com/lh5yqo
- Having it out with Gartner analysts over Next-gen firewall versus UTM debate. http://tinyurl.com/kumlfz
- @hevnsnt we are all using steganography
- @swirlspice when I recently upgraded the firmware on the airports, I had to reboot all the express stations
- Morning of the third day of ToorCamp, and everyone's walking around in that dazed too-much-desert stage.
- Gorgeous day! Top down. No clouds. 80 degrees at 11am. Waiting for my hottie to get done at the gym.
- RT @SecuObs: 130 232 downloads of BackTrack 4 Pre-Final since the release #backtrack http://bit.ly/Fqc0U Sa en fait des personnes...

Mini-Tagwall
Revue de presse : security, microsoft, vulnérabilité, windows, vulnerability, network, attack, google, hacker, exploit, inject, internet, remote

+ de mots clés pour la revue de presse
Annuaires des videos : virus, spyware, vmware, firmware, security, malware, lockpicking, biometric, kernel, iphone, windows, adware, password

+ de mots clés pour les videos
Revue Twitter : security, cisco, linux, defcon, firewall, vmware, metasploit, attack, server, phish, network, twitter, windows

+ de mots clés pour la revue Twitter

Top des articles de SecuObs
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- UCSniff ou comment capturer des conversations VoIP en haute définition
- Une nouvelle implémentation GSM libre
- Comment changer un mot de passe perdu pour un compte WINDOWS
- Downadup/Conficker, un ver qui fait des étincelles
- Une faille dans Gmail pour rediriger les mails des utilisateurs
- Injecteur de librairies DLL dans un processus distant sous Microsoft Windows Vista 32 bits
- Vista permet le monitoring Wifi quasiment “out of the box”
- SCS, un scanner pour déterminer si un poste est contaminé par Conficker
- [Sécuriser un réseau sans fil - Partie 1] Introduction à la sécurité du WI-FI

Top de la revue de presse
- La nouvelle DSi de Nintendo piraté !
- GSD How To: Dual Boot Windows 7 on Vista via VHD file
- Burundanga Drug Rumors Spread to Canada, Australia
- 15 minutes pour casser une clé WPA TKIP
- Un virus s'attaque au PHP, ASP et l'HTML !
- backtrack 4
- Le téléphone de Barak Obama n'est pas un Blackberry !
- Ron Paul supporter inadvertently gets iPhones banned from U.S. aircraft
- Une attaque de phishing cible les abonnés de Free
- Watch NBA Playoffs 2009 Live Streaming On Your Computer for FREE

Top de l'annuaire des videos
- HACK WINDOWS XP PASSWORD
- metasploit 3 autopwn
- Download Free NOD32 Eset Antivirus Forever
- iPhone/iPod Touch Firmware 3.0 DOWNLOAD + WARNING (Detailed ...
- [Amazing] Hacking SSH Tunneling Exploit
- SSH into your iPod Touch/iPhone via USB on Windows!
- Downgrade IPhone Firmware 2.2 to 2.1
- Get iPhone/iPod touch firmware 3.0 OFFICIAL! Free (NOT BETA)
- Mac OS X Server Leopard Install in VMWare Fusion 2 beta 2
- Download The Final 3.0 Firmware For iPhone,iPhone 3G & iPod ...

Top de la revue Twitteer
- $ md5sum bt4-pre-final.iso b0485da6194d75b30cda282ceb629654 bt4-pre-final.iso
- currently downloading BackTrack 4 Pre-final because I'm am subscriber of #Informer (HackersforCharity.org)
- Slowloris HTTP DoS affects web servers (apache and others..not IIS).. didn't test yet but a plausible DoS http://bit.ly/Qf5C4
- PDF Structazer tool presented at BH Europe 2008 released: http://www.esiea-recherche.eu/
- RT @jogorman: IHC Informer subscribers, the pre-final version of Backtrack 4 is up! Complete with an installer, a forensic boot mode, etc!!
- I want some java porn .oO(hrm, naked arrays[]) but can't muster the energy right now to crack open the book.
- presentation materials from the SANS Pen-Test Summit Future of Metasploit talk: http://metasploit.com/research/conferences/
- RT @montemplar: Sniffing Browser History with NO Javascript! http://ff.im/-3Mvci
- Metasploit plugins and tutorials - http://tinyurl.com/pcttra

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Le projet de loi HADOPI bientôt de retour à l'assemblée
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Le cloud computing est-il sûr ?
- [Hacking Hardware - Partie 1] - Introduction et présentation
- [Ubiquiti SuperRange 300 mW - Partie 1] Installation et configuration
- Injection en mémoire de codes malicieux pour Apple Mac OS X
- GreenSQL un proxy MySQL pour filtrer les requêtes SQL et contrer les injections
- Installation sécurisée d'Apache Openssl, Php4, Mysql, Mod_ssl, Mod_rewrite, Mod_perl , Mod_security
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission

Exostats/Exoscan
Nombre de tests inclus
29046
Tests ajoutés
Aujourd'hui
Ce mois
17
36
Les derniers commentaires publiés sur SecuObs (1-5):
- WepBuster v1.0 beta0.5 released
- 130232 downloads of BackTrack 4 Pre-Final since the release
- Latest version virtualbox 3.0.0 released
- ESRT @mubix A very effective SSH bruteforcer by @laramies recently updated
- ESRT @mubix - Middler gets some more updates today
Détail du test :
ID
18355
Nom
Groove Virtual Office / Workspace Multiple Vulnerabilities
Auteurs
This script is Copyright (C) 2005-2007 Tenable Network Security
Catégorie
Windows
Action
infos
Résumé
Checks for multiple vulnerabilities in Groove Virtual Office / Workspace
Description
Synopsis : The remote Windows application is affected by multiple issues. Description : According the remote registry, the version of Groove Virtual Office or Groove Workspace on the remote host suffers from multiple vulnerabilities. Some of these flaws may allow for arbitrary script execution, disclosure of sensitive information, and denial of service, all from remote users. See also : http://www.kb.cert.org/vuls/id/155610 http://www.kb.cert.org/vuls/id/232232 http://www.kb.cert.org/vuls/id/372618 http://www.kb.cert.org/vuls/id/443370 http://www.kb.cert.org/vuls/id/514386 Solution : Upgrade to Workspace v2.5n build 1871 or Virtual Office v3.1a build 2364 or later. Risk factor : High / CVSS Base Score : 9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)


Cliquer pour le detail - Liste des tests :
Macrovision SafeDisc secdrv.sys Crafted METHOD_NEITHER IOCTL Local Overflow
Novell iPrint Client for Windows ienipp.ocx ActiveX Multiple Variable Overflow
CommuniGate Pro POP Service Empty Inbox Remote DoS
Winamp < 5.5 FLAC Plug-in Multiple Buffer Overflow Vulnerabilities
Mozilla SOAPParameter Integer Overlow
IA eMailServer IMAP4 LIST Command Format String Remote DoS
Gupta SQLBase EXECUTE buffer overflow
Putty Modpow integer handling
mIRC Detection
VMware Workstation < 5.5.4 Build 44386 Multiple Vulnerabilities
Lyris ListManager with MSDE Weak sa Password
Firefox < 3.0.7 Multiple Vulnerabilities
NetSupport NSM / NSS Initial Connection Setup Configuration Exchange Remote Overflow
BlackBerry Enterprise Server Attachment Service Unspecified Vulnerabilities (KB18327)
avast! Server Edition LHA Archive Extended-header Field Processing Overflow
Winamp < 5.2 Multiple Vulnerabilities
eDirectory eMBox Utility Unauthorized Access
Opera < 9.50 Multiple Vulnerabilities
Netscape Browser No Longer Supported
Novell GroupWise Windows Client Arbitrary Email Access
RealPlayer for Windows < Build 6.0.14.806 / 6.0.12.1675
SMB NativeLanMan
Firefox < 1.0.3
Ask.com Toolbar AskJeevesToolBar.SettingsPlugin.1 ActiveX (askBar.dll) ShortFormat Property Arbitrary Code Execution
Firefox < 2.0.0.15
Command Antivirus odapi.dll ActiveX Control Multiple Overflow Vulnerabilities
Firefox < 2.0.0.17
RealPlayer for Windows < Build 6.0.12.1662
DameWare Mini Remote Control Server Unspecified Privilege Escalation Vulnerability
QuickTime RTSP URL Handler Buffer Overflow (Windows)
DCE Services Enumeration
RoboHelp Server Help Errors Vulnerabilities (APSB08-16)
Vulnerability in MSMQ Could Allow Code Execution (Network Check)
NetBIOS Name Service Reply Information Leakage
CA Multiple Products InoCore.dll File Mapping Manipulation Local Overflow
Vulnerability NetDDE Could Allow Code Execution (Netbios Check)
Firefox < 2.0.0.5
Ffdshow < rev2347_20081123 Remote Buffer Overflow
CommuniGate Pro Server < 5.0.7 LDAP BER Decoding Multiple Vulnerabilities
ESET Remote Administrator < 3.0.105 HTML Injection
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212) (Network Check)
WINS Buffer Overflow (830352 - netbios check)
Unsupported Windows NT 4.0 Installation
QuickTime < 7.6 (Windows)
Flash Player Detection
SMB Registry : permissions of Schedule
SMB NULL session
avast! CAB and SIS File Handling Buffer Overflow Vulnerabilities
Microsoft Windows SMB Shares Access
CYDOOR detection
MailEnable IMAP Server W3C Logging Overflow
Mozilla Thunderbird < 1.5.0.7
hMailServer < 4.4.2 build 279 IMAP Command Handling Remote DoS
MERCUR Messaging Control Server Multiple Buffer overflow Vulnerabilities
Possible GDI+ compromise
F-Secure Multiple Products Web Console Pre-authentication Overflow
Netscape Browser <= 8.0.3.3
SMB Registry : permissions of the Microsoft Transaction Server key
Office Viewer Component < 5.0 Multiple Vulnerabilities
SMB LanMan Pipe Server browse listing
MS NNTP Vulnerability (883935)
Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749) - Network Check
MDaemon Webconfig IMAP Malformed URL DoS
CA eTrust Antivirus WebScan ActiveX Control Vulnerabilities
QuickTime < 7.4.5 (Windows)
Bagle.B Detection
SMB Registry : Autologon
Microsoft Windows RPC DCOM Interface epmapper Pipe Hijack Local Privilege Escalation
Unsupported Windows 95/98/ME Installation
Adobe Reader < 8.1.2 Security Update 1 / 7.1.0
Skype Networking Routine Heap Overflow Vulnerability (SMB check)
MusicMatch Multiple Vulnerabilities
Microsoft RPC Interface Buffer Overrun (823980)
SMB accessible registry
SeaMonkey < 1.0.7
Pidgin Detection (Windows)
Firefox < 1.5.0.2
Firefox 3.x < 3.0.2
MS Task Scheduler vulnerability
Adobe Reader < 6.0.6 / 7.0.9
Firefox < 1.0.8
Symantec Mail Security for SMTP libdayzero.dll Executable Parsing DoS
Adobe Reader < 7.0.8 Multiple Unspecified Vulnerabilities
PacketTrap pt360 TFTP Server < 1.0.3302.0 Multiple Vulnerabilities
RealPlayer for Windows Multiple Vulnerabilities (2)
Flash Player APSB07-20
IRCXPro Clear Text Passwords
Spybot Search & Destroy Detection
ImageMagick Detection
Safari < 3.1.2 Multiple Vulnerabilities
AntiVir File Handling Vulnerabilities
Computer Associates Anti-Virus Engine Multiple Scan Evasion Flaws
NOD32 3.0/ESET Smart Security < 3.0.684 Local Privilege Escalation
Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589) - Network Check
Mozilla Thunderbird < 2.0.0.18 Multiple Vulnerabilities
WEBHANCER detection
VLC Media Player 0.9.x < 0.9.8a RealMedia Processing Remote Integer Overflow
Firefox 3.x < 3.0.1
Multiple flaws in the Opera web browser (2)
Sun xVM VirtualBox < 1.6.4 Local Privilege Escalation
PuTTY Multiple Integer Overflow Vulnerablities
Mozilla Foundation Application Detection
ShockWave Player ActiveX Installer Buffer Overflow
Timbuktu Pro < 8.6.5 Multiple Vulnerabilities
BIOS version (SMB)
VCATCH detection
FREE COMMUNITY detection
FlipViewer ActiveX Control < 4.1 Buffer Overflow Vulnerabilities
Mozilla Browser < 1.7.8
IBM eGatherer ActiveX RunEgatherer Function Overflow
AVG Anti-Virus Crafted UPX File Handling Divide-by-zero Remote DoS
Firefox < 1.0.6
Winamp < 5.541 NowPlaying Feature Metadata XSS
Trillian < 3.1.6.0 Multiple Vulnerabilities
Webroot SpySweeper Enterprise Check
MDaemon IMAP Server Multiple Command Local DoS
Mozilla Thunderbird < 2.0.0.12
Firefox < 2.0.0.13
SMB Registry : missing winreg
Flash Player APSB06-03
SeaMonkey < 1.1.14 Multiple Vulnerabilities
Mozilla Thunderbird < 2.0.0.21 Multiple Vulnerabilities
SMB Registry : value of SFCDisable
BONZI BUDDY Software Detection
IBM Access Support ActiveX Control GetXMLValue Method Overflow
Symantec Backup Exec for Windows Servers Denial of Service Vulnerabilities
Trend Micro InterScan Web Security Suite < 3.1 Build 1237 Multiple Flaws
Sun Java Runtime Environment External XML Entities Restriction Bypass (231246)
The alerter service is running
Firefox < 3.0.6 Multiple Vulnerabilities
The remote host is infected by msblast.exe
Opera < 8.54 Multiple Vulnerabilities
Opera web browser address bar spoofing weakness (2)
VMware ACE detection (Windows)
Trend Micro Anti Virus Check
Windows Live OneCare AntiVirus Check
Sony ImageStation AxRUploadServer.AxRUploadControl ActiveX (AxRUploadServer.dll) SetLogging Method Overflow
HP Data Protector Express Denial of Service
GATOR detection
iParty Client Extended Character Handling Remote Overflow DoS
Realtek HD Audio Codec Drivers Multiple Local Privilege Escalation Vulnerabilities
Windows Administrator Password Known by W32/Deloader
QuickTime < 7.2 Security Update (Windows)
Outlook Express Multiple Vulnerabilities (900930)
McAfee ePolicy Orchestrator HTTP Server Remote Buffer Overflow Vulnerability
AIM Buddy Icon Overflow Vulnerability
SeaMonkey < 1.0.6
RealPlayer for Windows < Build 6.0.12.1578
Van Dyke SecureCRT Remote Command Execution Vulnerability
AIM Smiley Icon Location Denial Of Service Vulnerability
iTunes AAC File Parsing Overflow (Registry Check)
Quake 3 Arena Malformed Connection Packet DoS
VERITAS NetBackup Volume Manager Daemon Buffer Overflow Vulnerability
MERCUR Messaging < 2005 SP4 Multiple Remote DoS Vulnerabilities
Mozilla/Firefox code execution
7-Zip ARJ File Handling Overflow
CuteFTP < 5.0.2.0 multiple flaws
Sun Java Runtime Environment GIF Image Handling Buffer Overflow (102760)
IBM Lotus Notes / Domino Client Memory Mapped Files Privilege Escalation
Akamai Download Manager ActiveX Control < 2.2.3.5 Remote Code Execution
SMB OpenEventLog() over \srvsvc
LANDesk Management Suite Alert Service (aolnsrvr.exe) Remote Overflow
Detect CIS ports
SMB enum services
Patchlink Detection
FLEXnet Connect Update Service ActiveX Control Multiple Code Execution Vulnerabilities
CA eTrust Intrusion Detection System Key Exchange Remote DoS
ATI Catalyst Dynamic Driver (atidsmxx.sys) Local Privilege Escalation
Microsoft Windows 98 Malformed oshare Packet DoS
Sun Java Runtime Environment jpiexp32.dll DoS
Buffer Overrun in Messenger Service (real test)
JS.Scob.Trojan or Download.Ject Trojan
Firefox < 2.0.0.20 Cross Domain Data Theft
MailEnable IMAP STATUS Command Remote Overflow
QuickTime player buffer overflow
SeaMonkey < 1.0.9 / 1.1.2
Sun Java JDK/JRE 5 < Update 16 Multiple Vulnerabilities
SMB registry can not be accessed by the scanner
BitDefender Online Anti-Virus Scanner ActiveX OScan8.ocx / OScan8.ocx InitX Method Arbitrary Code Execution
Firefox < 2.0.0.7
AVG Anti-virus avg7core.sys 0x5348E004 IOCTL Local Privilege Escalation
NOD32 Antivirus Local File Creation
SecureCRT SSH1 protocol version string overflow
Vulnerabilities in TCP/IP Could Allow Remote Code Execution (network check)
MailEnable IMAP Service EXAMINE Command Remote DoS
QuickTime < 7.4.1 (Windows)
XnView RGBE File Handling Buffer Overflow
Firefox < 1.5.0.12 / 2.0.0.4
Altiris Notification Server Agent Local Privilege Escalation Vulnerabilities
Compression Plus CP5DLL32.DLL ZOO Archive Header Processing Overflow
SMB Registry : Win2k Service Pack version
FileZilla < 2.2.32 Format String Vulnerabilities
I-Nav VUpdater.Install ActiveX Buffer Overflow
Macrovision FLEXnet DWUpdateService ActiveX (agent.exe) Multiple Method Arbitrary Command Execution
VeriSign ConfigChk ActiveX Control (VSCnfChk.dll) Buffer Overflow
Opera web browser URI obfuscation
Husdawg System Requirements Lab Multiple ActiveX Remote Code Execution
Real Video Server Telnet Malformed Data Remote DoS
ESET Anti-Virus .CAB File Scan Evasion
AOL Radio AmpX ActiveX Control Buffer Overflow Vulnerabilities
WinGate Invalid SMTP State Format String DoS
WinGate DNS Compressed Name Pointer DoS
TIMESINK detection
HP Info Center ActiveX Control Buffer Overflow Vulnerabilities
Google Chrome < 1.0.154.53
Yahoo! Music Jukebox ActiveX Controls Buffer Overflow Vulnerabilities
Trillian < 3.1.10.0 Multiple Vulnerabilities
BETTERINTERNET Software Detection
UltraVNC Viewer < 1.0.5.4 Multiple Integer Overflows
PowerArchiver paiso.dll ISO Image Handling Buffer Overflow
OpenOffice < 2.4 Multiple Vulnerabilities
RealPlayer Multiple Remote Overflows
QuickTime < 7.3.1 (Windows)
Microsoft Whale Client Components ActiveX (WhlMgr.dll) Multiple Method Overflows
FeedDemon < 2.0.0.25 Atom Feed Active Script Code Execution
Wireshark / Ethereal 0.99.6 to 1.0.5 Multiple Denial of Service Vulnerabilities
Kaspersky Antivirus PE File Handling DoS
Intuit QuickBooks Online Edition < 10 ActiveX Multiple Vulnerabilities
SNMPc Management Server Login Packet Remote DoS
SonicWall Global VPN Client Detection
Flash Player APSB08-18 / APSB08-20 / APSB08-22
F-Secure ZIP/RAR Archive Handling Overflow Vulnerabilities
OpenOffice 2.x < 2.4.2 WMF and EMF File Handling Buffer Overflows
Altiris Deployment Solution Client Agent < 6.9.355 Local Privilege Escalation (SYM08-019)
SeaMonkey < 1.1.7
Firefox < 1.5.0.11 / 2.0.0.3
SMB Registry : permissions of HKLM
activePDF Server < 3.8.6 Packet Handling Buffer Overflow (local check)
Microsoft Windows Server Message Block (SMB) Protocol SMB_COM_TRANSACTION Packet Remote Overflow DoS
DjVu Browser Plug-in Multiple Buffer Overflow Vulnerabilities
SaveNOW detection
DriveLock DriveLock.exe HTTP Request Processing Remote Overflow
SMB Registry : Classic Logon Screen
Altiris Deployment Solution Server < 6.9.355 Password Disclosure (SYM08-020)
Trend Micro OfficeScan Client Firewall Multiple Vulnerabilities
Winamp < 5.52 Ultravox Streaming Metadata Parsing Buffer Overflow Vulnerabilities
Computer Associates Vet Library Remote Heap Overflow Vulnerability
Adobe AIR Multiple Vulnerabilities (XSS, ID, Code Exec, more)
Novell Distributed Print Services (NDPS) Print Provider (NDPPNT.DLL) Remote Overflow
Software Enumeration (via SMB)
Ipswitch IM Server < 2.07 Multiple Function Remote DoS
Google Chrome < 1.0.154.48
GEAR Software CD DVD Filter Driver Insecure Method Local Privilege Escalation
Vulnerability in SMB Could Allow Remote Code Execution (896422) - Network Check
Aurigma Image Uploader ActiveX Control < 4.5.70 Buffer Overflow Vulnerabilities
Adobe Contribute Publishing Server Administrator Password Disclosure
Microsoft Windows NetBIOS NULL Source Name DoS
Bagle Worm Removal
Intel PRO/Wireless 2100 Network Connection Driver Local Privilege Escalation Vulnerability
Gator/GAIN Spyware Installed
SMB Registry : XP Service Pack version
Sun Java Runtime Environment Multiple Vulnerabilities (102729 and 102732)
Trend Micro Scan Engine Tmxpflt.sys Buffer Overflow
MDaemon IMAP Service CREATE Command Mailbox Name Handling Overflow
SMB Detection
RealPlayer multiple remote overflows
VLC Media Player < 0.8.6i WAV File Handling Integer Overflow
NetSupport Manager Client Spoofing Remote Authentication Bypass
WinProxy < 6.1a Telnet Proxy Remote DoS
iTunes < 7.4 Malformed Music File Heap Overflow (Windows)
Avira AntiVir PDF Scan Evasion
Wireshark / Ethereal Detection (Windows)
Computer Associates HIPS 'xfw.sys Multiple Remote Vulnerabilities
SeaMonkey < 1.1.12
Acer LunchApp.APlunch Arbitrary Command Execution
Novell Netware Client Print Provider (nwspool.dll) Multiple Function Overflow
Winamp Malformed Midi File Buffer Overflow (2)
SeaMonkey < 1.0.1
Panda Security cpoint.sys Kernel Memory Corruption
SeaMonkey < 1.0.2
Symantec Fax Viewer Control ActiveX Control AppendFax Overflow
Mozilla Browser < 1.7.7
VLC Media Player Detection
Symantec Backup Exec Multiple Heap Overflow Vulnerabilities
3ivx MPEG-4 < 5.0.2 Buffer Overflow
Microsoft Windows Domain Name Server Service Remote Procedure Call Interface Vulnerability
Vulnerability in SMBv2 Could Allow Remote Code Execution (942624) - Network check
Security issues in the remote version of FlashPlayer
WebEx Meeting Manager WebexUCFObject ActiveX Control Buffer Overflow
Netscape < 9.0.0.4
Novell GroupWise Messenger Client < 2.0.3 HP1 Multiple Remote Overflows
Microsoft Dynamics GP < 10.0 Multiple Vulnerabilities
WinZip 11.x gdiplus.dll Unspecified Vulnerability
Winamp < 5.31 Multiple Buffer Overflow Vulnerabilities
Firefox < 1.0.4
Opera remote heap corruption vulnerability
Blac'oon FTP Server blac'oon.mdb Cleartext Password Disclosure
F-Secure Products ZIP/RAR File Scan Evasion (FSC-2009-1)
SmartFTP Overflow
SonicWALL Global VPN Client < 4.0.0.830 Format String Vulnerabilities
Yahoo! Messenger AudioConf ActiveX Control (yacscom.dll) Multiple Property Overflow
WinSyslog Long Syslog Message Remote DoS
Firefox < 2.0.0.14
Adobe Reader < 8.1.1
BARGAINBUDDY Software Detection
Novell iPrint Client nipplib.dll ActiveX (ienipp.ocx) IppCreateServerRef Function Overflow
Firefox < 1.0.1
Trend Micro OfficeScan OfficeScanSetupINI.dll Remote Buffer Overflow
Symantec pcAnywhere CHF File Pathname Format String Denial of Service
RealPlayer File Handler Code Execution
Winamp < 5.35 MP4 File Handling Buffer Overflow
SMB enum services over \srvsvc
Mozilla Thunderbird < 1.0.2
Opera JavaScript Denial of Service
ImageMagick < 6.5.2-9 Integer Overflow
mIRC PRIVMSG Handling Remote Buffer Overflow
Stunnel < 4.23 Local Privilege Escalation
QuickTime < 7.0.3 (Windows)
LeapFTP Overflow
HP Virtual Rooms Client < 7.0.1 ActiveX Control Dangerous Methods
Mozilla/Firefox security manager certificate handling DoS
Akamai Download Manager ActiveX Control < 2.2.3.6 Arbitrary File Download
Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation
Rhapsody vidplin.dll AVI Processing Heap Overflow Vulnerability
Firefox < 2.0.0.18 Multiple Vulnerabilities
Google Chrome < 2.0.172.31
Novell Client Buffer Overflow
HP HPeDiag ActiveX Control Multiple Vulnerabilities (Code Exec, OF, ID)
Mozilla Thunderbird < 1.5.0.9
CRYPTO-Server installvariables.properties LDAP Credential Local Disclosure
Safari < 3.1.1 Multiple Vulnerabilities
Opera web browser address bar spoofing weakness
AOL Instant Messenger (AIM) Program Detection
SMB Registry : permissions of winlogon
eScan < 9.0.718.1 MicroWorld Agent service (MWAGENT.EXE) Command Decryption Overflow
PuTTY SSH2 authentication password persistence weakness
DESlock+ < 3.2.7 Multiple Local Vulnerabilities
PGP Desktop < 9.10 Multiple Local DoS
Photo Upload Plugin Buffer Overflow Vulnerabilities
Trend Micro OfficeScan HTTP Request Remote Buffer Overflow
Ipswitch IMail Client Multipart MIME E-mail Message Handling Overflow
Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420) - Network Check
SMB use domain SID to enumerate users
Mozilla Thunderbird < 2.0.0.14
SMB use host SID to enumerate local users
Symantec AppStream Client LaunchObj ActiveX Control Multiple Unsafe Methods (SYM09-001)
Microsoft Windows ICMP Type 9 Packet Remote DoS
Winamp < 5.13 Multiple Buffer Overflow Vulnerabilities
Google Chrome < 1.0.154.46 Multiple Vulnerabilities
Opera Multiple Vulnerabilities (3)
Kaspersky Anti-Virus Check
Now SMS/MMS Gateway < 2008.02.22 Buffer Overflow Vulnerabilities
VMware Workstation Detection
Microsoft Windows PPTP Server Malformed Control Packet Remote DoS
Opera relative path directory traversal file corruption vulnerability
DynaZip Zip Archive Handling Buffer Overflow Vulnerabilities
MailEnable IMAP Service Multiple Remote Buffer Overflows
VMware Workstation < 5.5.5 and Server < 1.0.4 Multiple Vulnerabilities
Google Chrome < 1.0.154.59
SMB Registry : SQL7 Patches
Safari < 4.0
DrWeb Unspecified buffer overflow
Novell Client srvloc.sys Crafted Packet Unspecified Remote DoS
Yahoo! Messenger YVerInfo ActiveX Buffer Overflow Vulnerabilities
Firefox Downloaded Files Removal
Opera < 9.10 Multiple Vulnerabilities
Vulnerability in Server Service Could Allow Remote Code Execution (917159) - Network check
Opera < 9.64 Multiple Vulnerabilities
Cisco VPN Client Dialer Local Privilege Escalation
SMB log in
Mozilla Thunderbird < 2.0.0.5
Firefox < 1.0.7
Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580) - Network check
Mozilla Thunderbird < 2.0.0.22
DameWare Mini Remote Control Authentication Credentials Persistence Weakness
Zoomify Viewer ActiveX Buffer Overflow Vulnerabilities
Sophos Anti-Virus For Windows CAB File Scan Evasion Vulnerability
SMB Registry : is the remote host a PDC/BDC
Adobe Download Manager Detection
Firefox < 2.0.0.6
VLC Media Player < 0.8.6h Multiple Vulnerabilities
SAP GUI EAI WebViewer3D ActiveX Control Buffer Overflow
QuickTime < 7.0.4 (Windows)
Vulnerability in Printer Spooler Service Could Allow Remote Code Execution (896423) - Network Check
MailEnable Detection
Sun Java Runtime Environment DoS
scan for UPnP/Tcp hosts
Drag And Zip Overflow
Altiris Notification Server Agent GUI Local Privilege Escalation (KB 39159)
NCASE detection
Rhapsody Detection
Autodesk IDrop ActiveX Control Heap Corruption
Cisco Security Agent Detection
RealPlayer Remote Vulnerabilities
POWER SEARCH detection
Domino Web Access ActiveX Control Buffer Overflow Vulnerabilities
Novell GroupWise Authentication Credentials MiTM Disclosure
SMB Registry : No dial in
SMB blank administrator password
HP Virtual Rooms WebHPVCInstall.HPVirtualRooms14 ActiveX Control Buffer Overflow Vulnerabilities
Mozilla Browser < 1.7.9
Firefox < 2.0.0.10
Pidgin < 2.5.6 Multiple Buffer Overflows
OpenOffice < 2.3.1 Database HSQLDB Database Document Handling Arbitrary Java Code Execution
SMB Registry : permissions of keys that can change common paths
Sun Java Runtime Environment and Web Start Multiple Vulnerabilities (103072, 103073, 103078, 103079, 103112)
VLC Media Player 0.5.0 to 0.9.5 Stack-Based Buffer Overflows
Bonjour < 1.0.5 Multiple Vulnerabilities (APPLE-SA-2009-09-09)
Microsoft Hotfix KB828741 (network check)
Winamp3 buffer overflows
Mozilla Browser Network News Transport Protocol Remote Heap Overflow Vulnerability
Unsupported version of Microsoft Exchange Server
FileZilla Server < 0.9.22 Denial of Service Vulnerabilities
WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Local Privilege Escalation
NOD32 File Processing Vulnerabilities
Ipswitch IMail Server IMAP LIST Command Remote Overflow DoS
Lotus Notes Client < 7.0.3 / 8.0.1 Buffer Overflow Vulnerabilities
MDaemon Server DomainPOP Malformed Message DoS
Nessus ScanCtrl ActiveX Multiple Method File Manipulation
FileZilla FTP Client Unspecified Overflow
Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122) - Network Check
WinRAR LHA Filename Handling Buffer Overflow Vulnerabilities
Firefox < 2.0.0.12
Trillian DirectIM Packet Remote Overflow
7Zip < 4.57 Archive Handling Unspecified Issue
3DGreetings Player ActiveX Buffer Overflow Vulnerabilities
Cisco VPN Client Version Detection
SeaMonkey < 1.0.8
DrWeb Folder Name Overflow
AutoDesk LiveUpdate ActiveX Control ApplyPatch Method Execution
Multiple ICQ Vulnerabilities
Sun Java Runtime Environment Font Parsing Privilege Escalation (103024)
Camtasia Studio Pre-generated SWF File csPreloader Variable Unspecified Arbitrary Code Execution
WINS Code Execution (870763) (network check)
ER Mapper NCSView ActiveX Buffer Overflow Vulnerabilities
Sophos PureMessage < 3.0.2 Multiple Vulnerabilities
NOD32 Long Path Name Stack Overflow Vulnerabilities
Trend Micro Tmcomm.sys insecure permission
Panda AdminSecure Communications Agent < 4.2 Packet Handling Remote Heap Overflow
OpenOffice < 2.4.1 rtl_allocateMemory() Function Crafted Document Handling Integer Overflow
SMB Registry : permissions of keys that can lead to admin
MailMarshal tar Archive Traversal Arbitrary File Overwrite
Vulnerabilities in MSDTC Could Allow Remote Code Execution (902400) - Network check
Panda Antivirus TAR / CAB Scan Evasion
Sun JRE Java Plug-in JavaScript Security Restriction Bypass (2)
HP Software Update HPRulesEngine.ContentCollection ActiveX (RulesEngine.dll) Multiple Insecure Methods
SMB Registry : Windows 2003 Server SP2
WorldMail IMAP Server Traversal Arbitrary Mail Spool Access
Winamp < 5.552 gen_ff.dll Integer Overflow
EasyMail Objects IMAP4 Component Connect Method Remote Overflow
SMB Registry : NT4 Service Pack version
Firefox IMG Tag Multiple Vulnerabilities
Plaxo Client Is Installed
WinZip FileView ActiveX Control Vulnerabilities
VMware Player detection (Windows)
Foxit Reader < 3.0 Build 1506 / 2.3 Build 3902 Multiple Flaws
Anti Virus Software Check
F-PROT Antivirus Engine < 4.4.4 Multiple File Handling DoS Vulnerabilities
iTunes < 8.1 (Windows)
Symantec Norton AntiVirus Version Detection
SMB get host SID
WinPcap NPF.SYS Local Privilege Escalation
Vulnerability in Server Service Could Allow Remote Code Execution (921883) - Network check
Symantec Mail Security for Microsoft Exchange Installed
SeaMonkey < 1.1.13 Multiple Vulnerabilities
Trillian < 3.1.5.1 Multiple Vulnerabilities
QuickTime < 7.1.5 (Windows)
iMesh IMWeb.IMWebControl ActiveX (IMWeb.dll) SetHandler Method Arbitrary Code Execution
NetVault Report Manager Scheduler File Name Handling Overflow
Nullsoft Winamp .WSZ Overflow
SMB Registry : Do not show the last user name
CommuniGate Pro < 5.0.8 LDAP Module Field Handling Remote DoS
HP Instant Support Driver Check HPSDDX Class (SDD) ActiveX (sdd.dll) queryHub Function Overflow
SMB shares enumeration
Adobe Reader < 9.1 / 8.1.4 / 7.1.1
Vulnerability in Windows Could Allow Information Disclosure (888302) (network check)
Sun Java Web Start JNLP File Handling Overflow (102996)
IBM AFP Viewer Plug-in SRC Property Buffer Overflow
Mozilla Thunderbird < 1.0.7
Sun Java JRE Plug-in Capability Arbitrary Package Access
RealPlayer PNG deflate heap corruption
McAfee E-Business Server Administration Client Length Remote DoS
SMB Registry : Windows Vista / Server 2008 SP2
Sun JRE Java Plug-in JavaScript Security Restriction Bypass
Microsoft Windows Remote Desktop Protocol Server Private Key Disclosure Vulnerability
MailEnable Webmail Malformed Encoded Quoted-printable Email DoS (CVE-2006-1338)
Trillian Multiple HTTP Responses Buffer Overflow Vulnerabilities
Opera < 9.63 Multiple Vulnerabilities
QuickTime Detection
Avira AntiVir Zip Scan Evasion
BFTelnet Username Handling Remote Overflow DoS
Trillian MSN Overflow
Windows Reboot Required
Opera < 9.61 Multiple Vulnerabilities
SeaMonkey < 1.0.5
SonicWall NetExtender NELaunchCtrl ActiveX Control Buffer Overflow Vulnerabilities
Mozilla Thunderbird < 1.5.0.10
Firefox < 1.5.0.8
Avira AntiVir RAR/CAB/ZIP/LH Scan Evasion
SeaMonkey < 1.1.17 Multiple Vulnerabilities
VLC Media Player < 0.8.6f Multiple Vulnerabilities
SMB Last Logged On User
CA BrightStor ARCserve Backup ListCtrl ActiveX (ListCtrl.ocx) AddColumn() Method Overflow
Mozilla Browser < 1.7.6
Citrix Presentation Server Client Unspecified Remote Code Execution
SMB Windows9x password verification vulnerability
Cisco Security Agent for Microsoft Windows Crafted SMB Packet Remote Overflow
R-Viewer < 1.6.3768 Multiple Vulnerabilities
Altiris AClient < 6.8.380 Local Vulnerabilities
Compromised Windows System (hosts file)
WebEx Downloader ActiveX Control Command Injection
BitDefender CAB Scan Evasion
MailEnable IMAP EXAMINE Command Remote Overflow
SeaMonkey < 1.1.15 Multiple Vulnerabilities
Adobe PDF Plug-In < 8.0 / 7.0.9 / 6.0.6
QuickTime < 7.1.3 (Windows)
Mozilla/Firefox default installation file permission flaw
MDaemon < 9.0.6 POP3 Server USER / APOP Command Remote Overflow
Altiris AClient < 6.9.164 Multiple Local Vulnerabilities
EPolicy Orchestrator SiteManager ActiveX Control Buffer Overflow Vulnerabilities
QuickTime < 7.4 (Windows)
Firefox < 1.5.0.9 / 2.0.0.1
iTunes < 8.0 Integer Buffer Overflow (Network Check)
SMB fully accessible registry
Firefox < 1.5.0.7
MAPQUEST TOOLBAR detection
SeaMonkey < 1.1.9
Prevx Pro 2005 <= 1.0.0.1 Multiple Vulnerabilities
Wingate Proxy POP3 USER Overflow
Opera Empty Embedded Object DoS
Opera Detection
Yahoo! Messenger Detection
F-Secure Archive Handling Vulnerabilities (FSC-2008-2)
Google Desktop Cross-Site Scripting Flaw
SeaMonkey < 1.0
Adobe Reader Detection
CA ARCserve Backup Agent Credential Disclosure
Mozilla Thunderbird < 1.5.0.12
rfpoison
Google Desktop detection
Symantec Mail Security for SMTP < 5.0.1 Patch 200 Unspecified DoS
Novell iPrint Client ActiveX Control Multiple Vulnerabilities
Microsoft Windows NT WINS Service Malformed Data DoS
Novell GroupWise Internet Agent < 7.03 HP3 / 8.0 HP2 Multiple Buffer Overflows
Trend Micro OfficeScan cgiRecvFile.exe ComputerName Parameter Buffer Overflow
Opera < 9.21 Transfer Manager Torrent File Handling Overflow
Winamp < 5.34 Multiple Vulnerabilities
Yahoo! Widgets YDP YDPCTL.YDPControl.1 ActiveX (YDPCTL.dll) Buffer Overflow
SolidWorks Sldimdownload ActiveX Control Arbitrary Code Execution
RealPlayer / RealOne Player for Windows Multiple Vulnerabilities
Opera < 9.26 Multiple Vulnerabilities
Altiris Deployment Solution Agent < 6.9.176 Multiple Local Vulnerabilities
HP Instant Support HPISDataManager.dll ActiveX Control < 1.0.0.24 Vulnerabilities
Microsoft RPC Interface Buffer Overrun (KB824146) (network check)
Songbird Detection
SiteKiosk < 6.5.150 Multiple Vulnerabilities
Gracenote CDDBControl ActiveX Control Option String Overflow
HP ProCurve Manager Remote Unauthorized Access to Data (HPSBMA02420 SSRT071458)
WinSCP URL Protocol Handler Arbitrary File Transfer
Opera < 9.23 Crafted Javascript Arbitrary Code Execution
Yahoo! Messenger Webcam ActiveX Buffer Overflow Vulnerabilities
Sun Java Runtime Environment Image Parsing Vulnerabilities (102934)
Akamai Download Manager ActiveX Control < 2.2.1.0 Multiple Vulnerabilities
MDaemon IMAP Server Mail Folder Name Format String
Mozilla/Firefox multiple flaws
Brilliant Digital Software Detection
Learn2 STRunner ActiveX Control Multiple Buffer Overflow Vulnerabilities
ICQ Detection
OpenOffice.org < 2.0.3
FlashPlayer files reading
Adobe AcroPDF ActiveX Control Multiple Vulnerabilities
Vulnerability in Web Client Service Could Allow Remote Code Execution (911927) - network check
DivX Web Player < 1.4.3.4 Stream Format Chunk Buffer Overflow
Creative Software AutoUpdate Engine ActiveX (CTSUEng.ocx) Unspecified Overflow
Opera < 9.00 Multiple Vulnerabilities
Vulnerability in Plug and Play Service Could Allow Remote Code Execution (899588) - Network Check
RealPlayer for Windows < Build 6.0.12.1483
Firefox < 1.5.0.4
LogMeIn Agent Detection
Trillian < 3.1.12.0 Multiple Vulnerabilities
OpenOffice < 2.3 TIFF Parser Buffer Overflow Vulnerabilities
Adobe AIR Detection
SeaMonkey < 1.1.5
Opera < 9.27 Multiple Vulnerabilities
Mozilla Thunderbird < 1.5.0.4
OpenOffice < 2.2 Multiple Vulnerabilities
Symantec Mail Security for Domino Arbitrary Mail Relay
Conficker Detection - Network check
IPINSIGHT detection
Mozilla Thunderbird < 1.5.0.13 / 2.0.0.6
SeaMonkey < 1.0.3
VERITAS Backup Exec Agent Browser Remote Buffer Overflow Vulnerability
Kaspersky Antivirus UPX File Decompression DoS
WinGate POST Request Buffer Overflow
SizerOne ActiveX Control AddTab Method Remote Buffer Overflow
Trend Micro OfficeScan Multiple CGI Module Vulnerabilities
Nullsoft Winamp Multiple Unspecified Vulnerabilities
SeaMonkey < 1.1.4
Lenovo Rescue and Recovery tvtumon.sys Heap Overflow Vulnerability
Sun Java J2SE 1.4.2 < Update 18 Multiple Vulnerabilities
WinZip Multiple Overflows
Trend Micro VsapiNT.sys UPX File Parsing DoS
SeaMonkey < 1.1.16
Opera web browser HREF overflow
Mozilla Thunderbird < 2.0.0.16
Opera < 7.22 Multiple Vulnerabilities
First4Internet XCP Uninstallation CodeSupport.ocx ActiveX Control Arbitrary Code Execution
QuickTime < 7.1 (Windows)
pcAnywhere Launch with Windows Caller Properties Local Privilege Escalation
EDraw Office Viewer ActiveX (officeviewer.ocx) HttpDownloadFileToTempDir Method Overflow
Yahoo! Messenger YMMAPI.YMailAttach ActiveX (ymmapi.dll) Overflow
SAPlpd < 6.29 Multiple Vulnerabilities (local check)
HP OVIS Probe Builder Service (PBOVISServer.exe) Arbitrary Remote Process Termination
Flash Player APSB06-18
Foxit Reader JPEG2000 / JBIG Decoder Add-On < 2.0.2009.616 Multiple Vulnerabilities
Trend Micro UPX file parsing flaw detection
Windows Security Center Settings
CA Host-Based Intrusion Prevention System Server Log Data XSS
FLEXnet Connect Update Service Agent ActiveX (isusweb.dll) Overflow
Facebook Photo Uploader ActiveX Control < 4.5.57.1 Buffer Overflow Vulnerabilities
Novell Client nwspool.dll Buffer Overflow Vulnerabilities (bug 300870)
Netsky.B
LOP.COM detection
Opera < 8.02 Multiple Vulnerabilities
McAfee Anti Virus Check
BlackBerry Multiple Products PDF Distiller Component PDF Processing Arbitrary Code Execution
Google Chrome < 0.2.149.29 Multiple Vulnerabilities (OF, DoS)
GdPicture Multiple ActiveX Control SaveAsPDF Method Arbitrary File Overwrite
EasyMail SMTP Object ActiveX Control Buffer Overflow Vulnerabilities
eZ/eZphotoshare Connection Saturation Remote DoS
Opera web browser large javaScript array handling vulnerability
Trend Micro VSAPI ARJ Handling Heap Overflow
AUREATE Software Detection
Symantec Backup Exec Calendar ActiveX Control Multiple Vulnerabilities (SYM08-007)
Altiris Deployment Solution < 6.9.176 Multiple Vulnerabilities (SQLi, Auth Bypass, Priv Esc)
QuickTime < 7.3 (Windows)
Google Chrome < 2.0.172.33
Adobe Reader getAnnots() JavaScript Method PDF Handling Memory Corruption
IBM TXSeries for Multiplatforms forcepurge Acknowledgement Vulnerability
Firefox < 1.5.0.3
QuickTime PictureViewer Buffer Overflow
Using NetBIOS to retrieve information from a Windows host
Sun Java Runtime Environment XML Signature Command Injection (102993)
SNMPc < 7.1.1 UDP Packet Handling Buffer Overflow
VMware Remote Arbitrary Code Execution Vulnerability
3D-FTP Multiple Directory Traversal Vulnerabilities
SwiftView Viewer Plugin < 8.3.5 Buffer Overflow
ZipCentral ZIP File Handling Buffer Overflow
Wireshark / Ethereal 0.99.2 to 1.0.6 Multiple Vulnerabilities
Google Chrome < 1.0.154.65
Eserv Non Terminated Connection Saturation DoS
Broadcom Wireless Driver (BCMWL5.SYS) Probe Response SSID Overflow
Sun Java Enterprise Server NSS Remote Code Execution Vulnerabilities
SMB log in as users
Kaspersky Anti-Virus for Check Point FireWall-1 Unspecified DoS
Novell ZENworks ESM Security Client STEngine Privilege Escalation
Google Chrome < 0.3.154.9 Address Spoofing
SMB Registry : permissions of the RAS key
Foxit Reader Detection
SAHAGENT detection
Shockwave Player APSB09-08
FTP Voyager Overflow
Ipswitch IMail < 8.13 Multiple Remote DoS
Opera < 9.60 Multiple Vulnerabilities
PhotoParade Player PhPInfo ActiveX (PhPCtrl.dll) FileVersionof Property Overflow
MailEnable IMAP Service SEARCH Command Remote DoS
PuTTY window title escape character arbitrary command execution
Detect the HTTP RPC endpoint mapper
Mozilla Thunderbird < 2.0.0.17
Dragon Telnet Server Login Name Handling Remote Overflow DoS
F-Secure RPM Parsing Integer Overflow (FSC-2008-3)
LPViewer ActiveX Control Multiple Buffer Overflow Vulnerabilities
F-Secure Anti-Virus for Windows system32 Directory Crafted File Detection Bypass
Panda Antivirus Check
SAP GUI KWEdit ActiveX Control SaveDocumentAs() Insecure Method
Flash Player APSB08-11
Foxit Reader < 2.3 Build 2912 util.printf() Function PDF File Handling Overflow
Dropbox Software Detection
Nullsoft Winamp Remote Denial of Service
Trend Micro Multiple Products Token Prediction Security Bypass
Trillian < 3.1.5.1 XMPP Decoding Heap Overflow
SMB share files enumerated
Firefox < 1.5.0.10 / 2.0.0.2
Novell NetIdentity Agent < 1.2.4 Arbitrary Pointer De-reference Code Execution
Gracenote CDDBControl ActiveX Proxy Configuration Parameters Multiple Overflows
EDraw Office Viewer Component ActiveX (EDraw.OfficeViewer) FtpDownloadFile Method Overflow
Flash Player Improper Memory Access Vulnerabilities
First Response < 1.1.1 Multiple Vulnerabilities
Microsoft Hotfix for KB835732 IIS SSL check
PGP Desktop PGPserv Crafted Data Object Arbitrary Code Execution
Sun Java JDK/JRE 6 < Update 7 Multiple Vulnerabilities
QuickTime player/plug-in Heap overflow
Worldspan for Windows Gateway Res Manager Port 17990 Malformed Request DoS
JanaServer < 2.4.5 Multiple Remote DoS
Symantec Anti Virus Corporate Edition Check
Microsoft Hotfix for KB835732 (SMB check)
Trillian aim:// URI Handler Vulnerabilities
Sun Java Web Start Unauthorized Access (102881)
Opera < 9.51 Multiple Vulnerabilities
AxWebRemoveCtrl ActiveX Control Arbitrary Code Execution
Safari < 3.2.2
Mozilla/Firefox user interface spoofing
wodSFTP ActiveX Arbitrary File Access
iTunes For Windows iTunesHelper.exe Path Subversion Local Privilege Escalation (Registry Check)
Mozilla Thunderbird < 2.0.0.9
Novell Client nicm.sys Local Privilege Escalation
CesarFTP settings.ini Authentication Credential Cleartext Disclosure
WinGate Passwordless Default Installation
Mozilla/Thunderbird multiple flaws
VLC Media Player < 0.9.3 XSPF Playlist Handling Memory Corruption
Adobe Reader < 9.1.2 / 8.1.6 / 7.1.3
AVIRA Desktop for Windows ACE Archive Handling Buffer Overflow
Mozilla Thunderbird < 1.0.6
Flash Player APSB07-12
Opera web browser news url denial of service vulnerability
Wireshark / Ethereal < 1.0.3 Multiple Vulnerabilities
Symantec Mail Security for SMTP Message Handling Arbitrary Code Execution
Flash Player APSB06-11
QuickTime < 7.5.5 (Windows)
Safari Detection (Windows)
Hexamail Server pop3 Service USER Command Remote Overflow (registry check)
Kaspersky AV 6.0 Multiple Vulnerabilities
BitDefender Client Log Creation Functionality Format String
iTunes < 8.2 (Windows)
Sun Java Runtime Environment Multiple Vulnerabilities (233321-233327)
Opera < 9.62 Multiple Vulnerabilities
Windows USB Device Usage Report
iTunes < 8.0 (Windows)
SeaMonkey < 1.1.3
BitDefender PDF Scan Evasion
Firefox < 1.0.2
Flash Player APSB09-01
GAMSoft TelSrv 1.4/1.5 Username Overflow DoS
Possible Compromise through a vulnerability in RPC
Firefox < 1.5.0.5
ISS BlackICE Multiple Remote Vulnerabilities
Vulnerabilities in ASP.NET could allow information disclosure (922770) (network check)
Opera Resource Detection
Opera < 9.25 Multiple Vulnerabilities
RealPlayer ActiveX (ierpplug.dll) Playlist Handling Buffer Overflow
Novell exteNd Director LocalExec ActiveX (LocalExec.ocx) launch() Method Arbitrary Command Execution
Kaspersky Multiple Products kl1.sys Driver Local Overflow
DSSAGENT detection
AOL Instant Messenger is Installed
Cygwin < 1.5.24 cygwin1.dll Crafted Filename Handling Overflow
Office Viewer Component ActiveX (officeviewer.ocx) HttpDownloadFile Method Traversal Arbitrary File Overwrite
Citrix Presentation Server Clients Program Neighborhood Agent (PNAgent) Content Redirection Remote DoS
LANDesk Multiple Products QIP Server Service (qipsrvr.exe) Heal Request Packet Handling Overflow
Firefox 3.x < 3.0.5 Multiple Vulnerabilities
Winamp Malformed ID3v2 Tag Buffer Overflow Vulnerability
VMware Server Detection (Windows)
Oracle JInitiator beans.ocx ActiveX Buffer Overflow Vulnerabilities
Trillian Detection
Norton Anti Virus Check
Netscape Browser Detection
TightVNC Viewer < 1.3.10 Multiple Integer Overflows
InstallFromTheWeb ActiveX Control Buffer Overflow Vulnerabilities
MySpace Uploader ActiveX Control < 1.0.0.6 Action Property Buffer Overflow
Sun Java Runtime Environment Detection
Mozilla Thunderbird < 2.0.0.19 Multiple Vulnerabilities
Timbuktu Pro < 8.6.7 PlughNTCommand Named Pipe Remote Stack Buffer Overflow
WinGate Telnet Proxy localhost Connection Saturation DoS
Novell Client TS/Citrix Session Arbitrary User Profile Invocation
Nessus Windows Scan not performed with admin privileges
Winamp < 5.55 Remote Buffer Overflow
Windows Messenger is installed
Rhapsody SWF File Handling Buffer Overflow
Cerbere HTTP Proxy Server Host: Header Remote DoS
MDaemon POP Server Multiple Command Remote Overflow DoS
Microsoft SQL Server Multiple Privilege Escalation (941203) - Network Check
Web3000 detection
ISS BlackICE/PC Protection Unprivileged User Local DoS
RealPlayer ActiveX Control Heap Memory Corruption Vulnerabilities
ASN.1 Parsing Vulnerabilities (HTTP check)
HP Systems Insight Manager < 2.5.2.0 WMI Mapper Component Multiple Flaws
WebWasher Remote ARJ Decoder Malformed Archive Handling DoS
RealPlayer Skin File Remote Buffer Overflow
ProgramChecker sasatl.dll ActiveX Control Multiple Overflow Vulnerabilities
Firefox < 2.0.0.19 Multiple Vulnerabilities
Google Toolbar HTML Injection Vulnerability
Mozilla Browser < 1.7.12
Sophos Anti-Virus detection
Potentially unwanted software
Google Secure Access VPN Client Installed
VMware VIX API Multiple Buffer Overflow Vulnerabilities
XCP DRM Software Detection
Citrix Web Interface 4.6 / 5.0 / 5.0.1 Unspecified XSS
SMB Registry : Winlogon caches passwords
NOD32 Antivirus ARJ Archive Handling Buffer Overflow Vulnerability
SeaMonkey < 1.1.8
Corel ActiveCGM Browser ActiveX (acqm.dll) Multiple Overflows
ScriptLogic logging share
TestDirector (TD) for Mercury Quality Center SPIDERLib.Loader ActiveX Control (Spider90.ocx) ProgColor Property Overflow
Sophos Anti-Virus CAB, RAR and LZH Scanning Evasion
Cisco VPN Client on Windows Dial-up Networking Dialog Local Privilege Escalation
iTunes Version Detection (Windows)
Opera < 9.20 Multiple Vulnerabilities
Sun Java Applet Invocation Version Specification
QuickTime < 7.1.6 (Windows)
Intel PRO/Wireless Network Connection Drivers Remote Code Execution Vulnerabilities
Trend Micro OfficeScan tmlisten.exe Malformed Data Remote DoS
Deterministic Network Extender dne2000.sys Local Privilege Escalation
Yahoo! Messenger < 8.1.0.416 Multiple Vulnerabilities
McAfee E-Business Server Authentication Packet Remote Overflow
DameWare NT Utilities Authentication Credentials Persistence Weakness
Akamai Red Swoosh < 3333 referer Header Cross-Site Request Forgery
XUpload ActiveX Control AddFolder Method Buffer Overflow
CA Secure Content Manager HTTP Gateway Service FTP Vulnerabilities
Adobe Reader < 8.1.2 / 7.1.0
Nessus Windows GUI XSS
Opera < 9.52 Multiple Vulnerabilities
Microsoft Windows Message Queuing Service RPC Request Handling Remote Code Execution (951071) - Network Check
FileZilla < 2.2.30a Buffer Overflow Vulnerabilities
Firefox 3.x < 3.0.4 Multiple Vulnerabilities
Mozilla Thunderbird < 1.5
Novell GroupWise Internet Agent Detection
Multiple flaws in the Opera web browser
FileZilla FTP Server MLSD Command Overflow
Kaspersky Online Scanner kavwebscan.CKAVWebScan ActiveX (kavwebscan.dll) Format String Arbitrary Code Execution
Adobe Acrobat < 6.0.5
Safari < 3.2 Multiple Vulnerabilities
Google Chrome Detection (Windows)
QuickTime < 7.1.6 Security Update (Windows)
QuickTime < 7.6.2 (Windows)
Installed Windows Hotfixes
Microsoft Windows Server Service Crafted RPC Request Handling Unspecified Remote Code Execution (958644) - Network check
Netscape < 9.0.0.6
Vulnerability in Symantec AntiVirus could allow remote code execution (SYM06-010)
Macrovision InstallShield InstallScript One-Click Install ActiveX Arbitrary Code Execution
Opera web browser file download extension spoofing
WILDTANGENT detection
CA DM Deployment Common Component Multiple DoS
Firefox < 3.0.11 Multiple Vulnerabilities
Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280) - Network check
WinSCP URI Handler Arbitrary File Access
Notepad++ Ruby Source File Handling Overflow
McAfee Common Management Agent 3.6.0 UDP Packet Handling Format String (Registry Check)
ASN.1 Parsing Vulnerabilities (NTLM check)
MailEnable < 1.7 IMAP Server Multiple Vulnerabilities (ME-100008)
Google Chrome < 1.0.154.64
MailEnable IMAP Service (meimaps.exe) Crafted RENAME Command Remote DoS
The ScriptLogic service is running
MailEnable Webmail Malformed Quoted-printable Email DoS (CVE-2006-0504)
AxisCamControl ActiveX Control Buffer Overflow Vulnerability
Mozilla Thunderbird < 1.5.0.8
Morovia Barcode ActiveX Control < 3.6.0 Arbitrary File Overwrite
AXIS Camera Control (aka CamImage) AxisCamControl.ocx ActiveX SaveBMP Method Overflow
Firefox < 3.0.8 Multiple Vulnerabilities
NOD32 Antivirus System Check
Vulnerability in SAVCE could allow Local Privilege Escalation (SYM07-017)
Panda Antivirus EXE File Parsing Overflow
SMB Registry : permissions of the SNMP key
Novell Client nwfs.sys Local Privilege Escalation
The remote host is infected by a virus
RoboHelp Server Multiple Cross-Site Scripting Vulnerabilities (APSB09-02 Update 2)
CA Multiple Products inoweb Console Server Authentication Remote Overflow
RADIATE detection
Anzio Web Print Object (WePO) ActiveX mainurl Variable Buffer Overflow
ICUII Detection
WinRAR < 3.71 Archive Handling Vulnerabilities
ICQ < 6 Build 6059 Message Processing Format String
FortiClient Host Security fortimon.sys Crafted Request Local Privilege Escalation
QuickTime < 7.2 (Windows)
Safari < 3.2.3
Internet Explorer version check
Nullsoft Winamp Filename Handler Local Buffer Overrun
Microsoft Shlwapi.dll Malformed HTML form tag DoS
PFTP clear-text passwords
Microsoft Windows RPC Endpoint Manager Malformed Packet DoS
Novell SecureLogin < 6.0.106 Multiple Vulnerabilities
Firefox < 2.0.0.16
Opera < 9.02 Multiple Vulnerabilities
Symantec Mail Security for SMTP File Parsing Vulnerabilities
Microsoft Windows Media Server Malformed Handshake Sequence DoS
SMB guest account for all users
BlackBerry Enterprise Server / Unite! PDF Distiller Component Vulnerabilities (KB17118 / KB17119)
RealVNC VNC Viewer < 4.1.3/4.4.3 Arbitrary Command Execution
Novell iPrint Control ActiveX (ienipp.ocx) ExecuteRequest() Method Overflow
WinGate IMAP Server Directory Traversal Vulnerabilities
Microsoft Host Integration Server (HIS) SNA RPC Request Remote Overflow (956695) - Network Check
avast! Antivirus Server Edition Password Setting Weakness
Microsoft Office Detection
Sun Java Web Start PersistenceService Application Traversal Arbitrary File Overwrite (102957)
Mercur Mailserver POP3 Server AUTH Command Remote Overflow
Adobe Reader < 8.1.3 Multiple Vulnerabilities (OF, Code Exec, more)
Opera skin zip file buffer overflow vulnerability
Winamp Malformed Midi File Handling Buffer Overflow
RIS Installation Check
Opera remote location object cross-domain scripting vulnerability
netOctopus Agent nantsys.sys MSR Write Local Privilege Escalation
Altiris Deployment Solution Aclient Process (aclient.exe) Log File Viewer Local Privilege Escalation
FlashFXP Overflow
PhatBOT detection
Default password (db2admin) for db2admin account on Windows
Vulnerabilities in DHCP (885249) (network check)
Sun Java Runtime Environment Privilege Escalation (231261)
McAfee Anti-Virus ZIP/RAR File Scan Evasion
BitDefender Software Detection
CA eTrust Intrusion Detection CPImportKey Function Overflow DoS
Opera < 9.24 Multiple Vulnerabilities
Symantec Scan Engine Installed
Firefox < 2.0.0.8
Sun Java Media Framework (JMF) Vulnerability
Firefox < 1.5.0.1
The messenger service is running
Mozilla Thunderbird < 1.5.0.14
Retrospect Backup Server Authentication Module Password Hash Weakness (ESA-08-009)
DOWNLOADWARE detection
Opera < 9.22 Multiple Vulnerabilities
Microsoft Windows Distributed Transaction Coordinator (DTC) Malformed Input DoS
Firefox < 3.0.10 Multiple Vulnerabilities
DBTools DBManager Information Disclosure
MDaemon Content Filter Traversal Arbitrary File Write
Opera < 8.50 Multiple Vulnerabilities
SMB get domain SID
Vulnerability in Message Queuing Could Allow Remote Code Execution (937894) (Network check)
Symantec Decomposer Multiple Vulnerabilities (SYM08-006)
CuteFTP multiple flaws (2)
WindowsUpdate disabled
SeaMonkey < 1.1.10
Mozilla Thunderbird < 1.5.0.5
IBM Tivoli Storage Manager HSM Client < 5.5.1.8 / 5.4.2.6
SeaMonkey < 1.1.11
RealPlayer Detection
Firefox Cache File
Groove Virtual Office / Workspace Multiple Vulnerabilities
Sophos Anti-Virus UPX and BZIP File Multiple Vulnerabilities
OpenOffice RTF Parser prtdata Tag Buffer Overflow
NOD32 Run-Time Decompressors Multiple Vulnerabilities
OpenOffice Detection
QuickTime < 7.5 (Windows)
Nullsoft Winamp IN_CDDA.dll Remote Buffer Overflow Vulnerability
ThinkVantage System Update < 3.14 SSL Certificate Issuer Spoofing


Les derniers commentaires publiés sur SecuObs (6-25):
- Vidéo : P. Kleissner Stoned Bootkit preview, full at BH 09 Las Vegas
- SSTIC 2009 Challenge vs Metasm
- Vidéo : Password cracking with L0phtcrack 6
- DLL injection by modifying an executable file
- reverse shell from SQLi with 1 HTTP request, no extra channel to upload initial
- Hackers crack ColdFusion
- Vidéo : Hiding Files with NTFS Alternative Data Streams
- Whitepaper Understanding and using RFID
- phpMyAdmin exploited in masses
- Update: PyLoris 1.8
- ESRT @dougburks - Richard Bejtlich's Wireshark 12 Tutorial
- ESRT @Carlos_Perez @joswr1ght WPA2-PSK cracker Cowpatty 46 with less teh suck
- ESRT @dougburks Synjunkie on DNS BackTrack 4 tools Fierce and DNSRecon
- Draft 2 of OVAL Version 5.6 Now Available
- Microsoft Gazelle browser : A layperson explanation
- ESRT @bytz @developerworks Analysis Tool for Java data race and deadlock connect
- ESRT @bytz @unixmen New Kernel Vulnerabilities Affect Ubuntu 6.06, 8.04 and 8.10
- ModSecurity Denial of Service
- OpenFlow 0.9.0 RC1 has been released
- ESRT @davegball Tool to detect Metasploit Meterpreter anti-forensics tactics


SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Archives Failles Secunia :
- SA35687 Gentoo update for mod_security
- SA35686 Gentoo update for libwmf
- SA35699 Red Hat update for ruby
- SA35697 Red Hat update for pidgin
- SA35688 Ubuntu update for nagios2 and nagios3

Archives Mailing Full Disclosure :
- Full-disclosure Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products
- Full-disclosure Cisco Security Advisory: Cisco Physical Access Gateway Denial of Service Vulnerability
- Full-disclosure Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability
- Full-disclosure Cisco Security Advisory: Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability
- Full-disclosure SSANZ - Server Systems Administration NZ.

Archives Mailing Bugtraq :
- Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products
- Cisco Security Advisory: Cisco Physical Access Gateway Denial of Service Vulnerability
- Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability
- Cisco Security Advisory: Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability
- Re: Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome
- SECURITY DSA 1825-1 New nagios2/nagios3 packages fix arbitrary code execution

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :