Plugins: Gain a shell remotely

SuperMicro IPMI PSBlock File Plaintext Password Disclosure

SSH Static Key Accepted

McAfee LinuxShield <= 1.5.1 nailsd Daemon Remote Privilege Escalation

HP LoadRunner < 11.52 Code Execution

Sun SPARC Enterprise T5120 and T5220 Default Configuration Root Command Execution

Cisco Prime Data Center Network Manager RMI Remote Code Execution (credentialed check)

Cisco Prime Data Center Network Manager RMI Remote Code Execution (uncredentialed check)

HP Intelligent Management Center User Access Manager Unspecified Information Disclosure

HP Intelligent Management Center < 5.2 E401 Multiple Vulnerabilities

HP LeftHand Virtual SAN Appliance < 10.0 hydra Service Multiple Remote Code Execution Vulnerabilities

Portable SDK for UPnP Devices (libupnp) < 1.6.18 Multiple Stack-based Buffer Overflows

MiniUPnP < 1.0.4 Multiple Vulnerabilities

Barracuda Appliances Default Credentials

HP Intelligent Management Center User Access Manager Datagram Parsing Code Execution

freeFTPd / freeSSHd SFTP Authentication Bypass

Tectia SSH Server Authentication Bypass

CA ARCserve Backup Remote Code Execution (CA20121018) (uncredentialed check)

HP LoadRunner < 11.00 Patch 4 Code Execution (intrusive check)

Novell GroupWise Internet Agent Request Content-Length Header Parsing Remote Overflow

Apple TV < 5.1 Multiple Vulnerabilities

Novell File Reporter Agent VOL Tag Remote Code Execution (uncredentialed check)

Novell File Reporter Agent XML Parsing Remote Code Execution

VNC Server 'password' Password

HP SAN/iQ <= 10.0 Root Shell Command Injection

EMC AutoStart ftAgent Multiple Remote Code Execution Vulnerabilities (ESA-2012-020)

F5 Multiple Products Root Authentication Bypass

VMSA-2012-0009 : ESXi and ESX patches address critical security issues (uncredentialed check)

HP SAN/iQ < 9.5 Root Shell Command Injection

BeanShell Remote Server Mode Arbitrary Code Execution

HP OpenView Network Node Manager Multiple Code Execution Vulnerabilities (HPSBMU02712 SSRT100649)

Symantec pcAnywhere awhost32 Remote Code Execution

Multiple Cisco Products brstart sm_read_string_length Remote Code Execution

Trend Micro Control Manager CmdProcessor.exe Remote Buffer Overflow (uncredentialed check)

FreeBSD 'telnetd' Daemon Remote Buffer Overflow

Symantec Veritas Enterprise Administrator Service (vxsvc) Multiple Integer Overflows

HP iNode Management Center Buffer Overflow (HPSB3C02687) (remote check)

HP Data Protector <= A.06.20 Multiple Vulnerabilities (uncredentialed check)

Novell File Reporter Engine RECORD Element Tag Parsing Overflow (uncredentialed check)

HP Intelligent Management Center Multiple Vulnerabilities

HP Intelligent Management Center TFTP Multiple Vulnerabilities

IBM Tivoli Directory Server SASL Bind Request Buffer Overflow (uncredentialed check)

Sybase M-Business Anywhere (AvantGo) gsoap Module password Tag Handling Overflow

HP Data Protector Remote Command Execution

Asterisk main/udptl.c Buffer Overflows (AST-2011-002)

Asterisk main/utils.c ast_uri_encode() CallerID Information Overflow (AST-2011-001)

HP StorageWorks MSA P2000 Default Credentials

HP StorageWorks MSA P2000 Hidden 'admin' User Default Credentials

Novell PlateSpin Orchestrate Remote Code Execution

Multiple Switch Vendors '__super' Account Backdoor

TANDBERG Video Communication Server Static SSH Host Keys

OpenSSH < 3.2.3 YP Netgroups Authentication Bypass

HP Data Protector MSG_PROTOCOL Remote Stack-based Buffer Overflow

IBM Tivoli Storage Manager Client Multiple Vulnerabilities (swg21405562)

Random password for 'root' account

Wyse Thin Client hagent.exe Unspecified Buffer Overflow

EMC Replication Manager irccd.exe RunProgram Message Handling Arbitrary Command Execution

NTP ntpd/ntp_crypto.c crypto_recv() Function Remote Overflow

EMC RepliStor < 6.2 SP5/6.3 SP2 Multiple Heap Overflows

FreeBSD telnetd sys_term.c Environment Variable Handling Privilege Escalation (FreeBSD-SA-09:05)

RealNetworks Helix Server < 11.1.8/12.0.1 Multiple Vulnerabilities

EMC RepliStor Multiple Remote Heap Based Buffer Overflows

TCL Shell (tclsh) Arbitrary Command Execution

ClamAV < 0.94 Multiple Vulnerabilities

ClamAV < 0.94.2 cli_check_jpeg_exploit() Malformed JPEG File DoS

ClamAV < 0.94.1 get_unicode_name() Off-by-One Buffer Overflow

Novell eDirectory < 8.8.2 FTF2 / 8.7.3 SP10b Multiple Remote Overflows

EMC AlphaStor Library Manager Remote Code Execution

EMC AlphaStor Device Manager robotd Remote Code Execution

Debian OpenSSH/OpenSSL Package Random Number Generator Weakness (SSL check)

Remote host has weak Debian OpenSSH Keys in ~/.ssh/authorized_keys

Debian OpenSSH/OpenSSL Package Random Number Generator Weakness

Firefly Media Server ws_getpostvars Function Content-Length Header HTTP Request Handling Overflow

VLC Media Player network/httpd.c httpd_FileCallBack Function Connection Parameter Format String

Versant Connection Services Daemon Arbitrary Command Execution

Kerio MailServer < 6.5.0 Multiple Vulnerabilities

Adobe Flash Media Server < 2.0.5 Multiple Remote Vulnerabilities

AXIGEN Mail Server AXIMilter CNHO Command Remote Format String

IBM Lotus Domino < 7.0.2 FP2 Multiple Vulnerabilities

IBM Lotus Domino < 6.5.6 FP2 Multiple Vulnerabilities

Firefly Media Server webserver.c ws_addarg Function /xml-rpc Authorization Header Remote Format String

Perdition IMAPD IMAP Tag Remote Format String Arbitrary Code Execution

IBM Lotus Domino IMAP Service Mailbox Name Overflow

HP Linux Imaging and Printing Project (hplip) hpssd from Address Command Injection

Mercury IMAP Server SEARCH Command Remote Buffer Overflow

RealNetworks Helix DNA Server RTSP Service Crafted Require Header Remote Overflow

SIDVault < 2.0f LDAP Server Malformed Search Request Buffer Overflow

CA Multiple Products Message Queuing Server (Cam.exe) Remote Overflow

Sun Java System Directory Server Multiple Vulnerabilities

Asterisk SIP Channel T.38 SDP Parsing Multiple Buffer Overflows

IBM Tivoli Storage Manager Multiple Remote Overflows

Symantec Veritas Storage Foundation Scheduler Service (VxSchedService.exe) Remote Code Execution

Darwin Streaming Server < 5.5.5 Multiple Remote Overflow Vulnerabilities

MERCUR Messaging IMAP Server NTLM Authentication NTLMSSP Argument Remote Overflow

Novell Groupwise WebAccess GWINTER.EXE Base64 Decoding Remote Overflow

Kerberos telnet Crafted Username Remote Authentication Bypass

IBM Lotus Domino IMAP Server (nimap.exe) CRAM-MD5 Authentication Remote Overflow

RealNetworks Helix Servers DESCRIBE Request LoadTestPassword Field Remote Overflow

Mercury IMAP Server LOGIN Command Remote Overflow

Trend Micro ServerProtect TmRpcSrv.dll RPC Request Multiple Overflows

Mercury LoadRunner Agent server_ip_name Field Remote Buffer Overflow

Solaris 10 Forced Login Telnet Authentication Bypass

AXIGEN Mail Server < 2.0.0 Multiple Remote Vulnerabilities

Novell ZENworks Asset Management Collection Client Remote Overflow

AT-TFTP Server Filename Handling Remote Overflow

Asterisk Skinny Channel Driver (chan_skinny) get_input Function Remote Overflow

Zend Session Clustering Daemon PHP Session Identifier Remote Overflow

Informix Dynamic Server Multiple Remote Vulnerabilities

HP OpenView Storage Data Protector Backup Agent Arbitrary Remote Command Execution

Brightmail AntiSpam bmagent Multiple Remote Vulnerabilities (DoS, Traversal)

IAXClient Open Source Library iax_net_read Function Packet Handling Remote Overflow

Rendezvous < 7.5.1 HTTP Admin Interface Remote Overflow

SpamAssassin spamd Crafted Message Arbitrary Command Execution

Fenice <= 1.10 Multiple Remote Vulnerabilities

freeSSHd Key Exchange Algorithm String Remote Overflow

EMC Retrospect Client Packet Handling Remote Overflow

Novell GroupWise Messenger Accept Language Remote Overflow

MERCUR Messaging IMAP Service Multiple Command Remote Overflow

BlackBerry Enterprise Server PNG Attachment Buffer Overflow

BlackBerry Enterprise Server Attachment Handling Buffer Overflows

Lotus Notes < 6.5.5 / 7.0.1 Attachment Handling Vulnerabilities

Mercury Mail ph Server Remote Overflow

Tftpd32 Error Message Format String

Qualcomm WorldMail Multiple IMAP Command Remote Overflow

Novell NetMail IMAP Agent Long Verb Arguments Remote Overflow

FTGate4 IMAP EXAMINE Command Remote Overflow

CA Multiple Products Message Queuing Multiple Remote Vulnerabilities

GpsDrive friendsd2 dir Field Remote Format String

OpenVMPS Logging Function Format String

UW-IMAP Mailbox Name Buffer Overflow

HP OpenView Network Node Manager Multiple Services Remote Overflow

GNU Mailutils imap4d Search Command Remote Format String

Novell eDirectory Server iMonitor Multiple Remote Overflows

VERITAS Backup Exec Agent Unauthenticated Remote Registry Access

Hobbit Monitor < 4.1.0 hobbitd Malformed Message Remote Overflow

MDaemon IMAP Server Multiple AUTHENTICATE Commands Remote Overflow

Novell ZENworks Multiple Remote Pre-Authentication Overflows

Novell NetMail < 3.52C IMAP Agent Multiple Remote Overflows

TFTPD small overflow

Hummingbird InetD LPD Component (Lpdw.exe) Data Overflow

GNU Mailutils <= 0.6 Multiple Vulnerabilities

TFTPD Server Filename Handling Remote Overflow

BakBone NetVault < 7.1.2 / 7.3.1 Multiple Remote Overflows

NetWin DMail Server Multiple Remote Vulnerabilities

BayTech RPC-3 Telnet Daemon Remote Authentication Bypass

Sentinel License Manager lservnt Service Remote Buffer Overflow

Ipswitch IMail IMAP EXAMINE Argument Buffer Overflow

Eudora Internet Mail Server for Mac OS USER Overflow

NNTP Server Password Handling Remote Overflow

NNTP Server Message Header Handling Remote Overflow

Cyrus IMAP Server < 2.2.11 Multiple Remote Overflows

Knox Arkeia Backup Client Type 77 Request Processing Buffer Remote Overflow

CA BrightStor ARCserve/Enterprise Backup Persistent Default Administrator Account

ngIRCd < 0.8.3 Log_Resolver() Format String

ngIRCd < 0.8.2 Lists_MakeMask() Remote Overflow DoS

Berlios gpsd gpsd_report() Function Format String

Citadel/UX select() Bitmap Array Index Remote Oerflow

VERITAS Backup Exec Agent Browser Registration Request Remote Overflow

UMN Gopherd < 3.0.6 Multiple Remote Vulnerabilities

Samba smbd Security Descriptor Parsing Remote Overflow

Citadel/UX lprintf() Function Remote Format String

YardRadius process_menu Function Remote Buffer Overflow

Mercury Mail Remote IMAP Server Remote Overflow

Cyrus IMAP Server < 2.2.10 Multiple Remote Overflows

Digital Mappings Systems POP3 Server (pop3svr.exe) Multiple Field Remote Overflow

Netscape NSS Library SSLv2 Challenge Overflow

Cfengine cfservd ReceiveTransaction Function Remote Overflow (version check)

Cfengine CAUTH Command Remote Format String

Cfengine AuthenticationDialogue() Function Remote Overflow

Medal of Honor Multiple Remote Overflows

Dropbear SSH Server DSS Verification Failure Remote Privilege Escalation

rsync sanitize_path() Function Arbitrary File Disclosure

Citadel/UX USER Command Remote Overflow

l2tpd < 0.69 control.c write_packet Function Remote Overflow

Samba Mangling Method Hash Overflow

Unreal Engine Secure Query Remote Overflow

F-Secure SSH Password Authentication Policy Evasion

INN < 2.4.1 Control Message Handling Code Overflow

Ebola AV Daemon < 0.1.5 Authentication Sequence Remote Overflow

rsync < 2.5.7 Unspecified Remote Heap Overflow

Cfengine cfservd ReceiveTransaction Function Remote Overflow (intrusive check)

OpenSSH < 3.7.1p2 Multiple Remote Vulnerabilities

Solaris sadmind AUTH_SYS Credential Remote Command Execution

OpenSSH < 3.7.1 Multiple Vulnerabilities

TrueType Font Server for X11 (xfstt) Malformed Packet Remote Overflow

Multiple Vendor IRC Daemon Debug Format String

gnocatan Multiple Buffer Overflows

Batalla Naval gbnserver Remote Overflow

Helix Servers View Source Plug-in RTSP Parser Overflow

MailMax IMAP Server SELECT Command Remote Overflow

Intel PXE Server Remote Overflow

MailMax < 5.0.10.8 Multiple Remote Overflows

PoPToP PPTP ctrlpacket.c Negative Read Remote Overflow

Samba < 2.2.8a / 3.0.0 Multiple Remote Overflows

Solaris in.lpd Crafted Job Request Arbitrary Remote Command Execution

Tanne netzio.c logger Function Remote Format String

APC < 3.8.0 apcupsd Multiple Vulnerabilities

Samba TNG < 0.3.1 Multiple Remote Vulnerabilities

BSD in.lpd File Name Handling Remote Overflow

Samba < 2.2.8 Multiple Vulnerabilities

rsync I/O Functions Multiple Signedness Error Remote Command Execution

l2tpd < 0.68 Multiple Vulnerabilities

AIX lpd Multiple Functions Remote Overflow

FreeBSD 2.x lpd Long DNS Hostname Overflow

SSH1 SSH Daemon Logging Failure

sshd scp Traversal Arbitrary File Overwrite

IBM Lotus Domino < 5.0.12 / 6.0.1 Multiple Vulnerabilities

Multiple Linux rpc.mountd Remote Overflow

Unreal Engine Multiple Remote Vulnerabilities

BitKeeper Daemon Mode diff Shell Command Injection

Cyrus IMAP Server login Command Remote Overflow

X Font Service Crafted XFS Query Remote Overflow

Samba Encrypted Password String Conversion Decryption Overflow

Multiple OS /bin/login Remote Overflow

Canna SR_INIT Command Remote Overflow

Samba enum_csc_policy Data Structure Termination Remote Overflow

Omron WorldView Wnn Multiple Command Remote Overflow

Avirt Gateway Suite Telnet Proxy Arbitrary Command Execution

OpenSSL < 0.9.6e / 0.9.7b3 Multiple Remote Vulnerabilities

fake identd (fakeidentd) Fragmented Packet Request Remote Overflow

OpenSSH < 3.4 Multiple Remote Overflows

Linux lpd DVI Print Filter (dvips) Remote Command Execution

University of Washington imap Server (uw-imapd) BODY Request Remote Overflow

OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow

Solaris cachefsd fscache_setup Function Remote Overflow

OpenSSH < 3.1 Channel Code Off by One Remote Privilege Escalation

SysV /bin/login Environment Remote Overflow (rlogin)

SysV /bin/login Environment Remote Overflow (telnet check)

GNOME libgtop Daemon Remote Format String

Network Solutions Rwhoisd Syslog Remote Format String

Network Solutions Rwhoisd -soa Command Remote Format String

Samba NETBIOS Name Traversal Arbitrary Remote File Creation

Solaris in.lpd Transfer Job Routine Remote Buffer Overflow

BSD Based telnetd telrcv Function Remote Command Execution

Solaris rpc.yppasswdd username Remote Overflow

Solaris snmpXdmid Long Indication Event Overflow

NTP ntpd readvar Variable Remote Overflow

UoW imapd (UW-IMAP) Multiple Command Remote Overflows

Netscape Messaging Server IMAP LIST Command Remote Overflow

XMail APOP / USER Command Remote Overflow

NSM Multiple Service Remote Format String

LPRng use_syslog() Remote Format String Arbitrary Command Execution

pam_smb / pam_ntdom User Name Remote Overflow

vpopmail vchkpw USER/PASS Command Format String

INN < 2.2.3 verifycancels Option Cancel Request Message Overflow

NAI WebShield SMTP Management Agent SET_CONFIG Overflow

MBDMS Database Server Long String Remote Overflow

Rockliffe MailSite Management Agent wconsole.dll GET Request Overflow

Gauntlet CyberPatrol Content Monitoring System Overflow

Kerberos klogind Remote Overflow

rsh Unauthenticated Access (via finger Information)

LCDproc < 0.4.1 screen_add Command Remote Overflow

UoW imapd (UW-IMAP) Multiple Command Remote Overflows (2)

XtraMail POP3 PASS Command Remote Overflow

UoW imapd AUTHENTICATE Command Remote Overflow

NetCPlus SmartServer3 POP3 (NCPOPSERV.EXE) USER Command Remote Overflow

Rover POP3 Server Username Remote Overflow

HP Remote Watch showdisk Remote Privilege Escalation

RealServer G2 Malformed Telnet Data Remote Overflow

Multiple Vendor POP3 Remote Overflows

OpenLink Web Configurator GET Request Remote Overflow

rlogin -froot Remote Root Access

IMAP pop-2d POP Daemon FOLD Command Remote Overflow

INN < 1.6 Multiple Vulnerabilities

UoW IMAP/POP server_login() Function Remote Overflow

IMail IMonitor Service Remote Overflow

IMail IMAP Server Login Functions Remote Overflow

SCO UnixWare i2odialogd daemon Username Authorization String Overflow

rsh NULL Login Remote Privilege Escalation

FakeBO NetBus Handling Code Remote Overflow