Network Security Audits / Vulnerability Assessments by SecuritySpace

Category: Remote file access

ID # Risk Test Title

1.3.6.1.4.1.25623.1.0.902271 High WinTFTP Server Pro Remote Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.900720 High AVG AntiVirus Engine Malware Detection Bypass Vulnerability (Linux)

1.3.6.1.4.1.25623.1.0.900719 High AVG AntiVirus Engine Malware Detection Bypass Vulnerability (Windows)

1.3.6.1.4.1.25623.1.0.900685 High Samba Format String Vulnerability

1.3.6.1.4.1.25623.1.0.900174 High Visagesoft eXPert PDF Viewer ActiveX Control File Overwrite Vulnerability

1.3.6.1.4.1.25623.1.0.802623 Medium Distinct TFTP Server Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.802405 High Ipswitch TFTP Server Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.802027 Medium Avaya IP Office Manager TFTP Server Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.801965 High CiscoKits TFTP Server Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.801543 High AT TFTP Server Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.80081 High Sambar Default Accounts

1.3.6.1.4.1.25623.1.0.800404 High Samba Root File System Access Security Vulnerability

1.3.6.1.4.1.25623.1.0.80028 High User Mountable NFS shares

1.3.6.1.4.1.25623.1.0.80016 High Kiwi CatTools < 3.2.9 Directory Traversal

1.3.6.1.4.1.25623.1.0.800129 Medium OpenOffice senddoc Insecure Temporary File Creation Vulnerability (Linux)

1.3.6.1.4.1.25623.1.0.56899 Medium RaidenHTTP arbitrary file disclosure

1.3.6.1.4.1.25623.1.0.56898 Medium RaidenHTTP script source disclosure

1.3.6.1.4.1.25623.1.0.52027 Medium CommuniGate Pro Webmail File Disclosure

1.3.6.1.4.1.25623.1.0.52024 High CommuniGate Pro Webmail File Disclosure(2)

1.3.6.1.4.1.25623.1.0.51909 Medium Icecast Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.51866 High MySQL database has a user with no password

1.3.6.1.4.1.25623.1.0.51790 High RaidenHTTP buffer overflow

1.3.6.1.4.1.25623.1.0.51786 Medium BadBlue Connections denial of service

1.3.6.1.4.1.25623.1.0.51785 High BadBlue ext.dll buffer overflow

1.3.6.1.4.1.25623.1.0.51784 High BadBlue administrative access vulnerability

1.3.6.1.4.1.25623.1.0.51783 High BadBlue administrative access vulnerability

1.3.6.1.4.1.25623.1.0.51677 Medium Viking directory traversal

1.3.6.1.4.1.25623.1.0.50205 High PhotoPost Pro Cross Site Scripting/SQL injection

1.3.6.1.4.1.25623.1.0.50204 High ReviewPost Pro Cross Site Scripting/SQL injection

1.3.6.1.4.1.25623.1.0.50203 Medium QwikiWiki Directory Traversal vulnerability

1.3.6.1.4.1.25623.1.0.200001 High Kiwi CatTools < 3.2.9 Directory Traversal

1.3.6.1.4.1.25623.1.0.19510 High TFTP directory permissions (HP Ignite-UX)

1.3.6.1.4.1.25623.1.0.19509 High TFTP file detection (HP Ignite-UX passwd)

1.3.6.1.4.1.25623.1.0.19508 Medium TFTP file detection (HP Ignite-UX)

1.3.6.1.4.1.25623.1.0.19507 Medium TFTP file detection (Cisco CallManager)

1.3.6.1.4.1.25623.1.0.18262 High TFTP directory traversal

1.3.6.1.4.1.25623.1.0.17342 Medium TFTP file detection (Cisco IOS)

1.3.6.1.4.1.25623.1.0.17341 Medium TFTP file detection (Cisco IOS CA)

1.3.6.1.4.1.25623.1.0.16142 Medium IlohaMail Readable Configuration Files

1.3.6.1.4.1.25623.1.0.16137 Medium Simple PHP Blog dir traversal

1.3.6.1.4.1.25623.1.0.15984 High User Mountable NFS shares

1.3.6.1.4.1.25623.1.0.15394 High Samba Remote Arbitrary File Access

1.3.6.1.4.1.25623.1.0.14800 Medium Subversion Module unreadeable path information disclosure

1.3.6.1.4.1.25623.1.0.14631 Medium IlohaMail Arbitrary File Access via Session Variable Vulnerability

1.3.6.1.4.1.25623.1.0.14630 Medium IlohaMail Arbitrary File Access via Language Variable

1.3.6.1.4.1.25623.1.0.14354 Medium Music Daemon <= 0.0.3 File Disclosure Vulnerability

1.3.6.1.4.1.25623.1.0.14353 Medium Music Daemon Denial of Service

1.3.6.1.4.1.25623.1.0.14241 Medium 4D WebStar Symbolic Link Vulnerability

1.3.6.1.4.1.25623.1.0.14229 Medium thttpd Directory Traversal (Windows)

1.3.6.1.4.1.25623.1.0.13848 Medium Subversion Module File Restriction Bypass

1.3.6.1.4.1.25623.1.0.12284 High Subversion SVN Protocol Parser Remote Integer Overflow

1.3.6.1.4.1.25623.1.0.12261 High Subversion remote Buffer Overflow

1.3.6.1.4.1.25623.1.0.12260 High Subversion Pre-Commit-Hook Vulnerability

1.3.6.1.4.1.25623.1.0.12259 Low Subversion Detection

1.3.6.1.4.1.25623.1.0.12254 Medium IMAP arbitrary file retrieval

1.3.6.1.4.1.25623.1.0.12246 High Firebird DB remote buffer overflow

1.3.6.1.4.1.25623.1.0.12230 High rsync path traversal

1.3.6.1.4.1.25623.1.0.12105 Medium Use LDAP search request to retrieve information from NT Directory Services

1.3.6.1.4.1.25623.1.0.11988 High FSP Suite Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.11948 High Avotus CDR mm File Retrieval Attempt

1.3.6.1.4.1.25623.1.0.11914 Medium TheServer clear text password

1.3.6.1.4.1.25623.1.0.11909 Medium Apache2 double slash dir index

1.3.6.1.4.1.25623.1.0.11716 High Misconfigured Gnutella

1.3.6.1.4.1.25623.1.0.11656 Medium Eserv Directory Index

1.3.6.1.4.1.25623.1.0.11586 High FileMakerPro Detection

1.3.6.1.4.1.25623.1.0.11576 High thttpd directory traversal thru Host:

1.3.6.1.4.1.25623.1.0.11504 High MultiTech Proxy Server Default Password

1.3.6.1.4.1.25623.1.0.11493 Medium Sambar Default Accounts

1.3.6.1.4.1.25623.1.0.11481 High mod_auth_any command execution

1.3.6.1.4.1.25623.1.0.11480 High 3com RAS 1500 configuration disclosure

1.3.6.1.4.1.25623.1.0.11419 Other Office files list

1.3.6.1.4.1.25623.1.0.11386 High Lotus Domino 6.0 vulnerabilities

1.3.6.1.4.1.25623.1.0.11358 High The remote portmapper forwards NFS requests

1.3.6.1.4.1.25623.1.0.11357 High NFS cd ..

1.3.6.1.4.1.25623.1.0.11356 High Mountable NFS shares

1.3.6.1.4.1.25623.1.0.11353 High NFS fsirand

1.3.6.1.4.1.25623.1.0.11210 High Apache < 2.0.44 file reading on Win32

1.3.6.1.4.1.25623.1.0.11005 Medium LocalWeb2000 remote read

1.3.6.1.4.1.25623.1.0.10805 High Informix traversal

1.3.6.1.4.1.25623.1.0.10706 Medium McAfee myCIO Directory Traversal

1.3.6.1.4.1.25623.1.0.106920 High HP Printers Arbitrary Code Execution Vulnerability

1.3.6.1.4.1.25623.1.0.10691 High Netscape Enterprise INDEX request problem

1.3.6.1.4.1.25623.1.0.10683 High iPlanet Certificate Management Traversal

1.3.6.1.4.1.25623.1.0.10680 High Microsoft Internet Information Services (IIS) Source Fragment Disclosure

1.3.6.1.4.1.25623.1.0.105957 High DSS TFTP Server Path Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.10536 High Anaconda remote file retrieval

1.3.6.1.4.1.25623.1.0.10533 Medium Web Shopper remote file retrieval

1.3.6.1.4.1.25623.1.0.10532 Medium eXtropia Web Store remote file retrieval

1.3.6.1.4.1.25623.1.0.10527 Medium Boa file retrieval

1.3.6.1.4.1.25623.1.0.10523 High thttpd ssi file retrieval

1.3.6.1.4.1.25623.1.0.10469 High ipop2d reads arbitrary files

1.3.6.1.4.1.25623.1.0.10454 High sawmill password

1.3.6.1.4.1.25623.1.0.10453 Medium sawmill allows the reading of the first line of any file

1.3.6.1.4.1.25623.1.0.10408 High Insecure Napster clone

1.3.6.1.4.1.25623.1.0.10382 High Atrium Mercur Mailserver

1.3.6.1.4.1.25623.1.0.10355 Medium vqServer web traversal vulnerability

1.3.6.1.4.1.25623.1.0.10351 High The ACC router shows configuration without authentication

1.3.6.1.4.1.25623.1.0.103321 Medium YaTFTPSvr TFTP Server Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.10286 High thttpd flaw

1.3.6.1.4.1.25623.1.0.102014 High NFS export

1.3.6.1.4.1.25623.1.0.10149 High NetBeans Java IDE

1.3.6.1.4.1.25623.1.0.10141 High MetaInfo servers

1.3.6.1.4.1.25623.1.0.10110 High iChat

1.3.6.1.4.1.25623.1.0.10091 High FTPGate traversal

1.3.6.1.4.1.25623.1.0.100899 Medium Quick Tftp Server Pro Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.10063 High Eserv traversal

1.3.6.1.4.1.25623.1.0.10057 High Lotus Domino ?open Vulnerability

1.3.6.1.4.1.25623.1.0.100502 Medium VMware Products Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.100488 Medium Samba Symlink Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.10010 High AliBaba path climbing

1.3.6.1.4.1.25623.1.0.10008 High WebSite 1.0 buffer overflow

ID #	Risk	Test Title
1.3.6.1.4.1.25623.1.0.902271	High	WinTFTP Server Pro Remote Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.900720	High	AVG AntiVirus Engine Malware Detection Bypass Vulnerability (Linux)
1.3.6.1.4.1.25623.1.0.900719	High	AVG AntiVirus Engine Malware Detection Bypass Vulnerability (Windows)
1.3.6.1.4.1.25623.1.0.900685	High	Samba Format String Vulnerability
1.3.6.1.4.1.25623.1.0.900174	High	Visagesoft eXPert PDF Viewer ActiveX Control File Overwrite Vulnerability
1.3.6.1.4.1.25623.1.0.802623	Medium	Distinct TFTP Server Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.802405	High	Ipswitch TFTP Server Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.802027	Medium	Avaya IP Office Manager TFTP Server Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.801965	High	CiscoKits TFTP Server Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.801543	High	AT TFTP Server Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.80081	High	Sambar Default Accounts
1.3.6.1.4.1.25623.1.0.800404	High	Samba Root File System Access Security Vulnerability
1.3.6.1.4.1.25623.1.0.80028	High	User Mountable NFS shares
1.3.6.1.4.1.25623.1.0.80016	High	Kiwi CatTools < 3.2.9 Directory Traversal
1.3.6.1.4.1.25623.1.0.800129	Medium	OpenOffice senddoc Insecure Temporary File Creation Vulnerability (Linux)
1.3.6.1.4.1.25623.1.0.56899	Medium	RaidenHTTP arbitrary file disclosure
1.3.6.1.4.1.25623.1.0.56898	Medium	RaidenHTTP script source disclosure
1.3.6.1.4.1.25623.1.0.52027	Medium	CommuniGate Pro Webmail File Disclosure
1.3.6.1.4.1.25623.1.0.52024	High	CommuniGate Pro Webmail File Disclosure(2)
1.3.6.1.4.1.25623.1.0.51909	Medium	Icecast Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.51866	High	MySQL database has a user with no password
1.3.6.1.4.1.25623.1.0.51790	High	RaidenHTTP buffer overflow
1.3.6.1.4.1.25623.1.0.51786	Medium	BadBlue Connections denial of service
1.3.6.1.4.1.25623.1.0.51785	High	BadBlue ext.dll buffer overflow
1.3.6.1.4.1.25623.1.0.51784	High	BadBlue administrative access vulnerability
1.3.6.1.4.1.25623.1.0.51783	High	BadBlue administrative access vulnerability
1.3.6.1.4.1.25623.1.0.51677	Medium	Viking directory traversal
1.3.6.1.4.1.25623.1.0.50205	High	PhotoPost Pro Cross Site Scripting/SQL injection
1.3.6.1.4.1.25623.1.0.50204	High	ReviewPost Pro Cross Site Scripting/SQL injection
1.3.6.1.4.1.25623.1.0.50203	Medium	QwikiWiki Directory Traversal vulnerability
1.3.6.1.4.1.25623.1.0.200001	High	Kiwi CatTools < 3.2.9 Directory Traversal
1.3.6.1.4.1.25623.1.0.19510	High	TFTP directory permissions (HP Ignite-UX)
1.3.6.1.4.1.25623.1.0.19509	High	TFTP file detection (HP Ignite-UX passwd)
1.3.6.1.4.1.25623.1.0.19508	Medium	TFTP file detection (HP Ignite-UX)
1.3.6.1.4.1.25623.1.0.19507	Medium	TFTP file detection (Cisco CallManager)
1.3.6.1.4.1.25623.1.0.18262	High	TFTP directory traversal
1.3.6.1.4.1.25623.1.0.17342	Medium	TFTP file detection (Cisco IOS)
1.3.6.1.4.1.25623.1.0.17341	Medium	TFTP file detection (Cisco IOS CA)
1.3.6.1.4.1.25623.1.0.16142	Medium	IlohaMail Readable Configuration Files
1.3.6.1.4.1.25623.1.0.16137	Medium	Simple PHP Blog dir traversal
1.3.6.1.4.1.25623.1.0.15984	High	User Mountable NFS shares
1.3.6.1.4.1.25623.1.0.15394	High	Samba Remote Arbitrary File Access
1.3.6.1.4.1.25623.1.0.14800	Medium	Subversion Module unreadeable path information disclosure
1.3.6.1.4.1.25623.1.0.14631	Medium	IlohaMail Arbitrary File Access via Session Variable Vulnerability
1.3.6.1.4.1.25623.1.0.14630	Medium	IlohaMail Arbitrary File Access via Language Variable
1.3.6.1.4.1.25623.1.0.14354	Medium	Music Daemon <= 0.0.3 File Disclosure Vulnerability
1.3.6.1.4.1.25623.1.0.14353	Medium	Music Daemon Denial of Service
1.3.6.1.4.1.25623.1.0.14241	Medium	4D WebStar Symbolic Link Vulnerability
1.3.6.1.4.1.25623.1.0.14229	Medium	thttpd Directory Traversal (Windows)
1.3.6.1.4.1.25623.1.0.13848	Medium	Subversion Module File Restriction Bypass
1.3.6.1.4.1.25623.1.0.12284	High	Subversion SVN Protocol Parser Remote Integer Overflow
1.3.6.1.4.1.25623.1.0.12261	High	Subversion remote Buffer Overflow
1.3.6.1.4.1.25623.1.0.12260	High	Subversion Pre-Commit-Hook Vulnerability
1.3.6.1.4.1.25623.1.0.12259	Low	Subversion Detection
1.3.6.1.4.1.25623.1.0.12254	Medium	IMAP arbitrary file retrieval
1.3.6.1.4.1.25623.1.0.12246	High	Firebird DB remote buffer overflow
1.3.6.1.4.1.25623.1.0.12230	High	rsync path traversal
1.3.6.1.4.1.25623.1.0.12105	Medium	Use LDAP search request to retrieve information from NT Directory Services
1.3.6.1.4.1.25623.1.0.11988	High	FSP Suite Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.11948	High	Avotus CDR mm File Retrieval Attempt
1.3.6.1.4.1.25623.1.0.11914	Medium	TheServer clear text password
1.3.6.1.4.1.25623.1.0.11909	Medium	Apache2 double slash dir index
1.3.6.1.4.1.25623.1.0.11716	High	Misconfigured Gnutella
1.3.6.1.4.1.25623.1.0.11656	Medium	Eserv Directory Index
1.3.6.1.4.1.25623.1.0.11586	High	FileMakerPro Detection
1.3.6.1.4.1.25623.1.0.11576	High	thttpd directory traversal thru Host:
1.3.6.1.4.1.25623.1.0.11504	High	MultiTech Proxy Server Default Password
1.3.6.1.4.1.25623.1.0.11493	Medium	Sambar Default Accounts
1.3.6.1.4.1.25623.1.0.11481	High	mod_auth_any command execution
1.3.6.1.4.1.25623.1.0.11480	High	3com RAS 1500 configuration disclosure
1.3.6.1.4.1.25623.1.0.11419	Other	Office files list
1.3.6.1.4.1.25623.1.0.11386	High	Lotus Domino 6.0 vulnerabilities
1.3.6.1.4.1.25623.1.0.11358	High	The remote portmapper forwards NFS requests
1.3.6.1.4.1.25623.1.0.11357	High	NFS cd ..
1.3.6.1.4.1.25623.1.0.11356	High	Mountable NFS shares
1.3.6.1.4.1.25623.1.0.11353	High	NFS fsirand
1.3.6.1.4.1.25623.1.0.11210	High	Apache < 2.0.44 file reading on Win32
1.3.6.1.4.1.25623.1.0.11005	Medium	LocalWeb2000 remote read
1.3.6.1.4.1.25623.1.0.10805	High	Informix traversal
1.3.6.1.4.1.25623.1.0.10706	Medium	McAfee myCIO Directory Traversal
1.3.6.1.4.1.25623.1.0.106920	High	HP Printers Arbitrary Code Execution Vulnerability
1.3.6.1.4.1.25623.1.0.10691	High	Netscape Enterprise INDEX request problem
1.3.6.1.4.1.25623.1.0.10683	High	iPlanet Certificate Management Traversal
1.3.6.1.4.1.25623.1.0.10680	High	Microsoft Internet Information Services (IIS) Source Fragment Disclosure
1.3.6.1.4.1.25623.1.0.105957	High	DSS TFTP Server Path Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.10536	High	Anaconda remote file retrieval
1.3.6.1.4.1.25623.1.0.10533	Medium	Web Shopper remote file retrieval
1.3.6.1.4.1.25623.1.0.10532	Medium	eXtropia Web Store remote file retrieval
1.3.6.1.4.1.25623.1.0.10527	Medium	Boa file retrieval
1.3.6.1.4.1.25623.1.0.10523	High	thttpd ssi file retrieval
1.3.6.1.4.1.25623.1.0.10469	High	ipop2d reads arbitrary files
1.3.6.1.4.1.25623.1.0.10454	High	sawmill password
1.3.6.1.4.1.25623.1.0.10453	Medium	sawmill allows the reading of the first line of any file
1.3.6.1.4.1.25623.1.0.10408	High	Insecure Napster clone
1.3.6.1.4.1.25623.1.0.10382	High	Atrium Mercur Mailserver
1.3.6.1.4.1.25623.1.0.10355	Medium	vqServer web traversal vulnerability
1.3.6.1.4.1.25623.1.0.10351	High	The ACC router shows configuration without authentication
1.3.6.1.4.1.25623.1.0.103321	Medium	YaTFTPSvr TFTP Server Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.10286	High	thttpd flaw
1.3.6.1.4.1.25623.1.0.102014	High	NFS export
1.3.6.1.4.1.25623.1.0.10149	High	NetBeans Java IDE
1.3.6.1.4.1.25623.1.0.10141	High	MetaInfo servers
1.3.6.1.4.1.25623.1.0.10110	High	iChat
1.3.6.1.4.1.25623.1.0.10091	High	FTPGate traversal
1.3.6.1.4.1.25623.1.0.100899	Medium	Quick Tftp Server Pro Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.10063	High	Eserv traversal
1.3.6.1.4.1.25623.1.0.10057	High	Lotus Domino ?open Vulnerability
1.3.6.1.4.1.25623.1.0.100502	Medium	VMware Products Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.100488	Medium	Samba Symlink Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.10010	High	AliBaba path climbing
1.3.6.1.4.1.25623.1.0.10008	High	WebSite 1.0 buffer overflow