Auditorías de Seguridad / Evaluación de vulnerabilidades de SecuritySpace

Categoría: Remote file access

ID # Riesgo Título de la Prueba

1.3.6.1.4.1.25623.1.0.902271 Alto WinTFTP Server Pro Remote Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.900720 Alto AVG AntiVirus Engine Malware Detection Bypass Vulnerability - Linux

1.3.6.1.4.1.25623.1.0.900719 Alto AVG AntiVirus Engine Malware Detection Bypass Vulnerability - Windows

1.3.6.1.4.1.25623.1.0.900685 Alto Samba Format String Vulnerability

1.3.6.1.4.1.25623.1.0.900174 Alto Visagesoft eXPert PDF Viewer ActiveX Control File Overwrite Vulnerability

1.3.6.1.4.1.25623.1.0.802623 Medio Distinct TFTP Server <= 3.01 Directory Traversal Vulnerability - Active Check

1.3.6.1.4.1.25623.1.0.802405 Alto Ipswitch TFTP Server Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.802027 Medio Avaya IP Office Manager TFTP Server Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.801965 Alto CiscoKits TFTP Server Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.801543 Alto AT TFTP Server Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.80081 Alto Sambar Default Accounts

1.3.6.1.4.1.25623.1.0.800404 Alto Samba Root File System Access Security Vulnerability

1.3.6.1.4.1.25623.1.0.80028 Alto User Mountable NFS shares

1.3.6.1.4.1.25623.1.0.80016 Alto Kiwi CatTools < 3.2.9 Directory Traversal

1.3.6.1.4.1.25623.1.0.56899 Medio RaidenHTTP arbitrary file disclosure

1.3.6.1.4.1.25623.1.0.56898 Medio RaidenHTTP script source disclosure

1.3.6.1.4.1.25623.1.0.52027 Medio CommuniGate Pro Webmail File Disclosure

1.3.6.1.4.1.25623.1.0.52024 Alto CommuniGate Pro Webmail File Disclosure(2)

1.3.6.1.4.1.25623.1.0.51909 Medio Icecast Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.51866 Alto MySQL database has a user with no password

1.3.6.1.4.1.25623.1.0.51790 Alto RaidenHTTP buffer overflow

1.3.6.1.4.1.25623.1.0.51786 Medio BadBlue Connections denial of service

1.3.6.1.4.1.25623.1.0.51785 Alto BadBlue ext.dll buffer overflow

1.3.6.1.4.1.25623.1.0.51784 Alto BadBlue administrative access vulnerability

1.3.6.1.4.1.25623.1.0.51783 Alto BadBlue administrative access vulnerability

1.3.6.1.4.1.25623.1.0.51677 Medio Viking directory traversal

1.3.6.1.4.1.25623.1.0.50205 Alto PhotoPost Pro Cross Site Scripting/SQL injection

1.3.6.1.4.1.25623.1.0.50204 Alto ReviewPost Pro Cross Site Scripting/SQL injection

1.3.6.1.4.1.25623.1.0.50203 Medio QwikiWiki Directory Traversal vulnerability

1.3.6.1.4.1.25623.1.0.200001 Alto Kiwi CatTools < 3.2.9 Directory Traversal

1.3.6.1.4.1.25623.1.0.19510 Alto TFTP directory permissions (HP Ignite-UX)

1.3.6.1.4.1.25623.1.0.19509 Alto TFTP file detection (HP Ignite-UX passwd)

1.3.6.1.4.1.25623.1.0.19508 Medio TFTP file detection (HP Ignite-UX)

1.3.6.1.4.1.25623.1.0.19507 Medio TFTP file detection (Cisco CallManager)

1.3.6.1.4.1.25623.1.0.18262 Alto TFTP Directory Traversal Vulnerabilities - Active Check

1.3.6.1.4.1.25623.1.0.17342 Medio TFTP file detection (Cisco IOS)

1.3.6.1.4.1.25623.1.0.17341 Medio TFTP file detection (Cisco IOS CA)

1.3.6.1.4.1.25623.1.0.16142 Medio IlohaMail Readable Configuration Files

1.3.6.1.4.1.25623.1.0.16137 Medio Simple PHP Blog dir traversal

1.3.6.1.4.1.25623.1.0.15984 Alto User Mountable NFS shares

1.3.6.1.4.1.25623.1.0.15394 Alto Samba Remote Arbitrary File Access

1.3.6.1.4.1.25623.1.0.14800 Medio Apache Subversion Information Disclosure Vulnerability (Nov 2005)

1.3.6.1.4.1.25623.1.0.14631 Medio IlohaMail Arbitrary File Access via Session Variable Vulnerability

1.3.6.1.4.1.25623.1.0.14630 Medio IlohaMail Arbitrary File Access via Language Variable

1.3.6.1.4.1.25623.1.0.14354 Medio Music Daemon <= 0.0.3 File Disclosure Vulnerability

1.3.6.1.4.1.25623.1.0.14353 Medio Music Daemon Denial of Service

1.3.6.1.4.1.25623.1.0.14241 Medio 4D WebStar Symbolic Link Vulnerability

1.3.6.1.4.1.25623.1.0.14229 Medio thttpd Directory Traversal Vulnerability (CVE-2004-2628) - Windows

1.3.6.1.4.1.25623.1.0.13848 Medio Subversion < 1.0.6 Module File Restriction Bypass

1.3.6.1.4.1.25623.1.0.12284 Alto Subversion < 1.0.5 SVN Protocol Parser Remote Integer Overflow

1.3.6.1.4.1.25623.1.0.12261 Alto Subversion remote Buffer Overflow

1.3.6.1.4.1.25623.1.0.12260 Alto Subversion Pre-Commit-Hook Vulnerability

1.3.6.1.4.1.25623.1.0.12259 Bajo Subversion Detection

1.3.6.1.4.1.25623.1.0.12254 Medio IMAP arbitrary file retrieval

1.3.6.1.4.1.25623.1.0.12246 Alto Firebird DB remote buffer overflow

1.3.6.1.4.1.25623.1.0.12230 Alto rsync path traversal

1.3.6.1.4.1.25623.1.0.12105 Medio Use LDAP search request to retrieve information from NT Directory Services

1.3.6.1.4.1.25623.1.0.11988 Alto FSP Suite Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.11948 Alto Avotus CDR mm File Retrieval Attempt

1.3.6.1.4.1.25623.1.0.11914 Medio TheServer clear text password

1.3.6.1.4.1.25623.1.0.11909 Medio Apache2 double slash dir index

1.3.6.1.4.1.25623.1.0.11716 Alto Misconfigured Gnutella

1.3.6.1.4.1.25623.1.0.11656 Medio Eserv Directory Index

1.3.6.1.4.1.25623.1.0.11586 Alto FileMakerPro Detection

1.3.6.1.4.1.25623.1.0.11576 Alto thttpd directory traversal thru Host:

1.3.6.1.4.1.25623.1.0.11504 Alto MultiTech Proxy Server Default Password

1.3.6.1.4.1.25623.1.0.11493 Medio Sambar Default Accounts

1.3.6.1.4.1.25623.1.0.11481 Alto mod_auth_any command execution

1.3.6.1.4.1.25623.1.0.11480 Alto 3com RAS 1500 configuration disclosure

1.3.6.1.4.1.25623.1.0.11419 Otro Office files list

1.3.6.1.4.1.25623.1.0.11386 Alto Lotus Domino 6.0 vulnerabilities

1.3.6.1.4.1.25623.1.0.11358 Alto The remote portmapper forwards NFS requests

1.3.6.1.4.1.25623.1.0.11357 Alto NFS cd ..

1.3.6.1.4.1.25623.1.0.11356 Alto Mountable NFS shares

1.3.6.1.4.1.25623.1.0.11353 Alto NFS fsirand

1.3.6.1.4.1.25623.1.0.11210 Alto Apache < 2.0.44 file reading on Win32

1.3.6.1.4.1.25623.1.0.11005 Alto LocalWeb2000 <= 2.1.0 Multiple Vulnerabilities

1.3.6.1.4.1.25623.1.0.10805 Alto Informix traversal

1.3.6.1.4.1.25623.1.0.10706 Medio McAfee myCIO Directory Traversal

1.3.6.1.4.1.25623.1.0.106920 Alto HP Printers Arbitrary Code Execution Vulnerability

1.3.6.1.4.1.25623.1.0.10691 Alto Netscape Enterprise INDEX request problem

1.3.6.1.4.1.25623.1.0.10683 Alto iPlanet Certificate Management Traversal

1.3.6.1.4.1.25623.1.0.10680 Alto Microsoft Internet Information Services (IIS) Source Fragment Disclosure

1.3.6.1.4.1.25623.1.0.105957 Alto DSS TFTP Server <= 1.0 Path Traversal Vulnerability - Active Check

1.3.6.1.4.1.25623.1.0.10536 Alto Anaconda remote file retrieval

1.3.6.1.4.1.25623.1.0.10533 Medio Web Shopper Remote File Retrieval Vulnerability - Active Check

1.3.6.1.4.1.25623.1.0.10532 Medio eXtropia Web Store Remote File Retrieval Vulnerability - Active Check

1.3.6.1.4.1.25623.1.0.10527 Medio Boa file retrieval

1.3.6.1.4.1.25623.1.0.10523 Alto thttpd ssi file retrieval

1.3.6.1.4.1.25623.1.0.10469 Alto ipop2d reads arbitrary files

1.3.6.1.4.1.25623.1.0.10454 Alto sawmill password

1.3.6.1.4.1.25623.1.0.10453 Medio sawmill allows the reading of the first line of any file

1.3.6.1.4.1.25623.1.0.10408 Alto Insecure Napster clone

1.3.6.1.4.1.25623.1.0.10382 Alto Atrium Mercur Mailserver

1.3.6.1.4.1.25623.1.0.10355 Medio vqServer web traversal vulnerability

1.3.6.1.4.1.25623.1.0.10351 Alto The ACC router shows configuration without authentication

1.3.6.1.4.1.25623.1.0.103321 Medio YaTFTPSvr TFTP Server Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.10286 Alto thttpd flaw

1.3.6.1.4.1.25623.1.0.102014 Alto NFS export

1.3.6.1.4.1.25623.1.0.10149 Alto NetBeans Java IDE

1.3.6.1.4.1.25623.1.0.10141 Alto MetaInfo servers

1.3.6.1.4.1.25623.1.0.10110 Alto iChat

1.3.6.1.4.1.25623.1.0.10091 Alto FTPGate traversal

1.3.6.1.4.1.25623.1.0.100899 Medio Quick Tftp Server Pro Directory Traversal Vulnerability - Active Check

1.3.6.1.4.1.25623.1.0.10063 Alto Eserv traversal

1.3.6.1.4.1.25623.1.0.10057 Alto Lotus Domino ?open Vulnerability

1.3.6.1.4.1.25623.1.0.100502 Medio VMware Products Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.100488 Medio Samba Symlink Directory Traversal Vulnerability

1.3.6.1.4.1.25623.1.0.10010 Alto AliBaba path climbing

1.3.6.1.4.1.25623.1.0.10008 Alto WebSite 1.0 buffer overflow

ID #	Riesgo	Título de la Prueba
1.3.6.1.4.1.25623.1.0.902271	Alto	WinTFTP Server Pro Remote Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.900720	Alto	AVG AntiVirus Engine Malware Detection Bypass Vulnerability - Linux
1.3.6.1.4.1.25623.1.0.900719	Alto	AVG AntiVirus Engine Malware Detection Bypass Vulnerability - Windows
1.3.6.1.4.1.25623.1.0.900685	Alto	Samba Format String Vulnerability
1.3.6.1.4.1.25623.1.0.900174	Alto	Visagesoft eXPert PDF Viewer ActiveX Control File Overwrite Vulnerability
1.3.6.1.4.1.25623.1.0.802623	Medio	Distinct TFTP Server <= 3.01 Directory Traversal Vulnerability - Active Check
1.3.6.1.4.1.25623.1.0.802405	Alto	Ipswitch TFTP Server Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.802027	Medio	Avaya IP Office Manager TFTP Server Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.801965	Alto	CiscoKits TFTP Server Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.801543	Alto	AT TFTP Server Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.80081	Alto	Sambar Default Accounts
1.3.6.1.4.1.25623.1.0.800404	Alto	Samba Root File System Access Security Vulnerability
1.3.6.1.4.1.25623.1.0.80028	Alto	User Mountable NFS shares
1.3.6.1.4.1.25623.1.0.80016	Alto	Kiwi CatTools < 3.2.9 Directory Traversal
1.3.6.1.4.1.25623.1.0.56899	Medio	RaidenHTTP arbitrary file disclosure
1.3.6.1.4.1.25623.1.0.56898	Medio	RaidenHTTP script source disclosure
1.3.6.1.4.1.25623.1.0.52027	Medio	CommuniGate Pro Webmail File Disclosure
1.3.6.1.4.1.25623.1.0.52024	Alto	CommuniGate Pro Webmail File Disclosure(2)
1.3.6.1.4.1.25623.1.0.51909	Medio	Icecast Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.51866	Alto	MySQL database has a user with no password
1.3.6.1.4.1.25623.1.0.51790	Alto	RaidenHTTP buffer overflow
1.3.6.1.4.1.25623.1.0.51786	Medio	BadBlue Connections denial of service
1.3.6.1.4.1.25623.1.0.51785	Alto	BadBlue ext.dll buffer overflow
1.3.6.1.4.1.25623.1.0.51784	Alto	BadBlue administrative access vulnerability
1.3.6.1.4.1.25623.1.0.51783	Alto	BadBlue administrative access vulnerability
1.3.6.1.4.1.25623.1.0.51677	Medio	Viking directory traversal
1.3.6.1.4.1.25623.1.0.50205	Alto	PhotoPost Pro Cross Site Scripting/SQL injection
1.3.6.1.4.1.25623.1.0.50204	Alto	ReviewPost Pro Cross Site Scripting/SQL injection
1.3.6.1.4.1.25623.1.0.50203	Medio	QwikiWiki Directory Traversal vulnerability
1.3.6.1.4.1.25623.1.0.200001	Alto	Kiwi CatTools < 3.2.9 Directory Traversal
1.3.6.1.4.1.25623.1.0.19510	Alto	TFTP directory permissions (HP Ignite-UX)
1.3.6.1.4.1.25623.1.0.19509	Alto	TFTP file detection (HP Ignite-UX passwd)
1.3.6.1.4.1.25623.1.0.19508	Medio	TFTP file detection (HP Ignite-UX)
1.3.6.1.4.1.25623.1.0.19507	Medio	TFTP file detection (Cisco CallManager)
1.3.6.1.4.1.25623.1.0.18262	Alto	TFTP Directory Traversal Vulnerabilities - Active Check
1.3.6.1.4.1.25623.1.0.17342	Medio	TFTP file detection (Cisco IOS)
1.3.6.1.4.1.25623.1.0.17341	Medio	TFTP file detection (Cisco IOS CA)
1.3.6.1.4.1.25623.1.0.16142	Medio	IlohaMail Readable Configuration Files
1.3.6.1.4.1.25623.1.0.16137	Medio	Simple PHP Blog dir traversal
1.3.6.1.4.1.25623.1.0.15984	Alto	User Mountable NFS shares
1.3.6.1.4.1.25623.1.0.15394	Alto	Samba Remote Arbitrary File Access
1.3.6.1.4.1.25623.1.0.14800	Medio	Apache Subversion Information Disclosure Vulnerability (Nov 2005)
1.3.6.1.4.1.25623.1.0.14631	Medio	IlohaMail Arbitrary File Access via Session Variable Vulnerability
1.3.6.1.4.1.25623.1.0.14630	Medio	IlohaMail Arbitrary File Access via Language Variable
1.3.6.1.4.1.25623.1.0.14354	Medio	Music Daemon <= 0.0.3 File Disclosure Vulnerability
1.3.6.1.4.1.25623.1.0.14353	Medio	Music Daemon Denial of Service
1.3.6.1.4.1.25623.1.0.14241	Medio	4D WebStar Symbolic Link Vulnerability
1.3.6.1.4.1.25623.1.0.14229	Medio	thttpd Directory Traversal Vulnerability (CVE-2004-2628) - Windows
1.3.6.1.4.1.25623.1.0.13848	Medio	Subversion < 1.0.6 Module File Restriction Bypass
1.3.6.1.4.1.25623.1.0.12284	Alto	Subversion < 1.0.5 SVN Protocol Parser Remote Integer Overflow
1.3.6.1.4.1.25623.1.0.12261	Alto	Subversion remote Buffer Overflow
1.3.6.1.4.1.25623.1.0.12260	Alto	Subversion Pre-Commit-Hook Vulnerability
1.3.6.1.4.1.25623.1.0.12259	Bajo	Subversion Detection
1.3.6.1.4.1.25623.1.0.12254	Medio	IMAP arbitrary file retrieval
1.3.6.1.4.1.25623.1.0.12246	Alto	Firebird DB remote buffer overflow
1.3.6.1.4.1.25623.1.0.12230	Alto	rsync path traversal
1.3.6.1.4.1.25623.1.0.12105	Medio	Use LDAP search request to retrieve information from NT Directory Services
1.3.6.1.4.1.25623.1.0.11988	Alto	FSP Suite Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.11948	Alto	Avotus CDR mm File Retrieval Attempt
1.3.6.1.4.1.25623.1.0.11914	Medio	TheServer clear text password
1.3.6.1.4.1.25623.1.0.11909	Medio	Apache2 double slash dir index
1.3.6.1.4.1.25623.1.0.11716	Alto	Misconfigured Gnutella
1.3.6.1.4.1.25623.1.0.11656	Medio	Eserv Directory Index
1.3.6.1.4.1.25623.1.0.11586	Alto	FileMakerPro Detection
1.3.6.1.4.1.25623.1.0.11576	Alto	thttpd directory traversal thru Host:
1.3.6.1.4.1.25623.1.0.11504	Alto	MultiTech Proxy Server Default Password
1.3.6.1.4.1.25623.1.0.11493	Medio	Sambar Default Accounts
1.3.6.1.4.1.25623.1.0.11481	Alto	mod_auth_any command execution
1.3.6.1.4.1.25623.1.0.11480	Alto	3com RAS 1500 configuration disclosure
1.3.6.1.4.1.25623.1.0.11419	Otro	Office files list
1.3.6.1.4.1.25623.1.0.11386	Alto	Lotus Domino 6.0 vulnerabilities
1.3.6.1.4.1.25623.1.0.11358	Alto	The remote portmapper forwards NFS requests
1.3.6.1.4.1.25623.1.0.11357	Alto	NFS cd ..
1.3.6.1.4.1.25623.1.0.11356	Alto	Mountable NFS shares
1.3.6.1.4.1.25623.1.0.11353	Alto	NFS fsirand
1.3.6.1.4.1.25623.1.0.11210	Alto	Apache < 2.0.44 file reading on Win32
1.3.6.1.4.1.25623.1.0.11005	Alto	LocalWeb2000 <= 2.1.0 Multiple Vulnerabilities
1.3.6.1.4.1.25623.1.0.10805	Alto	Informix traversal
1.3.6.1.4.1.25623.1.0.10706	Medio	McAfee myCIO Directory Traversal
1.3.6.1.4.1.25623.1.0.106920	Alto	HP Printers Arbitrary Code Execution Vulnerability
1.3.6.1.4.1.25623.1.0.10691	Alto	Netscape Enterprise INDEX request problem
1.3.6.1.4.1.25623.1.0.10683	Alto	iPlanet Certificate Management Traversal
1.3.6.1.4.1.25623.1.0.10680	Alto	Microsoft Internet Information Services (IIS) Source Fragment Disclosure
1.3.6.1.4.1.25623.1.0.105957	Alto	DSS TFTP Server <= 1.0 Path Traversal Vulnerability - Active Check
1.3.6.1.4.1.25623.1.0.10536	Alto	Anaconda remote file retrieval
1.3.6.1.4.1.25623.1.0.10533	Medio	Web Shopper Remote File Retrieval Vulnerability - Active Check
1.3.6.1.4.1.25623.1.0.10532	Medio	eXtropia Web Store Remote File Retrieval Vulnerability - Active Check
1.3.6.1.4.1.25623.1.0.10527	Medio	Boa file retrieval
1.3.6.1.4.1.25623.1.0.10523	Alto	thttpd ssi file retrieval
1.3.6.1.4.1.25623.1.0.10469	Alto	ipop2d reads arbitrary files
1.3.6.1.4.1.25623.1.0.10454	Alto	sawmill password
1.3.6.1.4.1.25623.1.0.10453	Medio	sawmill allows the reading of the first line of any file
1.3.6.1.4.1.25623.1.0.10408	Alto	Insecure Napster clone
1.3.6.1.4.1.25623.1.0.10382	Alto	Atrium Mercur Mailserver
1.3.6.1.4.1.25623.1.0.10355	Medio	vqServer web traversal vulnerability
1.3.6.1.4.1.25623.1.0.10351	Alto	The ACC router shows configuration without authentication
1.3.6.1.4.1.25623.1.0.103321	Medio	YaTFTPSvr TFTP Server Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.10286	Alto	thttpd flaw
1.3.6.1.4.1.25623.1.0.102014	Alto	NFS export
1.3.6.1.4.1.25623.1.0.10149	Alto	NetBeans Java IDE
1.3.6.1.4.1.25623.1.0.10141	Alto	MetaInfo servers
1.3.6.1.4.1.25623.1.0.10110	Alto	iChat
1.3.6.1.4.1.25623.1.0.10091	Alto	FTPGate traversal
1.3.6.1.4.1.25623.1.0.100899	Medio	Quick Tftp Server Pro Directory Traversal Vulnerability - Active Check
1.3.6.1.4.1.25623.1.0.10063	Alto	Eserv traversal
1.3.6.1.4.1.25623.1.0.10057	Alto	Lotus Domino ?open Vulnerability
1.3.6.1.4.1.25623.1.0.100502	Medio	VMware Products Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.100488	Medio	Samba Symlink Directory Traversal Vulnerability
1.3.6.1.4.1.25623.1.0.10010	Alto	AliBaba path climbing
1.3.6.1.4.1.25623.1.0.10008	Alto	WebSite 1.0 buffer overflow