Holas este es mi primer post en este foro, y mi primera pregunta es que vulneravilidad me recomiendan por seguiridad y facilidad, esto para poder entar como root. seria de gran ayuda si me brindan info sobre como realizar el attack.
Aqui las vulneravilidades:
Apache HTDigest Realm Command Line Argument Buffer Overflow Vulnerability
Apache mod_include Local Buffer Overflow Vulnerability
OpenSSH LoginGraceTime Remote Denial Of Service Vulnerability
OpenSSL ASCII Representation Of Integers Buffer Overflow Vulnerability
OpenSSL ASN.1 Parsing Error Denial Of Service Vulnerability
OpenSSL CBC Error Information Leakage Weakness
OpenSSL Insecure Protocol Negotiation Weakness
OpenSSL Kerberos Enabled SSLv3 Master Key Exchange Buffer Overflow Vulnerability
OpenSSL PKCS Padding RSA Signature Forgery Vulnerability
OpenSSL PRNG Internal State Disclosure Vulnerability
OpenSSL Public Key Processing Denial of Service Vulnerability
OpenSSL SSL_Get_Shared_Ciphers Buffer Overflow Vulnerability
OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability
OpenSSL SSLv2 Null Pointer Dereference Client Denial of Service Vulnerability
OpenSSL SSLv3 Session ID Buffer Overflow Vulnerability
OpenSSL Unseeded Random Number Generator Vulnerability
Sendmail Address Prescan Memory Corruption Vulnerability
Sendmail Aliases Database Regeneration Vulnerability
Sendmail Asynchronous Signal Handling Remote Code Execution Vulnerability
Sendmail check_relay Access Bypassing Vulnerability
Sendmail ETRN Denial of Service Vulnerability
Sendmail File Locking Denial Of Service Vulnerability
Sendmail Header Processing Buffer Overflow Vulnerability
Sendmail Insecure Temporary File Privilege Escalation Vulnerability
Sendmail Long Header Denial Of Service Vulnerability
Sendmail mail.local Vulnerabilities
Sendmail Malformed MIME Message Denial Of Service Vulnerability
Sendmail Milter Remote Denial Of Service Weakness
Sendmail Prescan() Variant Remote Buffer Overrun Vulnerability
Sendmail Ruleset Parsing Buffer Overflow Vulnerability
Sendmail SM_SysLog Remote Memory Leak Denial Of Service Vulnerability
SNMP Remote Access
Univ. Of Washington imapd Buffer Overflow Vulnerabilities
----------------------hasta aqui los Highs-------------------------
Apache AB.C Web Benchmarking Buffer Overflow Vulnerabilities
Apache AB.C Web Benchmarking Buffer Overflow Vulnerability
Apache AB.C Web Benchmarking Read_Connection() Buffer Overflow Vulnerability
Apache Cygwin Directory Traversal Vulnerability
Apache HTAccess LIMIT Directive Bypass Configuration Error Weakness
Apache HTAccess LIMIT Directive Bypass Configuration Error Weakness
Apache HTDigest Insecure Temporary File Vulnerability
Apache HTPasswd Insecure Temporary File Vulnerability
Apache HTTP Server Multiple Vulnerabilities
Apache Mod_Access Access Control Rule Bypass Vulnerability
Apache mod_auth Malformed Password Potential Memory Corruption Vulnerability
Apache Mod_IMAP Referer Cross-Site Scripting Vulnerability
Apache mod_php Global Variables Information Disclosure Weakness
Apache Mod_SSL Log Function Format String Vulnerability
Apache Mod_SSL SSL_Util_UUEncode_Binary Stack Buffer Overflow Vulnerability
Apache mod_userdir Module Information Disclosure Vulnerability
Apache Server Side Include Cross Site Scripting Vulnerability
Apache Utilities Insecure Temporary File Creation Vulnerability
Apache Web Server Multiple Module Local Buffer Overflow Vulnerability
Multiple Apache HTDigest Buffer Overflow Vulnerabilities
Multiple Portable OpenSSH PAM Vulnerabilities
OpenSSH GSSAPI Credential Disclosure Vulnerability
OpenSSH PAM Conversation Memory Scrubbing Weakness
OpenSSH-portable PAM Authentication Remote Information Disclosure Vulnerability
Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
-------------------------hasta aqui los medium-------------------
SMTP without AuthLogin
-------------------------hasta aqui los low------------------------
El escaneo fue realizado con el Shadow Scanner.
Autor