Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.104036
Category:Nmap NSE net
Title:Nmap NSE net: citrix-brute-xml
Summary:Attempts to guess valid credentials for the Citrix PN Web Agent XML Service. The XML service;authenticates against the local Windows server or the Active Directory.;;This script makes no attempt of preventing account lockout. If the password list contains more;passwords than the lockout-threshold accounts will be locked.;;SYNTAX:;;userdb: The filename of an alternate username database.;;unpwdb.passlimit: The maximum number of passwords;'passwords' will return (default unlimited).;;passdb: The filename of an alternate password database.;;unpwdb.userlimit: The maximum number of usernames;'usernames' will return (default unlimited).;;unpwdb.timelimit: The maximum amount of time that any iterator will run;before stopping. The value is in seconds by default and you can follow it;with 'ms', 's', 'm', or 'h' for;milliseconds, seconds, minutes, or hours. For example,;'unpwdb.timelimit=30m' or 'unpwdb.timelimit=.5h' for;30 minutes. The default depends on the timing template level (see the module;description). Use the value '0' to disable the time limit.
Description:Summary:
Attempts to guess valid credentials for the Citrix PN Web Agent XML Service. The XML service
authenticates against the local Windows server or the Active Directory.

This script makes no attempt of preventing account lockout. If the password list contains more
passwords than the lockout-threshold accounts will be locked.

SYNTAX:

userdb: The filename of an alternate username database.

unpwdb.passlimit: The maximum number of passwords
'passwords' will return (default unlimited).

passdb: The filename of an alternate password database.

unpwdb.userlimit: The maximum number of usernames
'usernames' will return (default unlimited).

unpwdb.timelimit: The maximum amount of time that any iterator will run
before stopping. The value is in seconds by default and you can follow it
with 'ms', 's', 'm', or 'h' for
milliseconds, seconds, minutes, or hours. For example,
'unpwdb.timelimit=30m' or 'unpwdb.timelimit=.5h' for
30 minutes. The default depends on the timing template level (see the module
description). Use the value '0' to disable the time limit.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

CopyrightCopyright (C) 2011 NSE-Script: The Nmap Security Scanner; NASL-Wrapper: Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.