#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(122403);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/03/27");
script_name(english:"Operating System Unsupported Version Detection in banner reporting (PCI-DSS check)");
script_summary(english:"Checks banners for vulnerable OS levels");
script_set_attribute(
attribute:"synopsis",
value:
"The OS version reported in banners possesses one or more
vulnerabilities."
);
script_set_attribute(
attribute:"description",
value:
"A service banner response from the remote host indicates an
operating system install at a level that indicates the operating
system running on the remote host is no longer supported.
Lack of support implies that no new security patches for the product
will be released by the vendor. As a result, it is likely to contain
security vulnerabilities.
This plugin only runs when 'Check for PCI-DSS compliance' is enabled
in the scan policy. It does not run if local security checks are
enabled. It runs off of self-reported OS versions in banners and
fingerprinting."
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade to a version of the operating system that is currently
supported."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
script_set_attribute(attribute:"cvss_score_source", value:"manual");
script_set_attribute(attribute:"cvss_score_rationale", value:"Default unsupported software score.");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/22");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"unsupported_by_vendor", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Web Servers");
script_copyright(english:"This script is Copyright (C) 2019-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("find_service2.nasl", "os_fingerprint.nasl");
script_require_keys("Settings/PCI_DSS");
script_exclude_keys("Host/local_checks_enabled", "Host/OS/obsolete");
exit(0);
}
include("os_eol.inc");
include("lists.inc");
if (!get_kb_item("Settings/PCI_DSS")) audit(AUDIT_PCI);
if (get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are enabled.");
if (get_kb_item("Host/OS/obsolete")) exit(0, "unsupported_operating_system.nasl has already successfully run.");
# Check all relevant banner KBs
var banners = get_kb_list("*/banner/*");
var host_os = get_kb_item("Host/OS");
if (isnull(banners)) exit(0, "Relevant banners are not present for this scan.");
# Determine if a supported OS version is present in the banners and extract it
var port = 0;
var version = NULL;
var os = NULL;
var regex_list = [
"(CentOS) release (\d+(?:\.\d+)*)",
"(FreeBSD)(?:\s*|\/)(\d+\.\d+)-RELEASE",
"(VMware) ESX Server (\di?) (\d.\d)",
"(Ubuntu) (\d+\.\d+) \(\w+\)",
"(Fedora) release (\d+)"
];
var banner_kb, banner_value, regex, os_version, portmatch;
foreach banner_kb (sort(keys(banners)))
{
banner_value = banners[banner_kb];
foreach regex (regex_list)
{
os_version = pregmatch(string:banner_value, pattern:regex, icase:TRUE);
if(!isnull(os_version))
{
os = os_version[1];
version = os_version[2];
# Individual fixes for specific OSes
if (tolower(os) == "vmware")
{
version = "ESX";
if (os_version[2] =~ "i$")
{
version += "i";
}
version += " " + os_version[3];
}
# Try and extract port from banner_kb
portmatch = pregmatch(pattern:"\/(\d+)(?:\/|$)", string:banner_kb);
if (portmatch)
{
port = portmatch[1];
}
break;
}
}
}
if (isnull(version) || isnull(os))
{
exit(0, "Unable to find OS version strings in banner(s).");
}
var report = 'OS version: ' + os + ' ' + version +
'\nVulnerabilities potentially exist associated with potentially\n' +
'unpatched fixes.\n';
var os_copy = os;
os = tolower(os);
var eol, version_split, eol_date, supported_levels;
if (os == 'centos')
{
eol = _centos_eol;
version_split = split(version, sep:'.', keep:0);
version = version_split[0];
}
if (os == 'fedora')
{
eol = _fedora_eol;
}
if (os == 'freebsd')
{
eol = _freebsd_eol;
}
if (os == 'ubuntu')
{
eol = _ubuntu_eol;
}
if (os == 'vmware')
{
eol = _vmware_eol;
}
if (isnull(eol[version]))
{
exit(0, "The remote host's operating system " + os_copy + " version " + version + " is still supported.");
}
else
{
eol_date = eol[version];
supported_levels = _latest_supported[os_copy];
report = 'Operating System: ' + os_copy + '\n';
report += 'Version: ' + version + '\n';
report += 'End of support date: ' + eol_date + '\n';
report += 'Currently supported OS versions: ' + supported_levels + '\n';
security_report_v4(
port : port,
severity : SECURITY_HOLE,
extra : report
);
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation