Apache HTTP Server 'mod_http2' Denial-Of-Service Vulnerability - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

EMC Isilon OneFS Privilege Escalation Vulnerability

EMC Isilon OneFS is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Cisco ASA Certificate Authority Enrollment Operation Packet Handling DoS (cisco-sa-20161019-asa-ca)

According to its self-reported version and configuration, the Cisco Adaptive Security Appliance ASA software running on the remote device is affected by a denial of service vulnerability in the Certificate Authority CA feature due to improper handling of packets during the enrollment operation. A...

Juniper Junos SRX Series Upgrade Handling Local Root Authentication Bypass (JSA10753)

According to its self-reported version number, the remote Juniper Junos device is affected by a security bypass vulnerability due to a flaw that is triggered when using the partition option during an upgrade. A local attacker can exploit this to bypass authentication checks and access the root...

ASUS DSL-N55U Router Multiple Vulnerabilities (Jun 2016) - Active Check

ASUS DSL-N55U Router is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WPN-XM Server Stack Multiple Vulnerabilities

WPN-XM Server Stack is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpnxmserverstack:wpnxm"...

F5 Networks BIG-IP : OpenSSH vulnerabilities (SOL6736)

The remote BIG-IP device is missing a patch required by a security advisory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution SOL6736. The text description of this plugin is C F5 Networks...

SUSE SLES11 Security Update : MySQL (SUSE-SU-2015:1177-2) (Logjam)

This update fixes the following security issue : Logjam Attack: mysql uses 512 bit dh groups in SSL bnc934789 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as mu...

Cisco TelePresence ISDN Gateway Command Injection Vulnerability

According to its self-reported version, the remote Cisco TelePresence ISDN Gateway device contains a vulnerability in its web framework, which can allow an authenticated, remote attacker to inject arbitrary commands on the device with root permissions. C Tenable Network Security, Inc...

Cisco TelePresence Server Command Injection Vulnerability

According to the self-reported version, the remote Cisco TelePresence Server contains a vulnerability in its web framework, which can allow an authenticated, remote attacker to inject arbitrary commands on the device with root permissions. C Tenable Network Security, Inc. include"compat.inc"; if...

WSO2 Identity Server multiple vulnerabilities

Hi, WSO2 Identity Server http://wso2.com/products/identity-server/ version 4.5.0/4.6.0/5.0.0 is prone to multiple vulnerabilities, including authentication bypass. Timeline: 09.10.2014 - Vendor notified 22.11.2014 - Vendor confirmed 04.12.2014 - Patches released 25.03.2015 - Bugtraq disclosure...

Novell ZENworks Configuration Management < 11.3.2 Remote Code Execution (intrusive check)

The version of Novell ZENworks Configuration Management ZCM running on the remote host is affected by a remote code execution vulnerability due to improper sanitization of user-supplied input to the 'uid' POST parameter in the /zenworks/UploadServlet script. An unauthenticated, remote attacker ca...

Debian DSA-3243-1 : libxml-libxml-perl - security update

Tilmann Haak from xing.com discovered that XML::LibXML, a Perl interface to the libxml2 library, did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending ...

Oracle Reports Server unauthorized report execution vulnerability-vulnerability warning-the black bar safety net

Affected system: Oracle Reports 9i Oracle Reports 6i 6.0.8.19 Oracle Reports 6i 6.0.8 Oracle Reports 6 Oracle Reports 10g 9.0.4.3.3 Oracle Reports 10g 9.0.4 Oracle Reports 10g 9.0.3 Oracle Reports 10g 9.0.2 Oracle Reports 10g 9.0.1 Oracle Reports 10g 9.0 Description:...

Microsoft Windows not the USB drive overflow vulnerability-vulnerability warning-the black bar safety net

Affected system: Microsoft Windows XP SP2 Microsoft Windows XP SP1 Microsoft Windows Server 2 0 0 3 SP1 Microsoft Windows Server 2 0 0 3 Microsoft Windows ME Microsoft Windows 98se Microsoft Windows 9 8 Microsoft Windows 2000SP4 Microsoft Windows 2000SP3 Microsoft Windows 2000SP2 Microsoft Window...

Fedora 21 : kernel-3.19.4-200.fc21 (2015-6320)

The 3.19.4 stable release contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Juniper Junos Multiple Privilege Escalation Vulnerabilities (JSA10674)

According to its self-reported version number, the remote Juniper Junos device is affected by privilege escalation vulnerabilities due to flaws in various combination of CLI commands and arguments. A local attacker can use these to gain root access to the operating system and thus completely...

Fedora 21 : mongodb-2.4.13-1.fc21 (2015-4197)

Security fix for CVE-2015-1609 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

Fedora 22 : xerces-c-3.1.2-1.fc22 (2015-4226)

Update to xerces-c 3.1.2, fixing CVE-2015-0252. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Debian DLA-47-1 : lua5.1 security update

Fix stack overflow in vararg functions. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...