EUVD-2003-0369

Malware in sbrugna...

SUSE CVE-2009-0125

NOTE: this issue has been disputed by the upstream vendor. nasl/naslcrypto2.c in the Nessus Attack Scripting Language library aka libnasl 2.2.11 does not properly check the return value from the OpenSSL DSAdoverify function, which allows remote attackers to bypass validation of the certificate...

Nessus 2.0.x LibNASL Arbitrary Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7664/info Nessus has reported that various flaws have been discovered in the 'libnasl' library used by the Nessus application. As a result, a malicious NASL script may be able to break outside of the established sandbox...

Mandrake Security Advisory MDVSA-2009:271 (libnasl)

The remote host is missing an update to libnasl announced via advisory MDVSA-2009:271. OpenVAS Vulnerability Test $Id: mdksa2009271.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:271 libnasl Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandrake Security Advisory MDVSA-2009:271 (libnasl)

The remote host is missing an update to libnasl announced via advisory MDVSA-2009:271. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

openSUSE Security Update : libnasl (libnasl-451)

This update of libnasl adds missing return value checks for openssl function calls. CVE-2009-0125 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libnasl-451. The text description of this plug...

Fedora 10 : libnasl-2.2.11-3.fc10 / nessus-core-2.2.11-1.fc10 / nessus-libraries-2.2.11-1.fc10 (2009-0577)

Bug 479655 - libnasl: OpenSSL incorrect checks for malformed signatures Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora Core 9 FEDORA-2009-0636 (libnasl)

The remote host is missing an update to libnasl announced via advisory FEDORA-2009-0636. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Fedora 9 : libnasl-2.2.11-3.fc9 / nessus-core-2.2.11-1.fc9 / nessus-libraries-2.2.11-1.fc9 (2009-0636)

The remote Fedora host is missing one or more security updates : nessus-core-2.2.11-1.fc9 : - Sun Nov 23 2008 Andreas Bierfert - 2.2.11-1 - fix 465113 FTBFS nessus-libraries-2.2.11-1.fc9 : - Sun Nov 23 2008 Andreas Bierfert - 2.2.11-1 - version upgrade libnasl-2.2.11-3.fc9 : - Mon Jan 12 2009...

[SECURITY] Fedora 9 Update: libnasl-2.2.11-3.fc9

NASL is a scripting language designed for the Nessus security scanner. Its aim is to allow anyone to write a test for a given security hole in a few minutes, to allow people to share their tests without having to worry about their operating system, and to guarantee everyone that a NASL script can...

openSUSE 10 Security Update : libnasl (libnasl-5943)

This update of libnasl adds missing return value checks for openssl function calls. CVE-2009-0125 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libnasl-5943. The text description of this...

CVE-2009-0125

NOTE: this issue has been disputed by the upstream vendor. nasl/naslcrypto2.c in the Nessus Attack Scripting Language library aka libnasl 2.2.11 does not properly check the return value from the OpenSSL DSAdoverify function, which allows remote attackers to bypass validation of the certificate...

Input validation

DISPUTED NOTE: this issue has been disputed by the upstream vendor. nasl/naslcrypto2.c in the Nessus Attack Scripting Language library aka libnasl 2.2.11 does not properly check the return value from the OpenSSL DSAdoverify function, which allows remote attackers to bypass validation of the...

CVE-2009-0125

Technical details for CVE-2009-0125 are not publicly available in the provided documents. Monitor for updates from upstream and security advisories.

CVE-2009-0125

NOTE: this issue has been disputed by the upstream vendor. nasl/naslcrypto2.c in the Nessus Attack Scripting Language library aka libnasl 2.2.11 does not properly check the return value from the OpenSSL DSAdoverify function, which allows remote attackers to bypass validation of the certificate...

PT-2009-2819 · Tenable +1 · Nessus Attack Scripting Language Library +1

Name of the Vulnerable Software and Affected Versions: Nessus Attack Scripting Language library aka libnasl version 2.2.11 Description: The issue concerns a potential problem in the Nessus Attack Scripting Language library where the return value from the OpenSSL DSA do verify function is not...

Ubuntu 5.04 / 5.10 : libnasl vulnerability (USN-279-1)

Jayesh KS discovered that the naslsplit function in the NASL Nessus Attack Scripting Language library did not check for a zero-length separator argument, which lead to an invalid memory allocation. This library is primarily used in the Nessus security scanner; a remote attacker could exploit this...

CVE-2003-0374

Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus."...

CVE-2003-0374

CVE-2003-0374 describes multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, separate from CVE-2003-0372/0373. The connected records provide concrete details for 0372 (signed integer vulnerability in libnasl allowing local privilege escalation and possible c...

CVE-2003-0374

Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus."...