EUVD-2003-0369

Malware in sbrugna...

SUSE CVE-2009-0125

NOTE: this issue has been disputed by the upstream vendor. nasl/naslcrypto2.c in the Nessus Attack Scripting Language library aka libnasl 2.2.11 does not properly check the return value from the OpenSSL DSAdoverify function, which allows remote attackers to bypass validation of the certificate...

Nessus 2.0.x LibNASL Arbitrary Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7664/info Nessus has reported that various flaws have been discovered in the 'libnasl' library used by the Nessus application. As a result, a malicious NASL script may be able to break outside of the established sandbox...

Mandrake Security Advisory MDVSA-2009:271 (libnasl)

The remote host is missing an update to libnasl announced via advisory MDVSA-2009:271. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:271 (libnasl)

The remote host is missing an update to libnasl announced via advisory MDVSA-2009:271. OpenVAS Vulnerability Test $Id: mdksa2009271.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:271 libnasl Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

openSUSE Security Update : libnasl (libnasl-451)

This update of libnasl adds missing return value checks for openssl function calls. CVE-2009-0125 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libnasl-451. The text description of this plug...

Fedora 10 : libnasl-2.2.11-3.fc10 / nessus-core-2.2.11-1.fc10 / nessus-libraries-2.2.11-1.fc10 (2009-0577)

Bug 479655 - libnasl: OpenSSL incorrect checks for malformed signatures Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 9 : libnasl-2.2.11-3.fc9 / nessus-core-2.2.11-1.fc9 / nessus-libraries-2.2.11-1.fc9 (2009-0636)

The remote Fedora host is missing one or more security updates : nessus-core-2.2.11-1.fc9 : - Sun Nov 23 2008 Andreas Bierfert - 2.2.11-1 - fix 465113 FTBFS nessus-libraries-2.2.11-1.fc9 : - Sun Nov 23 2008 Andreas Bierfert - 2.2.11-1 - version upgrade libnasl-2.2.11-3.fc9 : - Mon Jan 12 2009...

Fedora Core 9 FEDORA-2009-0636 (libnasl)

The remote host is missing an update to libnasl announced via advisory FEDORA-2009-0636. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

[SECURITY] Fedora 9 Update: libnasl-2.2.11-3.fc9

NASL is a scripting language designed for the Nessus security scanner. Its aim is to allow anyone to write a test for a given security hole in a few minutes, to allow people to share their tests without having to worry about their operating system, and to guarantee everyone that a NASL script can...

openSUSE 10 Security Update : libnasl (libnasl-5943)

This update of libnasl adds missing return value checks for openssl function calls. CVE-2009-0125 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libnasl-5943. The text description of this...

CVE-2009-0125

NOTE: this issue has been disputed by the upstream vendor. nasl/naslcrypto2.c in the Nessus Attack Scripting Language library aka libnasl 2.2.11 does not properly check the return value from the OpenSSL DSAdoverify function, which allows remote attackers to bypass validation of the certificate...

Input validation

DISPUTED NOTE: this issue has been disputed by the upstream vendor. nasl/naslcrypto2.c in the Nessus Attack Scripting Language library aka libnasl 2.2.11 does not properly check the return value from the OpenSSL DSAdoverify function, which allows remote attackers to bypass validation of the...

CVE-2009-0125

NOTE: this issue has been disputed by the upstream vendor. nasl/naslcrypto2.c in the Nessus Attack Scripting Language library aka libnasl 2.2.11 does not properly check the return value from the OpenSSL DSAdoverify function, which allows remote attackers to bypass validation of the certificate...

CVE-2009-0125

Technical details for CVE-2009-0125 are not publicly available in the provided documents. Monitor for updates from upstream and security advisories.

PT-2009-2819 · Tenable +1 · Nessus Attack Scripting Language Library +1

Name of the Vulnerable Software and Affected Versions: Nessus Attack Scripting Language library aka libnasl version 2.2.11 Description: The issue concerns a potential problem in the Nessus Attack Scripting Language library where the return value from the OpenSSL DSA do verify function is not...

Ubuntu 5.04 / 5.10 : libnasl vulnerability (USN-279-1)

Jayesh KS discovered that the naslsplit function in the NASL Nessus Attack Scripting Language library did not check for a zero-length separator argument, which lead to an invalid memory allocation. This library is primarily used in the Nessus security scanner; a remote attacker could exploit this...

CVE-2003-0374

Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus."...

CVE-2003-0372

Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service core dump and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script...

CVE-2003-0374

Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus."...