NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2021-0051)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable...

NewStart CGSL CORE 5.04 / MAIN 5.04 : freerdp Multiple Vulnerabilities (NS-SA-2021-0047)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has freerdp packages installed that are affected by multiple vulnerabilities: - In FreeRDP greater than 1.2 and before 2.0.0, a double free in updatereadcachebitmapv3order crashes the client application if corrupted data from a...

NewStart CGSL CORE 5.04 / MAIN 5.04 : python-rtslib Vulnerability (NS-SA-2021-0045)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-rtslib packages installed that are affected by a vulnerability: - Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile instead of shutil.copy is used, and...

NewStart CGSL MAIN 6.02 : dotnet3.1 Vulnerability (NS-SA-2021-0078)

The remote NewStart CGSL host, running version MAIN 6.02, has dotnet3.1 packages installed that are affected by a vulnerability: - A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie...

NewStart CGSL MAIN 6.02 : dovecot Multiple Vulnerabilities (NS-SA-2021-0077)

The remote NewStart CGSL host, running version MAIN 6.02, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead t...

NewStart CGSL MAIN 6.02 : oniguruma Vulnerability (NS-SA-2021-0067)

The remote NewStart CGSL host, running version MAIN 6.02, has oniguruma packages installed that are affected by a vulnerability: - A NULL Pointer Dereference in matchat in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expressio...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2021-0030)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic...

NewStart CGSL CORE 5.04 / MAIN 5.04 : targetcli Vulnerability (NS-SA-2021-0044)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has targetcli packages installed that are affected by a vulnerability: - Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target and for the backup directory and backup files. CVE-2020-13867 Note that Nessus...

NewStart CGSL CORE 5.04 / MAIN 5.04 : dovecot Multiple Vulnerabilities (NS-SA-2021-0041)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource...

NewStart CGSL MAIN 6.02 : postgresql-jdbc Vulnerability (NS-SA-2021-0087)

The remote NewStart CGSL host, running version MAIN 6.02, has postgresql-jdbc packages installed that are affected by a vulnerability: - PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 Note that Nessus has not tested for this issue but has instead relied only on the...

NewStart CGSL MAIN 6.02 : oddjob Vulnerability (NS-SA-2021-0063)

The remote NewStart CGSL host, running version MAIN 6.02, has oddjob packages installed that are affected by a vulnerability: - A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies...

NewStart CGSL CORE 5.04 / MAIN 5.04 : python-pillow Vulnerability (NS-SA-2021-0038)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-pillow packages installed that are affected by a vulnerability: - libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. CVE-2020-5313 Note that Nessus has not tested for this issue but has instead...

NewStart CGSL MAIN 6.02 : dbus Vulnerability (NS-SA-2021-0052)

The remote NewStart CGSL host, running version MAIN 6.02, has dbus packages installed that are affected by a vulnerability: - An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus- daemon, leaks file descriptors when a message exceeds the per-message...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libsolv Multiple Vulnerabilities (NS-SA-2021-0014)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libsolv packages installed that are affected by multiple vulnerabilities: - There is a NULL pointer dereference at ext/testcase.c function testcaseread in libsolvext.a in libsolv through 0.7.2 that will cause a denial of...

NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2021-0086)

The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple vulnerabilities: - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggest...

NewStart CGSL MAIN 6.02 : edk2 Vulnerability (NS-SA-2021-0058)

The remote NewStart CGSL host, running version MAIN 6.02, has edk2 packages installed that are affected by a vulnerability: - Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access. CVE-2019-14559 Note that Nessus h...

NewStart CGSL MAIN 6.02 : libexif Multiple Vulnerabilities (NS-SA-2021-0068)

The remote NewStart CGSL host, running version MAIN 6.02, has libexif packages installed that are affected by multiple vulnerabilities: - In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider...

NewStart CGSL MAIN 6.02 : opensc Multiple Vulnerabilities (NS-SA-2021-0080)

The remote NewStart CGSL host, running version MAIN 6.02, has opensc packages installed that are affected by multiple vulnerabilities: - OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1decodeentry in libopensc/asn1.c. CVE-2019-15946 - OpenSC before 0.20.0-rc1...

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0065)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This...

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0052)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...