NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0052)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

NewStart CGSL CORE 5.04 / MAIN 5.04 : cloud-init Vulnerability (NS-SA-2021-0011)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has cloud-init packages installed that are affected by a vulnerability: - A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure S...

NewStart CGSL MAIN 6.02 : spamassassin Multiple Vulnerabilities (NS-SA-2021-0070)

The remote NewStart CGSL host, running version MAIN 6.02, has spamassassin packages installed that are affected by multiple vulnerabilities: - In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the...

NewStart CGSL CORE 5.04 / MAIN 5.04 : tomcat Multiple Vulnerabilities (NS-SA-2021-0028)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has tomcat packages installed that are affected by multiple vulnerabilities: - When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacke...

NewStart CGSL MAIN 6.02 : linux-firmware Vulnerability (NS-SA-2021-0082)

The remote NewStart CGSL host, running version MAIN 6.02, has linux-firmware packages installed that are affected by a vulnerability: - Improper buffer restriction in some IntelR Wireless BluetoothR products before version 21.110 may allow an unauthenticated user to potentially enable escalation ...

NewStart CGSL MAIN 6.02 : binutils Multiple Vulnerabilities (NS-SA-2021-0090)

The remote NewStart CGSL host, running version MAIN 6.02, has binutils packages installed that are affected by multiple vulnerabilities: - findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a...

NewStart CGSL CORE 5.04 / MAIN 5.04 : spamassassin Vulnerability (NS-SA-2021-0037)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has spamassassin packages installed that are affected by a vulnerability: - In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libuser Multiple Vulnerabilities (NS-SA-2021-0044)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libuser packages installed that are affected by multiple vulnerabilities: - libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which...

NewStart CGSL MAIN 6.02 : file-roller Multiple Vulnerabilities (NS-SA-2021-0068)

The remote NewStart CGSL host, running version MAIN 6.02, has file-roller packages installed that are affected by multiple vulnerabilities: - An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly...

NewStart CGSL MAIN 6.02 : gnutls Vulnerability (NS-SA-2021-0074)

The remote NewStart CGSL host, running version MAIN 6.02, has gnutls packages installed that are affected by a vulnerability: - An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with unexpected...

NewStart CGSL MAIN 6.02 : librsvg2 Vulnerability (NS-SA-2021-0065)

The remote NewStart CGSL host, running version MAIN 6.02, has librsvg2 packages installed that are affected by a vulnerability: - In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker...

NewStart CGSL MAIN 6.02 : dnsmasq Multiple Vulnerabilities (NS-SA-2021-0091)

The remote NewStart CGSL host, running version MAIN 6.02, has dnsmasq packages installed that are affected by multiple vulnerabilities: - A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. A...

NewStart CGSL CORE 5.04 / MAIN 5.04 : SDL Multiple Vulnerabilities (NS-SA-2021-0042)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has SDL packages installed that are affected by multiple vulnerabilities: - SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c. CVE-2019-7574...

NewStart CGSL MAIN 6.02 : SDL Multiple Vulnerabilities (NS-SA-2021-0077)

The remote NewStart CGSL host, running version MAIN 6.02, has SDL packages installed that are affected by multiple vulnerabilities: - SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c. CVE-2019-7574 - SDL Simpl...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libvncserver Vulnerability (NS-SA-2021-0005)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libvncserver packages installed that are affected by a vulnerability: - It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploi...

NewStart CGSL MAIN 4.06 : libX11 Vulnerability (NS-SA-2021-0002)

The remote NewStart CGSL host, running version MAIN 4.06, has libX11 packages installed that are affected by a vulnerability: - An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11...

NewStart CGSL CORE 5.04 / MAIN 5.04 : cpio Vulnerability (NS-SA-2021-0043)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has cpio packages installed that are affected by a vulnerability: - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an...

NewStart CGSL MAIN 6.02 : sysstat Vulnerability (NS-SA-2021-0054)

The remote NewStart CGSL host, running version MAIN 6.02, has sysstat packages installed that are affected by a vulnerability: - sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remapstruct in sacommon.c. CVE-2019-16167 Note that Nessus has not tested for this issue but h...

NewStart CGSL CORE 5.04 / MAIN 5.04 : spice-gtk Vulnerability (NS-SA-2021-0039)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has spice-gtk packages installed that are affected by a vulnerability: - Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the...

NewStart CGSL MAIN 6.02 : pcre2 Vulnerability (NS-SA-2021-0070)

The remote NewStart CGSL host, running version MAIN 6.02, has pcre2 packages installed that are affected by a vulnerability: - An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications...