NewStart CGSL CORE 5.05 / MAIN 5.05 : libqb Vulnerability (NS-SA-2020-0088)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libqb packages installed that are affected by a vulnerability: - libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames under /dev/shm and /tmp without...

NewStart CGSL CORE 5.04 / MAIN 5.04 : okular Vulnerability (NS-SA-2020-0076)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has okular packages installed that are affected by a vulnerability: - okular version 18.08 and earlier contains a Directory Traversal vulnerability in function unpackDocumentArchive... in core/document.cpp that can result in...

NewStart CGSL CORE 5.04 / MAIN 5.04 : gnome-shell Vulnerability (NS-SA-2020-0066)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gnome-shell packages installed that are affected by a vulnerability: - It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical...

NewStart CGSL CORE 5.05 / MAIN 5.05 : python-virtualenv Multiple Vulnerabilities (NS-SA-2020-0118)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-virtualenv packages installed that are affected by multiple vulnerabilities: - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. CVE-2019-112...

NewStart CGSL CORE 5.05 / MAIN 5.05 : lftp Vulnerability (NS-SA-2020-0103)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has lftp packages installed that are affected by a vulnerability: - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local...

NewStart CGSL CORE 5.05 / MAIN 5.05 : cups Multiple Vulnerabilities (NS-SA-2020-0102)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cups packages installed that are affected by multiple vulnerabilities: - In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. CVE-2018-4180, CVE-2018-418...

NewStart CGSL CORE 5.04 / MAIN 5.04 : tomcat Vulnerability (NS-SA-2020-0055)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has tomcat packages installed that are affected by a vulnerability: - When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the...

NewStart CGSL CORE 5.04 / MAIN 5.04 : evolution Vulnerability (NS-SA-2020-0062)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has evolution packages installed that are affected by a vulnerability: - GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid...

NewStart CGSL CORE 5.04 / MAIN 5.04 : php Multiple Vulnerabilities (NS-SA-2020-0059)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has php packages installed that are affected by multiple vulnerabilities: - In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HT...

NewStart CGSL CORE 5.05 / MAIN 5.05 : taglib Vulnerability (NS-SA-2020-0086)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has taglib packages installed that are affected by a vulnerability: - The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer...

NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2020-0064)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities: - Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after- free. We are aware of targeted attacks in...

NewStart CGSL CORE 5.05 / MAIN 5.05 : ksh Vulnerability (NS-SA-2020-0093)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ksh packages installed that are affected by a vulnerability: - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environme...

NewStart CGSL CORE 5.04 / MAIN 5.04 : samba Multiple Vulnerabilities (NS-SA-2020-0072)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has samba packages installed that are affected by multiple vulnerabilities: - A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set i...

NewStart CGSL CORE 5.04 / MAIN 5.04 : mod_auth_mellon Vulnerability (NS-SA-2020-0072)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has modauthmellon packages installed that are affected by a vulnerability: - modauthmellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL...

NewStart CGSL CORE 5.05 / MAIN 5.05 : ppp Vulnerability (NS-SA-2020-0113)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ppp packages installed that are affected by a vulnerability: - eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions. CVE-2020-8597 Note that Nessus has not...

NewStart CGSL CORE 5.04 / MAIN 5.04 : git Multiple Vulnerabilities (NS-SA-2020-0075)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has git packages installed that are affected by multiple vulnerabilities: - Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug...

NewStart CGSL CORE 5.05 / MAIN 5.05 : python-pillow Multiple Vulnerabilities (NS-SA-2020-0104)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-pillow packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very larg...

NewStart CGSL CORE 5.05 / MAIN 5.05 : evolution-data-server Vulnerability (NS-SA-2020-0114)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has evolution-data-server packages installed that are affected by a vulnerability: - It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get...

NewStart CGSL CORE 5.05 / MAIN 5.05 : evolution-ews Vulnerability (NS-SA-2020-0086)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has evolution-ews packages installed that are affected by a vulnerability: - It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential...

NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtimageformats Vulnerability (NS-SA-2020-0099)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtimageformats packages installed that are affected by a vulnerability: - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption. CVE-2018-19871 Note that Nessus has not tested...