NewStart CGSL CORE 5.04 / MAIN 5.04 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0027)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has java-1.8.0-openjdk packages installed that are affected by multiple vulnerabilities: - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store...

NewStart CGSL CORE 5.04 / MAIN 5.04 : krb5 Multiple Vulnerabilities (NS-SA-2019-0067)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has krb5 packages installed that are affected by multiple vulnerabilities: - MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership...

NewStart CGSL MAIN 4.05 : firefox Multiple Vulnerabilities (NS-SA-2019-0116)

The remote NewStart CGSL host, running version MAIN 4.05, has firefox packages installed that are affected by multiple vulnerabilities: - File downloads encoded with blob: and data: URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block...

NewStart CGSL MAIN 4.05 : bluez Vulnerability (NS-SA-2019-0117)

The remote NewStart CGSL host, running version MAIN 4.05, has bluez packages installed that are affected by a vulnerability: - An information-disclosure flaw was found in the bluetoothd implementation of the Service Discovery Protocol SDP. A specially crafted Bluetooth device could, without prior...

NewStart CGSL MAIN 5.04 : liblouis Vulnerability (NS-SA-2019-0004)

The remote NewStart CGSL host, running version MAIN 5.04, has liblouis packages installed that are affected by a vulnerability: - A missing fix for one stack-based buffer overflow in findTable for CVE-2014-8184 was discovered. An attacker could cause denial of service or potentially allow arbitra...

NewStart CGSL MAIN 4.05 : sudo Vulnerability (NS-SA-2019-0097)

The remote NewStart CGSL host, running version MAIN 4.05, has sudo packages installed that are affected by a vulnerability: - A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo coul...

NewStart CGSL CORE 5.04 / MAIN 5.04 : binutils Multiple Vulnerabilities (NS-SA-2019-0060)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has binutils packages installed that are affected by multiple vulnerabilities: - The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service...

NewStart CGSL MAIN 4.05 : firefox Multiple Vulnerabilities (NS-SA-2019-0148)

The remote NewStart CGSL host, running version MAIN 4.05, has firefox packages installed that are affected by multiple vulnerabilities: - A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being fre...

NewStart CGSL CORE 5.04 / MAIN 5.04 : pcs Multiple Vulnerabilities (NS-SA-2019-0042)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pcs packages installed that are affected by multiple vulnerabilities: - Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in...

NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2019-0161)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities: - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed paren...

NewStart CGSL MAIN 4.05 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0126)

The remote NewStart CGSL host, running version MAIN 4.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not display...

NewStart CGSL CORE 5.04 / MAIN 5.04 : python-jinja2 Vulnerability (NS-SA-2019-0078)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-jinja2 packages installed that are affected by a vulnerability: - In Pallets Jinja before 2.8.1, str.format allows a sandbox escape. CVE-2016-10745 Note that Nessus has not tested for this issue but has instead relie...

NewStart CGSL CORE 5.05 / MAIN 5.05 : vim Vulnerability (NS-SA-2019-0164)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has vim packages installed that are affected by a vulnerability: - It was found that the :source! command was not restricted by the sandbox mode. If modeline was explicitly enabled, opening a specially crafted text file in vim...

NewStart CGSL CORE 5.05 / MAIN 5.05 : ghostscript Vulnerability (NS-SA-2019-0085)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ghostscript packages installed that are affected by a vulnerability: - It was found that some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file cou...

NewStart CGSL MAIN 4.05 : nss Vulnerability (NS-SA-2019-0131)

The remote NewStart CGSL host, running version MAIN 4.05, has nss packages installed that are affected by a vulnerability: - A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this fla...

NewStart CGSL MAIN 4.05 : patch Vulnerability (NS-SA-2019-0138)

The remote NewStart CGSL host, running version MAIN 4.05, has patch packages installed that are affected by a vulnerability: - GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result in code...

NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0160)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages,...

NewStart CGSL MAIN 4.06 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0093)

The remote NewStart CGSL host, running version MAIN 4.06, has thunderbird packages installed that are affected by multiple vulnerabilities: - libical 1.0 allows remote attackers to cause a denial of service use-after-free via a crafted ics file. CVE-2016-5824 - A use-after-free vulnerability can...

NewStart CGSL MAIN 4.05 : qemu-kvm Vulnerability (NS-SA-2019-0125)

The remote NewStart CGSL host, running version MAIN 4.05, has qemu-kvm packages installed that are affected by a vulnerability: - Quick emulator QEMU, compiled with the Cirrus CLGD 54xx VGA Emulator support, is vulnerable to an OOB write access issue. The issue could occur while writing to VGA...

NewStart CGSL CORE 5.04 / MAIN 5.04 : gnupg2 Vulnerability (NS-SA-2019-0023)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gnupg2 packages installed that are affected by a vulnerability: - A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject messages...