57 matches found
Fedora 20 : python-tornado-2.2.1-7.fc20 (2014-16390)
Add patch to fix CVE-2013-2098 CVE-2013-2099 bug 96627 - Drop requires python-simplejson, not needed for modern python Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...
CVE-2014-2848
A race condition in the wmimalwarescan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program...
Fedora 19 : kernel-3.11.6-201.fc19 (2013-20547)
Various bug and CVE fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenab...
Fedora 17 : puppet-2.7.21-2.fc17 (2013-4187)
Updates for the security announcements from Puppet Labs on 12-Mar-2013. https://groups.google.com/group/puppet-announce/t/9200f268f8479e2c This update also provides backported fixes for a number of issues with ruby-1.9. Note that Tenable Network Security has extracted the preceding description...
Fedora 18 : freetype-2.4.10-3.fc18 (2013-1492)
This update fixes CVE-2012-5669. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
MS KB2794220: Vulnerability in Internet Explorer Could Allow Remote Code Execution (deprecated)
The remote host is missing the workaround referenced in KB 2794220 Microsoft 'Fix it' 50971. This workaround mitigates a use-after-free vulnerability in Internet Explorer. Without this workaround enabled, an attacker could exploit this vulnerability by tricking a user into viewing a maliciously...
MS KB2757760: Vulnerability in Internet Explorer Could Allow Remote Code Execution (deprecated)
The remote host is missing the workaround referenced in KB 2757760 Microsoft 'Fix it' 50939. This workaround mitigates a use-after-free vulnerability in Internet Explorer. Without this workaround enabled, an attacker could exploit this vulnerability by tricking a user into view a maliciously...
Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / current : dhcp (SSA:2012-258-01)
New dhcp packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2012-258-01. The text itse...
RHEL 5 : systemtap (RHSA-2011:1089)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1089 advisory. SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the...
Fedora 14 : thunderbird-3.1.7-2.fc14 (2010-18777)
Update to new upstream Thunderbird version 3.1.7, fixing multiple security issues detailed in the upstream advisory : http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.ht mlthunderbird3.1.7 Note that Tenable Network Security has extracted the preceding description block directly...
Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / current : php (SSA:2010-024-02)
New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2010-024-02. The text itself ...
SSL Certificate Information
This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate. TRUSTED...
Alt-N WebAdmin USER Buffer Overflow
Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. This module requires Metasploit: https://metasploit.com/download Current source:...
Mercury/32 v4.01a IMAP RENAME Buffer Overflow
This module exploits a stack buffer overflow vulnerability in the Mercury/32 v.4.01a IMAP service. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mercury/32 v4.01a IMAP RENAME Buffer Overflow'...
Web Server / Application favicon.ico Vendor Fingerprinting
The 'favicon.ico' file found on the remote web server belongs to a popular web server. This may be used to fingerprint the web server. This script was written by Javier Fernandez-Sanguino based on sample code written by Renaud Deraison in the nessus-plugins mailing list It is distributed under th...
Nessus Internal: Put cgibin() in the KB
This plugin puts the content of cgibin in the KB so that the function cgidirs can work properly. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10308; scriptversion "$Revision: 1.8 $"; scriptcvsdate"$Date: 2011/03/17 18:46:05 $"; scriptnameenglish:"Nessus Internal: Pu...
SMB Use Domain SID to Enumerate Users
Using the domain security identifier SID, Nessus was able to enumerate the domain users on the remote Windows system. C Tenable Network Security, Inc. @PREFERENCES@ include"compat.inc"; if description scriptid10399; scriptversion"1.82"; scriptcvsdate"Date: 2020/01/07"; scriptnameenglish:"SMB Use...