Scan Search settings

This plugin configures miscellaneous search variables for Nessus plugins. It does not perform any security checks but may disable or change the behavior of others. TRUSTED...

Tracking changes in CERT bulletins and Nessus plugins using Vulners Time Machine

If you use Vulners.com vulnerability search engine, you probably know that it has a real "Time Machine". Each time Vulners sees some changes on a source page it creates a new version of security object. And you can see the full history of changes in a nice GUI: In most cases, the vendor just...

JBoss Enterprise Application Platform '/jmx-console' Authentication Bypass

The version of JBoss Enterprise Application Platform EAP running on the remote host allows unauthenticated access to documents under the /jmx-console directory. This is due to a misconfiguration in web.xml which only requires authentication for GET and POST requests. Specifying a different verb...

Browsable Web Directories

Multiple Nessus plugins identified directories on the web server that are browsable. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid40984; scriptversion"1.10"; scriptsetattributeattribute:"pluginmodificationdate",...