20 matches found
Yum Package Manager Persistence
This module will run a payload when the package manager is used. This module modifies a yum plugin to launch a binary of choice. grep -F 'enabled=1' /etc/yum/pluginconf.d/ will show what plugins are currently enabled on the system. root persmissions are likely required. Verified on Centos 7.1...
Photon OS 5.0: Kubernetes PHSA-2025-5.0-0487
An update of the kubernetes package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0487. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
GitLab 16.9 < 17.7.7 / 17.8 < 17.8.5 / 17.9 < 17.9.2 (CVE-2025-0652)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2 could...
CVE-2024-6799 YITH Essential Kit for WooCommerce #1 <= 2.34.0 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install, Activation, and Deactivation
The YITH Essential Kit for WooCommerce 1 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'activatemodule', 'deactivatemodule', and 'installmodule' functions in all versions up to, and including, 2.34.0. This makes it possible for...
CVE-2024-6579
The Web and WooCommerce Addons for WPBakery Builder plugin for WordPress is vulnerable to unauthorized plugin settings modification due to a missing capability check on several plugin functions in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with...
Unauthorised Modification
pgpverify-maven-plugin allows unauthorized modification. An attacker is able to push base repository or access secrets by checking out and running build script from a fork the untrusted code is running in an environment...
Solaris 10 (x86) : 145342-06 (deprecated)
Oracle Solaris Cluster 3.3: HA-Tomcat Patch for Oracle Solaris 10. Date this patch was last updated by Sun : Apr/19/17 This plugin has been deprecated and either replaced with individual 145342 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security,...
Juniper NetScreen VPN Client Detection
The remote host has the Juniper NetScreen VPN Client installed. C Tenable Network Security. Inc. include"compat.inc"; if description scriptid70120; scriptversion"1.10"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/02/06"; scriptxrefname:"IAVT", value:"0001-T-0914";...
openx advertising system 0DYA-vulnerability warning-the black bar safety net
openx advertising system 0dayoriginal author: YJPS reprint please indicate the Penetration of a foreign station when the discovery and successful use of Using the method first go to the official under a useless plugin and then modify the back to plug in a normal PHP file inserted into a word to...
MDVA-2010:083 : initscripts
Add a loop around SIGCONT to resume all SIGSTOP'ed process to be able to process SIGTERM. It will not run SIGKILL if there's no process left and avoid Sending all processes the KILL signal... FAILED message. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch ...
Solaris 10 (x86) : 138071-03
SunOS 5.10x86: nfssrv and rpcsec patch. Date this patch was last updated by Sun : Aug/20/08 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...
HP-UX Security Patch : PHNE_29774
sendmail1m 8.9.3 patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid16876; scriptversion"1.13"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...
Danware NetOp Host HELO Request Remote Information Disclosure
This plugin displays the basic name and address information provided by NetOp products for easy network browsing. Administrators should disable displaying this information if they don't want it to be visible. Note that leaked private IP addresses are only an issue if the NetOp product is listenin...
Solaris 8 (sparc) : 116973-07
SunOS 5.8: Apache Patch. Date this patch was last updated by Sun : Apr/24/08 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 8 (sparc) : 109238-02
SunOS 5.8: /usr/bin/sparcv7/ipcs and /usr/bin/sparcv9/ipcs patch. Date this patch was last updated by Sun : Sep/17/01 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
Solaris 9 (sparc) : 116237-01
SunOS 5.9: pfexec Patch. Date this patch was last updated by Sun : Nov/26/03 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 8 (x86) : 111322-05
SunOS 5.8x86: klmmod and klmops patch. Date this patch was last updated by Sun : Mar/31/06 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Solaris 8 (x86) : 109155-01
SunOS 5.8x86: vgatext and terminal-emulator patch. Date this patch was last updated by Sun : Apr/05/00 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc';...
Norton AntiVirus Detection and Status (deprecated)
This plugin has been deprecated. It has been replaced by Symantec Antivirus Software Detection and Status, ID 21725. %NASLMINLEVEL 999999 This script has been rewritten by Tenable Network Security Original script was written by Jeff Adams ; @DEPRECATED@ Disabled on 2017/04/24. Deprecated by...
Sun Java Web Server bboard Servlet Command Execution
The 'bboard' servlet is installed in /servlet/sunexamples.BBoardServlet. This servlet comes with default installations of Sun Java Web Server and has a well-known security flaw that lets anyone execute arbitrary commands with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network...