338622 matches found
MS11-004: Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)
The IIS FTP service running on the remote host has a heap-based buffer overflow vulnerability. The 'TELNETSTREAMCONTEXT::OnSendData' function fails to properly sanitize user input, resulting in a buffer overflow. An unauthenticated, remote attacker can exploit this to execute arbitrary code. C...
EMC vApp Manager Default Credentials
The EMC vApp Manager web application running on the remote host uses a default set of credentials 'smc' / 'smc'. An unauthenticated, remote attacker can exploit this issue to authenticate to the application and perform actions allowed by the default account. Specifically, the attacker can login a...
Cisco ASA / IOS IKE Fragmentation Vulnerability
The remote Cisco Adaptive Security Appliance ASA or device running IOS / IOS XE is affected by one of the following vulnerabilities in the Internet Key Exchange IKE implementation : - An overflow condition exists in both the IKE and IKEv2 implementations due to improper validation of user-supplie...
Microsoft .NET Framework Detection
Microsoft .NET Framework, a software framework for Microsoft Windows operating systems, is installed on the remote host. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid51351; scriptversion"1.40"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/10/15...
Windows 8.1 and Windows Server 2012 R2 July 2017 Security Updates
The remote Windows host is missing security update 4025333 or cumulative update 4025336. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Windows Performance Monitor Console due to improper parsing of XML input that contains a...
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-5469-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5469-1 advisory. It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged...
Apache 2.2.x < 2.2.16 Multiple Vulnerabilities
According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.16. It is, therefore, potentially affected by multiple vulnerabilities : - A denial of service vulnerability in modcache and moddav. CVE-2010-1452 - An information disclosure vulnerability in...
Apache Tomcat 9.0.0.M1 < 9.0.31 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 9.0.31. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.31security-9 advisory. - When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to...
Blue Coat Reporter Default Password (admin) for 'admin' Account
Nessus could gain administrative access to the Blue Coat Reporter install on the remote host using 'admin' for both the username and password. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid34346; scriptversion"$Revision: 1.8 $"; scriptcvsdate"$Date: 2013/01/25...
Apache HTTP Server Version
The remote host is running the Apache HTTP Server, an open source web server. It was possible to read the version number from the banner. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid48204; scriptversion"1.20"; scriptsetattributeattribute:"pluginmodificationdate",...
Oracle WebLogic Server Multiple Vulnerabilities (October 2017 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid103935; scriptversion"1.16";...
Splunk Enterprise < 5.0.17 / 6.0.13 / 6.1.12 / 6.2.12 / 6.3.8 / 6.4.4 or Splunk Light < 6.5.0 Multiple Vulnerabilities
According to its self-reported version number, the version of Splunk Enterprise hosted on the remote web server is 5.0.x prior to 5.0.17, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.12, 6.2.x prior to 6.2.12, 6.3.x prior to 6.3.8, or 6.4.x prior to 6.4.4; or else it is Splunk Light prior to 6.5.0. ...
MySQL 5.7.x < 5.7.34 Multiple Vulnerabilities (Apr 2021 CPU)
The version of MySQL running on the remote host is 5.7.x prior to 5.7.34. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the April 2021 Critical Patch Update advisory: - Vulnerability in the MySQL Server product of Oracle MySQL component: Server:...
Flexera FlexNet Publisher < 11.16.2 Multiple Vulnerabilities
The version of Flexera FlexNet Publisher running on the remote host is prior to 11.16.2. It is, therefore, affected by multiple vulnerabilities : - A Denial of Service vulnerability related to preemptive item deletion in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 an...
Apache Hadoop YARN ResourceManager Unauthenticated RCE (Remote) (Xbash)
The Apache Hadoop YARN ResourceManager running on the remote host is allowing unauthenticated users to create and execute applications. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP request, to potentially execute arbitrary code, subject to the user privileges...
Microsoft Windows SMB Registry Remotely Accessible
It was possible to access the remote Windows Registry using the login / password combination used for the Windows local checks SMB tests. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10400; scriptversion"1.55"; scriptsetattributeattribute:"pluginmodificationdate",...
PHP 8.2.x < 8.2.18 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.28, 8.2.x prior to 8.2.18, or 8.3.x prior to 8.3.6. It is, therefore, affected by multiple vulnerabilities: - A command injection via array-ish $command parameter of procopen...
Microsoft Windows SMB Registry : Winlogon Cached Password Weakness
The registry key 'HKLM\Software\Microsoft\WindowsNT\CurrentVersion\ Winlogon\CachedLogonsCount' is not 0. Using a value greater than 0 for the CachedLogonsCount key indicates that the remote Windows host locally caches the passwords of the users when they login, in order to continue to allow the...
Oracle WebLogic Server Java Object Deserialization RCE (July 2016 CPU)
The remote Oracle WebLogic Server is affected by a remote code execution vulnerability in the WLS Core component in the readObject function due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this, via a crafted object payload, to bypass the...
Microsoft Windows Update Reboot Required
According to entries in its registry, a reboot is required by Windows Update to complete installation of at least one update. If the pending changes are security-related, the remote host could remain vulnerable to attack until a reboot occurs. C Tenable Network Security, Inc. include'compat.inc';...
Microsoft Windows IIS Default Index Page
The remote web server uses the default IIS index page. This page may contain extra version information and is an indication of a misconfigured server. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid106609; scriptversion "1.3";...
Security Updates for SQL Server Management Studio (August 2020)
The SQL Server Management Studio installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability : - A denial of service vulnerability exists when Microsoft SQL Server Management Studio SSMS improperly handles files. An attacker could exploi...
OpenSSL 'ChangeCipherSpec' MiTM Vulnerability
The OpenSSL service on the remote host is vulnerable to a man-in-the-middle MiTM attack, based on its acceptance of a specially crafted handshake. This flaw could allow a MiTM attacker to decrypt or forge SSL messages by telling the service to begin encrypted communications before key material ha...
Windows Security Feature Bypass in Secure Boot (BootHole)
Binary data windowsuefiboothole.nbin...
Oracle Java SE 1.7.0_281 / 1.8.0_271 / 1.11.0_9 / 1.15.0_1 Multiple Vulnerabilities (Oct 2020 CPU)
The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 281, 8 Update 271, 11 Update 9, or 15 Update 1. It is, therefore, affected by multiple vulnerabilities related to the following components as referenced in the October 2020 CPU...
MySQL 5.5 < 5.5.24 Security Bypass Vulnerability
The version of MySQL 5.5 installed on the remote host is earlier than 5.5.24 and is, therefore, affected by the following vulnerabilities : - Several errors exist related to 'GIS Extension', 'Server', 'InnoDB' and 'Server Optimizer' components that can allow denial of service attacks...
KB4056898: Windows 8.1 and Windows Server 2012 R2 January 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4056898 or cumulative update 4056895. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local...
phpBB Advanced GuestBook addentry.php phpbb_root_path Parameter Remote File Inclusion
The remote host is running Advanced Guestbook, a free guestbook written in PHP. The version of Advanced Guestbook installed on the remote host fails to sanitize input to the 'phpbbrootpath' parameter of the 'admin/addentry.php' script before using it in a PHP 'include' function. Provided PHP's...
SSL / TLS Versions Supported
This plugin detects which SSL and TLS versions are supported by the remote service for encrypting communications. TRUSTED...
MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485)
The version of Windows DNS server running on the remote host has the following vulnerabilities : - A memory corruption vulnerability that can be triggered by making a specially crafted NAPTR query, which can result in arbitrary code execution. CVE-2011-1966 - A denial of service vulnerability...
Apache 2.4.x < 2.4.47 Multiple Vulnerabilities
The version of Apache httpd installed on the remote host is prior to 2.4.47. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.47 changelog: - Unexpected section matching with 'MergeSlashes OFF' CVE-2021-30641 - modauthdigest: possible stack overflow by one nul byte...
Apache PHP-CGI Remote Code Execution
The PHP installation on the remote web server contains a flaw that could allow a remote attacker to pass command-line arguments as part of a query string to the PHP-CGI program. This could be abused to execute arbitrary code, reveal PHP source code, cause a system crash, etc. %NASLMINLEVEL 70300 ...
Web Server Allows Password Auto-Completion
The remote web server contains at least one HTML form field that has an input of type 'password' where 'autocomplete' is not set to 'off'. While this does not represent a risk to this web server per se, it does mean that users who use the affected forms may have their credentials saved in their...
WordPress < 4.6.1 Multiple Vulnerabilities
According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.6.1. It is, therefore, affected by multiple vulnerabilities : - A cross-site scripting vulnerability XSS exists when handling file names of uploaded images due to improper...
Apache Struts 2 'action:' Parameter Arbitrary Remote Command Execution
The remote web application appears to use Struts 2, a web framework that utilizes OGNL Object-Graph Navigation Language as an expression language. Due to a flaw in the evaluation of an OGNL expression prefixed by the 'action:' parameter, a remote, unauthenticated attacker can exploit this issue t...
MS12-027: Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
A memory corruption issue exists in Windows common controls, specifically within the MSCOMCTL.TreeView, MSCOMCTL.ListView2, MSCOMCTL.TreeView2, and MSCOMCTL.ListView controls component of MSCOMCTL.OCX, due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can...
HP System Management Homepage < 7.5.4 Multiple Vulnerabilities (Logjam)
According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server is a version prior to 7.5.4. It is, therefore, affected by the following vulnerabilities : - A denial of service vulnerability exists when processing an ECParameters structure du...
MS12-073: Vulnerabilities in Microsoft IIS Could Allow Information Disclosure (2733829) (uncredentialed check)
The FTP service in the version of Microsoft IIS 7.0 or 7.5 on the remote Windows host is affected by a command injection vulnerability that could result in unauthorized information disclosure. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62940; scriptversion"1.11";...
KB5019964: Windows 10 Version 1607 and Windows Server 2016 Security Update (November 2022)
The remote Windows host is missing security update 5019964. It is, therefore, affected by multiple vulnerabilities - AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions CVE-2022-23824 - Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability CVE-2022-37966 - Windows Kerberos...
PHP 8.0.x < 8.0.20 Multiple Vulnerabilities
The version of PHP installed on the remote host is prior to 8.0.20. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.0.20 advisory. - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplyi...
Security Updates for Windows 10 / Windows Server 2016 (January 2019) (Spectre)
The remote Windows host is missing a security update. It is, therefore, missing microcode updates to address Spectre Variant 2 CVE-2017-5715: Branch Target Injection vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid121035; scriptversion"1.8";...
Target Credential Status by Authentication Protocol - No Credentials Provided
Nessus was not able to successfully authenticate directly to the remote target on an available authentication protocol. Nessus was able to connect to the remote port and identify that the service running on the port supports an authentication protocol, but Nessus failed to authenticate to the...
Apache Tomcat 6.0.x < 6.0.24 Multiple Vulnerabilities
The version of Apache Tomcat installed on the remote host is 6.0.x prior to 6.0.24. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the handling of pipelined requests when 'Sendfile' was used. If sendfile processing completed quickly, it was possible for t...
PostNuke PNphpBB2 includes/functions_admin.php phpbb_root_path Parameter Remote File Inclusion
The installation of PostNuke on the remote host includes a version of the PNphpBB2 module that fails to sanitize input to the 'phpbbrootpath' parameter of the 'includes/functionsadmin.php' script before using it in a PHP 'includeonce' function. Provided PHP's 'registerglobals' setting is enabled,...
Security Update for Microsoft Office Products (June 2017)
The Microsoft Office application installed on the remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist in Microsoft Office due to improper validation of input before loading dynamic link...
MS KB2960358: Update for Disabling RC4 in .NET TLS
The remote host is missing an update for disabling the weak RC4 cipher suite in .NET TLS. Note that even though .NET Framework 4.6 itself is not affected, any Framework 4.5, 4.5.1, or 4.5.2 application that runs on a system that has 4.6 installed is affected. C Tenable Network Security, Inc...
Amazon Linux 2023 : openssl, openssl-devel, openssl-libs (ALAS2023-2023-051)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-051 advisory. The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates...
Security Updates for Microsoft Visual Studio Products (Aug 2018)
The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by a privilege escalation vulnerability when Diagnostics Hub Standard Collector allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the...
Microsoft Windows SMB Registry : Autologon Enabled
This script determines whether the autologon feature is enabled. This feature allows an intruder to log into the remote host as DefaultUserName with the password DefaultPassword. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10412; scriptversion"1.36";...
Oracle MySQL Server 5.7.x < 5.7.44 (October 2023 CPU)
The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.43 and prior an...