MariaDB 5.5.0 < 5.5.65 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 5.5.65. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.65 advisory. - Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and...

Oracle WebLogic Server Multiple Vulnerabilities (January 2019 CPU)

The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read...

Oracle Java SE Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 8 Update 51, 7 Update 85, or 6 Update 101. It is, therefore, affected by security vulnerabilities in the following components : - 2D - CORBA - Deployment - Hotspot - Install - JCE - JMX - JNDI...

SSL Weak Cipher Suites Supported

The remote host supports the use of SSL ciphers that offer weak encryption. Note: This is considerably easier to exploit if the attacker is on the same physical network. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid26928; scriptversion"1.31";...

Amazon Linux 2 : gcc10, gcc (ALAS-2022-1784)

The version of gcc installed on the remote host is prior to 7.3.1-14. The version of gcc10 installed on the remote host is prior to 10.3.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1784 advisory. A flaw was found in the way Unicode standards are implemented ...

PHP 7.1.x < 7.1.25 Multiple vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.25. It is, therefore, affected by multiple vulnerabilities: - An arbitrary command injection vulnerability exists in the imapopen function due to improper filters for mailbox names prior to passing...

EA Need For Speed Underground Detection

The remote host is running a client relay service for Electronic Arts Need For Speed Underground or a clone of that game. This is a kind of port mapper in that the service provides dynamic port numbers to client software. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

XOOPS viewtopic.php Multiple Parameter XSS

The weblinks module of XOOPS contains a file named 'viewtopic.php' in the '/modules/newbb' directory. The code of the module insufficently filters out user provided data. The URL parameter used by 'viewtopic.php' can be used to insert malicious HTML and/or JavaScript in to the web page...

PHP 7.2.x < 7.2.24 Remote Code Execution Vulnerability

According to its banner, the version of PHP running on the remote web server is prior to 7.1.33, 7.2.x prior to 7.2.24, or 7.3.x prior to 7.3.11. It is, therefore, affected by a remote code execution vulnerability due to insufficient validation of user input. An unauthenticated, remote attacker c...

Oracle Java SE Multiple Vulnerabilities (April 2017 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 6 Update 151, 7 Update 141, or 8 Update 131. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Networking subcomponent that allows an unauthenticated...

OpenSSL < 0.9.6e / 0.9.7b3 Multiple Remote Vulnerabilities

The remote service seems to be using a version of OpenSSL that is older than 0.9.6e or 0.9.7-beta3. Such versions are affected by a buffer overflow that may allow an attacker to execute arbitrary commands on the remote host with the privileges of the application itself. TRUSTED...

Nginx 1.17.x < 1.17.3 Multiple Vulnerabilties

According to its Server response header, the installed version of nginx is 1.9.5 to 1.16.0 or 1.17.x prior to 1.17.3. It is, therefore, affected by the following issues : - An excessive CPU usage in HTTP/2 with small window updates exists related to the module 'ngxhttpv2module'. CVE-2019-9511 - A...

Microsoft Office Protected View Disabled

A Microsoft Office application installed on the remote host has protected view disabled. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself is copyright C Microsoft Corporation...

Security Updates for Microsoft Publisher Products (June 2018)

The Microsoft Publisher Products are missing a security update. It is, therefore, affected by the following vulnerability : - An elevation of privilege vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects. An...

Veritas Backup Exec Remote Agent 14.1.x < 14.1.1786.1126 / 14.2.x < 14.2.1180.3160 / 16.0.x < 16.0.1142.1327 Use-after-free RCE (VTS17-006)

The version of Vertias Backup Exec Remote Agent installed on the remote Windows host is 14.1.x prior to 14.1.1786.1126, 14.2.x prior to 14.2.1180.3160, or 16.0.x prior to 16.0.1142.1327. It is, therefore, affected by a remote code execution vulnerability due to a use-after-free error that is...

Nuked-Klan index.php Multiple Module Vulnerabilities

The instance of Nuked-klan running on the remote web server is affected by multiple vulnerabilities due to a failure to sanitize user-supplied input to several parameters before using them in the 'Team', 'News', and 'Liens' modules to display dynamic HTML. An unauthenticated, remote attacker can...

Mozilla Firefox ESR < 78.10

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.10. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-15 advisory. - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed...

Linux User List Enumeration

Using the supplied credentials, Nessus was able to enumerate the local users and groups on the remote Linux host. TRUSTED...

Oracle MySQL Server 8.0.x < 8.0.36 (October 2024 CPU)

The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Packaging OpenSSL. Supported versions that are affected are 8.0.35 and...

ESXi 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2022-0004)

The remote VMware ESXi host is version 6.5, 6.7 or 7.0 and is affected by multiple vulnerabilities, including the following: - VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtua...

RHEL 6 : thunderbird (RHSA-2018:0647)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:0647 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.7.0. Security Fixes: Mozilla:...

Microsoft Malware Protection Engine < 1.1.14405.2 RCE

The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.14405.2. It is, therefore, affected by a remote code execution vulnerability. Note that Nessus has checked if a vulnerable version of MMPE is being used by any of the following application...

Multiple Adobe Products XML External Entity (XXE) Injection (APSB10-05)

The remote host appears to be running an Adobe product that is susceptible to XML External Entity XXE attacks. The installed version of the product fails to block the use of external XML entities while using the HTTPChannel to transport data in AMFX format. A remote, unauthenticated attacker coul...

MS15-048: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3057134)

The remote Windows host is running a version of the Microsoft .NET Framework that is affected by multiple vulnerabilities : - A denial of service vulnerability exists in the Microsoft .NET Framework due to a recursion flaw that occurs when decrypting XML data. A remote attacker can exploit this,...

KB5018421: Windows Server 2022 Security Update (October 2022)

The remote Windows host is missing security update 5018421. It is, therefore, affected by multiple vulnerabilities - Internet Key Exchange IKE Protocol Denial of Service Vulnerability CVE-2022-38036 - Server Service Remote Protocol Elevation of Privilege Vulnerability CVE-2022-38045 - Microsoft...

Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 33 / 9.0.0 < 9.0.0 Patch 26 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by a multiple vulnerabilities, including the following: - An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite ZCS 8.8.15 and 9.0. The value of the X-Forwarded-Host...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5566-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5566-1 advisory. Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a rout...

VMware vCenter Server Appliance 6.0 / 6.5 / 6.7 Information Disclosure vulnerability (VMSA-2018-0021)

The version of VMware vCenter Server Appliance installed on the remote host is 6.0, 6.5 or 6.7 and is, therefore, potentially affected by an information disclosure vulnerability. CVE-2018-3620 C Tenable Network Security, Inc. include'compat.inc'; if description scriptid112207; scriptversion"1.7";...

HPE Smart Storage Administrator < 2.60.18.0 RCE

The version of HPE Smart Storage Administrator installed on the remote Windows host is prior to 2.60.18.0. It is, therefore, affected by a flaw in function isDirectFileAccess in file ipcelmclient.php due to improper sanitization of user-supplied input to the 'command' variable. An authenticated,...

IBM Domino 8.5.x < 8.5.3 Fix Pack 6 Interim Fix 15 / 9.0.x < 9.0.1 Fix Pack 7 Interim Fix 1 Multiple Vulnerabilities

According to its banner, the version of IBM Domino formerly IBM Lotus Domino running on the remote host is 8.5.x prior to 8.5.3 Fix Pack 6 FP6 Interim Fix 15 IF15 or 9.0.x prior to 9.0.1 Fix Pack 7 FP7 Interim Fix 1 IF1. It is, therefore, affected by the following vulnerabilities : - Multiple...

HP Version Control Agent (VCA) < 7.3.3 Multiple SSL Vulnerabilities

The RPM installation of HP Version Control Agent VCA on the remote Linux host is a version prior to 7.3.3. It is, therefore, affected by multiple vulnerabilities in the bundled version of SSL : - An error exists in the 'ssl3readbytes' function that permits data to be injected into other sessions ...

DNS Server Version Detection

Nessus was able to obtain version information by sending a special TXT record query to the remote host. Note that this version is not necessarily accurate and could even be forged, as some DNS servers send the information based on a configuration file. C Tenable Network Security, Inc...

Kiwi Syslog Server Web Access Login Username Enumeration

Kiwi Syslog Web Access is installed on the remote host. The installed version responds with different error messages when an user attempts to login with existent and non-existent accounts. A remote unauthenticated attacker may exploit this vulnerability to enumerate valid users for the remote web...

CentOS 7 : systemd (CESA-2019:0049)

An update for systemd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

WordPress < 4.9.9 / 5.x < 5.0.1 Multiple Vulnerabilities

According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.9.9, or 5.x prior to 5.0.1. It is, therefore, affected by multiple vulnerabilities, including cross-site scripting XSS vulnerabilities due to improper validation of user-supplie...

NVIDIA Windows GPU Display Driver 384.x / 385.x / 386.x < 386.07 / 390.x < 390.65 Multiple Vulnerabilities (Meltdown)(Spectre)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid105777; scriptversion"1.14";...

Splunk Non-root Configuration Local Privilege Escalation

The Splunk install detected on the remote host is vulnerable to a non-root configuration local privilege escalation vulnerability. Please refer the vendor advisory for remediation actions. TRUSTED...

IBM WebSphere Application Server 7.0 < 7.0.0.39 (FP39) / 8.0 < 8.0.0.11 (FP11) / 8.5 < 8.5.5.6 (FP6) Multiple Vulnerabilities (Bar Mitzvah) (FREAK)

The IBM WebSphere Application Server running on the remote host is version 7.0 prior to 7.0.0.39, 8.0 prior to 8.0.0.11, or 8.5 prior to 8.5.5.6. It is, therefore, potentially affected by multiple vulnerabilities : - A security feature bypass vulnerability, known as FREAK Factoring attack on...

Samba smbmnt Local Privilege Escalation

According to its banner, the version of Samba running on the remote host is in the 2.x or 3.x branch. Such versions are shipped with a utility called 'smbmnt'. When smbmnt has the setuid 'root' bit set, a local user with access to the victim can mount a Samba share and then execute a setuid or...

Multiple Vendor DNS Response Flooding Denial Of Service

The remote DNS server is vulnerable to a denial of service attack because it replies to DNS responses. An attacker could exploit this vulnerability by spoofing a DNS packet so that it appears to come from 127.0.0.1 and make the remote DNS server enter into an infinite loop, therefore denying...

Ivanti Connect Secure 9.x / 22.x Multiple Vulnerabilities

The Ivanti Connect Secure installed on the remote host is 9.x or 22.x. It is, therefore, affected by multiple vulnerabilities: - An authentication bypass vulnerability in the web component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted...

KB4530689: Windows 10 Version 1607 and Windows Server 2016 December 2019 Security Update

The remote Windows host is missing security update 4530689. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious...

smtpscan SMTP Fingerprinting

smtpscan is a SMTP fingerprinting tool written by Julien Bordet. It identifies the remote mail server even if the banners were changed. C Tenable Network Security, Inc. This NASL script is a quick and dirty conversion of smtpscan by Julien Bordet Note that smtpcan has more features than this simp...

F5 Networks BIG-IP : Sockstress DoS tool vulnerability (SOL10509)

Sockstress DoS tool CVE-2008-4609. The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate...

Compaq WBEM HTTP Server Remote Overflow

The remote host is running a Compaq Web Management server. The remote version of this software is vulnerable to an unspecified buffer overflow that may allow an attacker to execute arbitrary code on the remote host with the privileges of the web server process. C Tenable Network Security, Inc...

Radmin (Remote Administrator) Port 10002 - Possible GDI Compromise

The remote host is running radmin - a remote administration tool - on port 10002. This indicates that an attacker may have exploited one of the flaws described in MS04-028 with a widely available exploit. As a result, anyone may connect to the remote host and gain control by logging into the remo...

MS01-026 / MS01-044: Microsoft IIS Remote Command Execution (uncredentialed check)

When IIS receives a user request to run a script, it renders the request in a decoded canonical form, and then performs security checks on the decoded request. A vulnerability results because a second, superfluous decoding pass is performed after the initial security checks are completed. Thus, a...

Oracle Linux 9 : nodejs / and / nodejs-nodemon (ELSA-2022-6595)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6595 advisory. - Rebase to version 16.16.0 Resolves: RHBZ2106290 Resolves: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 Tenable has extracted the...

Security Updates for Microsoft SQL Server (January 2021)

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by an elevation of privilege vulnerability. An authenticated, remote attacker can exploit this issue, to gain elevated privileges. Note that Nessus has not tested for this issue but h...

IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.4 Multiple Vulnerabilities (POODLE)

The IBM WebSphere Application Server running on the remote host is version 8.5 prior to Fix Pack 8.5.5.4. It is, therefore, affected by the following vulnerabilities : - Multiple errors exist related to the included IBM HTTP server that can allow remote code execution or denial of service...