337440 matches found
F5 Networks BIG-IP : OpenSSL vulnerability (K15159) (Heartbleed)
The 1 TLS and 2 DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys,...
MySQL Unpassworded Account Check
It is possible to connect to the remote MySQL database server using an unpassworded account. This may allow an attacker to launch further attacks against the database. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10481; scriptversion"1.62"; scriptcvsdate"Date:...
FreeBSD : www/awstats -- Partial absolute pathname (bba3f684-9b1d-11ed-9a3f-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the bba3f684-9b1d-11ed-9a3f-b42e991fc52e advisory. - In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname omitting the...
3Com 3CServer/3CDaemon FTP Server Multiple Vulnerabilities (OF, FS, PD, DoS)
The remote host is running the 3Com 3CServer or 3CDaemon FTP server. According to its banner, the version of the 3CServer / 3CDaemon FTP server on the remote host is reportedly affected by multiple buffer overflow and format string vulnerabilities as well as an information leak issue. An attacker...
MariaDB 10.3.0 < 10.3.29 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.3.29. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.3.29 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 5.7.3...
CentOS 7 : openssh (CESA-2018:0980)
An update for openssh is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
sethc.exe Possible Backdoor
The copy of 'sethc.exe' in the Windows 'System32' directory on the remote host appears to have been modified, perhaps for use as a backdoor. Either or both of the 'InternalName' or 'OriginalFilename' file attributes no longer match the original file. This file is part of the Windows 'Sticky Keys'...
Apache Tomcat 8.0.0.RC1 < 8.0.30
The version of Tomcat installed on the remote host is prior to 8.0.30. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.0.30security-8 advisory. - The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before...
Apache Tomcat 8.0.0.RC1 < 8.0.53 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 8.0.53. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat8.0.53security-8 advisory. - The host name verification when using TLS with the WebSocket client was missing. It is now enabled by...
Attachmate Reflection Secure IT Windows Client Information Disclosure (Heartbleed)
The Attachmate Reflection Secure IT Windows Client install on the remote host contains a component, Reflection FTP Client, which is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions th...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Sudo vulnerabilities (USN-4705-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4705-1 advisory. It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue...
Rocky Linux 9 : compat-openssl11 (RLSA-2022:4899)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4899 advisory. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function i...
AIX 7.1 TL 5 : bind (IJ25924)
https://vulners.com/cve/CVE-2020-8616 https://vulners.com/cve/CVE-2020-8616 ISC BIND is vulnerable to a denial of service, caused by the failure to limit the number of fetches performed when processing referrals. By using specially crafted referrals, a remote attacker could exploit this...
Default Password (123456) for 'nexthink' Account
The account 'nexthink' on the remote host has the password '123456'. An attacker can leverage this issue to gain administrative access to the affected system. Note that Nexthink is known to use these credentials to provide administrative access to the host. %NASLMINLEVEL 70300 C Tenable Network...
Apache 2.2.x < 2.2.28 Multiple Vulnerabilities
According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.28. It is, therefore, affected by the following vulnerabilities : - A flaw exists within the 'modheaders' module which allows a remote attacker to inject arbitrary headers. This is done by placing a...
Apache 2.2.x < 2.2.22 Multiple Vulnerabilities
According to its banner, the version of Apache 2.2.x installed on the remote host is prior to 2.2.22. It is, therefore, potentially affected by the following vulnerabilities : - When configured as a reverse proxy, improper use of the RewriteRule and ProxyPassMatch directives could cause the web...
Azul Zulu Java Multiple Vulnerabilities (2024-10-15)
The version of Azul Zulu installed on the remote host is 6 prior to 6.67.0.12 / 7 prior to 7.73.0.14 / 8 prior to 8.81.0.12 / 11 prior to 11.75.12 / 17 prior to 17.53.12 / 21 prior to 21.37.12 / 23 prior to 23.30.14. It is, therefore, affected by multiple vulnerabilities as referenced in the...
Microsoft Edge (Chromium) < 120.0.2336.0 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 120.0.2336.0. It is, therefore, affected by multiple vulnerabilities as referenced in the January 11, 2024 advisory. - Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an...
/doc Directory Browsable (deprecated)
The /doc directory is browsable. /doc shows the contents of the /usr/doc directory, which reveals not only which programs are installed but also their versions. This plugin has been deprecated. Webmirror3 plugin ID 10662 will identify a browsable directory. %NASLMINLEVEL 999999 Copyright 2000 by...
Symantec Endpoint Protection Client < 14.3 RU1 MP1 DoS (SYMSA18255)
The version of Symantec Endpoint Protection SEP Client installed on the remote host is prior to 14.3 RU1 MP1. It is, therefore, affected by a denial of service vulnerability due to an unhandled exception in a common driver. Note that Nessus has not tested for this issue but has instead relied onl...
Cisco IOS Software DHCP Remote Code Execution Vulnerability
According to its self-reported version, the IOS is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. TRUSTED...
Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerability (USN-3256-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3256-1 advisory. Andrey Konovalov discovered that the AFPACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : OpenSSH vulnerabilities (USN-7270-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7270-1 advisory. It was discovered that the OpenSSH client incorrectly handled the non-default VerifyHostKeyDNS option. If that option wer...
Security Updates for Outlook (March 2023)
The Microsoft Outlook application installed on the remote host is missing a security update. It is, therefore, affected by an elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Adobe Flash Player Unsupported Version Detection
There is at least one unsupported version of Adobe Flash Player installed on the remote host. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C Tenable, Inc...
Check Point FireWall-1 ICA Service Detection
The remote host is running Check Point FireWall-1 and is operating a web server on this port for its internal certificate authority ICA, which provides users with certificate revocation lists and registers users when using the Policy Server. Note that it is not known whether it is possible to...
CentOS 7 : kernel (RHSA-2024:1249)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1249 advisory. - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may all...
Scientific Linux Security Update : firefox on SL5.x i386/x86_64
Several use-after-free flaws were found in Firefox. Visiting a web page containing malicious content could result in Firefox executing arbitrary code with the privileges of the user running Firefox. CVE-2010-0175, CVE-2010-0176, CVE-2010-0177 A flaw was found in Firefox that could allow an applet...
Mambo phpBB Component download.php phpbb_root_path Parameter Remote File Inclusion
The remote host is running the phpBB component for Mambo, a web-based bulletin board. The version of the phpBB component for Mambo installed on the remote host fails to sanitize input to the 'phpbbrootpath' parameter of the 'download.php' and other scripts before using it to include PHP code...
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-033)
The version of kernel installed on the remote host is prior to 5.4.204-113.362. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-033 advisory. Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explain...
NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2021-0059)
The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by multiple vulnerabilities: - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and...
Oracle Java SE 1.7.x < 1.7.0_211 / 1.8.x < 1.8.0_201 / 1.11.x < 1.11.0_2 Multiple Vulnerabilities (January 2019 CPU)
The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 211, 8 Update 201, 11 Update 2. It is, therefore, affected by multiple vulnerabilities related to the following components : - An issue in libjpeg 9a, a divide-by-zero error, could...
Microsoft Malicious Software Removal Tool Installed
The Microsoft Malicious Software Removal Tool is installed on the remote host. This tool is an application that attempts to detect and remove known malware from Windows systems. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66424; scriptversion"1.60";...
Hydra: SNMP
This plugin runs Hydra to find SNMP passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
Apache WebDAV Module PROPFIND Arbitrary Directory Listing
The WebDAV module can be used to obtain a listing of the remote web server directories even if they have a default page such as index.html. This allows an attacker to gain valuable information about the directory structure of the remote host and could reveal the presence of files which are not...
IBM DB2 10.5 < Fix Pack 6 Multiple Vulnerabilities (Bar Mitzvah)
According to its version, the installation of IBM DB2 10.5 running on the remote host is prior to Fix Pack 6. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the IBM Global Security Kit GSKit when handling RSA temporary keys in a non-export RSA key exchange...
Jetty HttpParser Error Remote Memory Disclosure
The remote instance of Jetty is affected by a remote memory disclosure vulnerability in the HttpParser module due to incorrect handling of illegal characters in header values. When an illegal character is encountered in an HTTP request, Jetty writes a response in a shared buffer that was used in ...
Security Updates for Microsoft Exchange Server (March 2021)
The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker could exploit this to execute unauthorized arbitrary code. CVE-2021-26412, CVE-2021-26854,...
Target Credential Status by Authentication Protocol - Valid Credentials Provided
Nessus was able to determine that valid credentials were provided for an authentication protocol available on the remote target because it was able to successfully authenticate directly to the remote target using that authentication protocol at least once. Authentication was successful because th...
ICCP/COTP (ISO 8073) Protocol Detection
Binary data scadaiccpcotpdetect.nbin...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache HTTP Server regression (USN-6885-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6885-2 advisory. USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security fixes introduced a regression when proxying requests to a HTTP...
Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution (cisco-sa-tcl-ace-C9KuVKmm)
According to its self-reported version, IOS is affected by a Arbitrary Code Execution vulnerability. An authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system OS with root privileges. The vulnerability is due to insufficient inp...
KB4462919: Windows 10 Version 1803 and Windows Server Version 1803 October 2018 Security Update
The remote Windows host is missing security update 4462919. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists in DNS Global Blocklist feature. An attacker who successfully exploited this vulnerability could redirect traffic to malicious DNS...
Photon OS 1.0: Binutils / Libarchive / Ntp PHSA-2017-0010 (deprecated)
An update of binutils,ntp,libarchive packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0010. The text itself is copyright C VMwar...
Cisco AnyConnect Secure Mobility Client < 4.4.02034 Local Privilege Escalation
The version of Cisco AnyConnect Secure Mobility Client installed on the remote Windows host is prior to 4.4.02034. It is, therefore, affected by a local privilege escalation vulnerability due to improper validation of paths and filenames of dynamic-link library DLL files before they are loaded. A...
Pulse Secure Pulse Connect Secure SSL VPN Unauthenticated Path Traversal (CVE-2019-11510)
Binary data pulseconnectsecurepathtraversal.nbin...
MySQL 5.5.x < 5.5.54 Multiple Vulnerabilities (January 2017 CPU)
The version of MySQL running on the remote host is 5.5.x prior to 5.5.54. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. CVE-2017-3238 - An...
Apache Tomcat 9.0.0.M1 < 9.0.83
The version of Tomcat installed on the remote host is prior to 9.0.83. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.83security-9 advisory. - Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-...
Veritas Backup Exec Remote Agent 16.x < 21.2 Multiple Vulnerabilities (VTS21-001)
The version of Veritas Backup Exec Remote Agent installed on the remote Windows host is 16.x prior to 21.2. It is, therefore, affected by multiple vulnerabilities, as follows: - An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires...
iLO 3 < 1.90 / iLO 4 < 2.61 / iLO 5 < 1.35 Remote Code Execution Vulnerability (HPESBHF03866)
A remote command execution vulnerability exists in HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 iLO 4 prior to v2.61, HPE Integrated Lights-Out 3 iLO 3 prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure...