337440 matches found
Oracle Java SE Multiple Vulnerabilities (October 2014 CPU)
The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 8 Update 25, 7 Update 71, 6 Update 85, or 5 Update 75. It is, therefore, affected by security issues in the following components : - 2D - AWT - Deployment - Hotspot - JAXP - JSSE - JavaFX -...
WordPress 6.2.x < 6.2.6 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A Cross-Site Scripting XSS vulnerability affecting the HTML API. - A Cross-Site Scripting XSS vulnerability affecting the Template Part block. - A path traversal issue...
KB4093119: Windows 10 Version 1607 and Windows Server 2016 April 2018 Security Update
The remote Windows host is missing security update 4093119. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. CVE-2018-1009 - A security feature bypass...
MoinMoin rsslink() Function page_name Parameter XSS
The MoinMoin install hosted on the remote web server fails to properly sanitize user-supplied input in the 'pagename' parameter when creating an rss link. An attacker may be able to leverage this issue to inject arbitrary HTML and script code into a user's browser to be executed within the securi...
Adobe Reader Unsupported Version Detection
According to its self-reported version, the installation of Adobe Reader on the remote Windows host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C Tenable...
SuSE 10 Security Update : xpdf (ZYPP Patch Number 7190)
A specially crafted PDF files could crash xpdf or potentially even cause execution of arbitrary code. CVE-2010-3702 / CVE-2010-3703 / CVE-2010-3704 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
Microsoft FrontPage Extensions Check
The remote web server appears to be running with the FrontPage extensions. FrontPage allows remote web developers and administrators to modify web content from a remote location. While this is a fairly typical scenario on an internal local area network, the FrontPage extensions should not be...
AlmaLinux 8 : httpd:2.4 (ALSA-2021:3816)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:3816 advisory. httpd: modproxy: SSRF via a crafted request uri-path containing unix: CVE-2021-40438 httpd: modsession: Heap overflow via a crafted SessionHeader value...
7-Zip < 18.05 Memory Corruption Arbitrary Code Execution
The version of 7-Zip installed on the remote Windows host contains a flaw in the NArchive::NRar::CHandler::Extract method in Archive/Rar/RarHandler.cpp. The issue is triggered as certain input is not properly validated when performing 'solid' decompression of a RAR archive. With a specially craft...
RHEL 6 / 7 : samba (RHSA-2017:1270) (SambaCry)
An update for samba is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Unsupported Microsoft DNS Server Detection
Nessus detected a version of Microsoft DNS server listening on the remote host that belongs to an unsupported version of Windows. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C...
KB5015807: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (July 2022)
The remote Windows host is missing security update 5015807. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2022-22024, CVE-2022-22027,...
MariaDB 10.2.0 < 10.2.44 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.2.44. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.2.44 advisory. - MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component...
Microsoft Exchange Server Authentication Bypass
Binary data exchangecve-2021-26855.nbin...
Oracle Database Server Multiple Vulnerabilities (Apr 2020 CPU)
The remote Oracle Database Server is missing the April 2020 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities: - Vulnerability in the Oracle Multimedia component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3742-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3742-1 advisory. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core...
MS14-025: Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege (2962486)
The remote Windows host is potentially affected by a vulnerability in the way that Active Directory distributes passwords that are configured using Group Policy preferences. This could allow a remote attacker to retrieve and decrypt passwords stored with Group Policy preferences. The following...
Office Viewer Component < 5.0 Multiple Vulnerabilities
The remote host contains the Office Viewer Component, an ActiveX control for working with Microsoft Office documents. The version of this control installed on the remote host contains a buffer overflow in its 'HttpDownloadFile' method that could be exploited to execute arbitrary code remotely if ...
MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution (921883)
The remote host is vulnerable to a buffer overrun in the 'Server' service that could allow an attacker to execute arbitrary code on the remote host with 'SYSTEM' privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid22182; scriptversion"1.32"; scriptcvsdate"Date...
jQuery UI < 1.13.2 Cross-Site Scripting
According to its self-reported version number, jQuery UI is prior to 1.13.2. It is, therefore, affected by a Cross-Site Scripting when refreshing a checkboxradio with an HTML-like initial text label CVE-2022-31160 Note that the scanner has not tested for these issues but has instead relied only o...
openSUSE 15 Security Update : apache2 (openSUSE-SU-2021:1438-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1438-1 advisory. - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...
KB4088880: Windows Server 2012 March 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4088880 or cumulative update 4088877. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local...
HP System Management Homepage < 6.3 Multiple Vulnerabilities
According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote host is earlier than 6.3. Such versions are reportedly affected by the following vulnerabilities : - An error exists in the function 'fnmatch' in the bundled version of PHP that can lead to...
Terminal Services Encryption Level is not FIPS-140 Compliant
Binary data fipsrdp.nbin...
OS Identification : Telnet
Nessus was able to identify the remote operating system based on the telnet banner. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid29831; scriptversion"1.103"; scriptsetattributeattribute:"pluginmodificationdate",...
PHP 8.1.x < 8.1.16 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 8.0.x prior to 8.0.28, 8.1.x prior to 8.1.16, or 8.2.x prior to 8.2.3. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS attack due to insufficient validation of...
Default Password '54321' for 'admin' Account
The account 'admin' on the remote host has the default password '54321'. A remote attacker can exploit this issue to gain administrative access to the affected system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "admin"; password = "54321"; include'deprecatednasllevel.inc';...
MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution (3000061)
The remote Windows host is affected by multiple vulnerabilities : - A privilege escalation vulnerability allows an attacker to run arbitrary code in kernel mode due to the kernel-mode driver improperly handling objects in memory. CVE-2014-4113 - A remote code execution vulnerability allows a remo...
Fortinet FortiClient OpenSSL Security Bypass
FortiClient, a client-based software solution intended to provide security features for enterprise computers and mobile devices, is installed on the remote Windows host. The installed FortiClient version uses a vulnerable OpenSSL library that contains a flaw with the handshake process. The flaw...
IPSEC Internet Key Exchange (IKE) Version 2 Detection
The remote host seems to be enabled to do Internet Key Exchange IKE. This is typically indicative of a VPN server. VPN servers are used to connect remote hosts into internal resources. Make sure that the use of this VPN endpoint is done in accordance with your corporate security policy. Note that...
CGI Generic Remote File Inclusion
The remote web server hosts CGI scripts that fail to adequately sanitize request strings. By leveraging this issue, an attacker may be able to include a remote file from a remote server and execute arbitrary commands on the target host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
X Font Service Crafted XFS Query Remote Overflow
The remote X Font Service xfs is affected by a buffer overflow. An attacker may use this flaw to gain shell access on the remote host as 'root' or 'nobody'. C Tenable Network Security, Inc. It turns out the initial revision of this script would not crash all versions of the font service...
WordPress 5.8.x < 5.8.2 Expired DST Root CA X3 Certificate
According to its self-reported version number, the detected WordPress application is affected by an expired certificate. The wordpress/wp-includes/certificates/ca-bundle.crt file still contains the DST Root CA X3 expired certificate. Note that the scanner has not tested for these issues but has...
Amazon Linux 2 : kernel, --advisory ALAS2-2021-1685 (ALAS-2021-1685)
The version of kernel installed on the remote host is prior to 4.14.238-182.421. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1685 advisory. A vulnerability was found in the bluez, where Passkey Entry protocol used in Secure Simple Pairing SSP, Secure...
OpenSSL 1.0.2b < 1.0.2o Vulnerability
The version of OpenSSL installed on the remote host is prior to 1.0.2o. It is, therefore, affected by a vulnerability as referenced in the 1.0.2o advisory. - Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input...
OpenSSL Version Detection
Nessus was able to extract the OpenSSL version from the web server's banner. Note that security patches in many cases are backported and the displayed version number does not show the patch level. Using it to identify vulnerable software is likely to lead to false detections. C Tenable, Inc...
Horde go.php url Parameter Arbitrary File Access
The version of Horde installed on the remote host fails to validate input to the 'url' parameter of the 'services/go.php' script before using it to read files and return their contents. An unauthenticated attacker may be able to leverage this issue to retrieve the contents of arbitrary files on t...
Invision Power Board Software Detection
The remote host is running Invision Power Board , a suite of PHP scripts for operating a web-based bulletin board system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17203; scriptversion"1.19"; scriptsetattributeattribute:"pluginmodificationdate",...
TFTP Daemon Detection
The remote host is running a TFTP Trivial File Transfer Protocol daemon. TFTP is often used by routers and diskless hosts to retrieve their configuration. It can also be used by worms to propagate. C Tenable Network Security, Inc. Revised 19/02/05 by Martin O'Neal of Corsaire to make the detectio...
Amazon Linux AMI : glibc (ALAS-2022-1576)
The version of glibc installed on the remote host is prior to 2.17-324.189. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1576 advisory. A stack based buffer-overflow vulnerability was found in the deprecated compatibility function svcunixcreate in the...
EulerOS 2.0 SP2 : openssl (EulerOS-SA-2021-1338)
According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL...
EulerOS 2.0 SP2 : ImageMagick (EulerOS-SA-2021-1305)
According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service use-after-free and application crash or...
NewStart CGSL MAIN 4.05 : gnutls Multiple Vulnerabilities (NS-SA-2019-0109)
The remote NewStart CGSL host, running version MAIN 4.05, has gnutls packages installed that are affected by multiple vulnerabilities: - Stack-based buffer overflow in the cdkpkgetkeyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have...
Security Updates for Windows 10 / Windows Server 2016 / Windows Server 2019 (March 2019) (Spectre) (Meltdown) (Foreshadow)
The remote Windows host is missing a security update. It is, therefore, missing microcode updates to address the following vulnerabilities: - Spectre Variant 3a CVE-2018-3640: Rogue System Register Read RSRE. - Spectre Variant 4 CVE-2018-3639: Speculative Store Bypass SSB - L1TF CVE-2018-3620,...
PHP 5.6.x < 5.6.35 Security Bypass Vulnerability
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.35. It is, therefore, affected by a security bypass vulnerability. Dumpable FPM child processes allow bypassing opcache access controls because fpmunix.c makes a PRSETDUMPABLE prctl call, allowing o...
MySQL 5.7.x < 5.7.24 Multiple Vulnerabilities (Oct 2018 CPU) (Jul 2019 CPU)
The version of MySQL running on the remote host is 5.7.x prior to 5.7.24 It is, therefore, affected by multiple vulnerabilities as noted in the October 2018 and July 2019 Critical Patch Update advisories. Please consult the CVRF details for the applicable CVEs for additional information. Note tha...
Security Updates for Windows Server 2008 (May 2018)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the Credential Security Support Provider protocol CredSSP. An attacker who successfully exploits this vulnerability could relay user...
Cisco IOS DHCP Multiple Vulnerabilities
According to its self-reported version, the Cisco IOS software running on the remote device is affected by multiple denial of service vulnerabilities in the DHCP client implementation when parsing DHCP packets. An unauthenticated, remote attacker can exploit these issues, via specially crafted DH...
Windows 8.1 and Windows Server 2012 R2 May 2017 Security Updates
The remote Windows host is missing security update 4019213 or cumulative update 4019215. It is, therefore, affected by multiple vulnerabilities : - A security bypass vulnerability exists in Internet Explorer due to an unspecified flaw. An unauthenticated, remote attacker can exploit this, by...
TLS Version 1.0 Protocol Detection (PCI DSS)
The remote service accepts connections encrypted using TLS 1.0. This version of TLS is affected by multiple cryptographic flaws. An attacker can exploit these flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected service and clients. C Tenable Network...