337440 matches found
NFS Server Superfluous
The remote NFS server is not exporting any shares. Running an unused service unnecessarily increases the attack surface of the remote host. C Tenable Network Security, Inc. Get the export list of the remote host and warns the user if a NFS share is exported to the world. include 'compat.inc' ;...
KB5015862: Windows 7 and Windows Server 2008 R2 Security Update (July 2022)
The remote Windows host is missing security update 5015862 or cumulative update 5015866. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
openSUSE Security Update : webkit2gtk3 (openSUSE-2021-637)
This update for webkit2gtk3 fixes the following issues : - Update to version 2.32.0 bsc1184155 : - Fix the authentication request port when URL omits the port. - Fix iframe scrolling when main frame is scrolled in async - scrolling mode. - Stop using gmemdup. - Show a warning message when...
SolarWinds Orion Platform < 2020.2.1 HF2 Multiple Vulnerabilities
According to its self-reported version number, the version of SolarWinds Orion Platform is prior to 2020.2.1 hot fix 2. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability exists in the ExecuteVBScript method due to improper validation of a user-supplie...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3762-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3762-1 advisory. It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to...
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2018-4195)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4195 advisory. - ipv4: frags: handle possible skb truesize change Eric Dumazet Orabug: 28481663 CVE-2018-5391 - inet: frag: enforce memory limits earlier Eric Dumazet...
Check Point Gaia Operating System < R77.20 Multiple NTP Client Vulnerabilities (sk103825)
The remote host is running a version of Gaia Operating System that is prior to R77.20 and thus, is potentially affected by multiple NTP client vulnerabilities. Note that NTP client is disabled by default. Further note that if the vendor's suggested mitigations are in place, this can be considered...
Cisco IOS Cluster Management Protocol Telnet Option Handling RCE (cisco-sa-20170317-cmp) (destructive check)
The remote device is affected by a remote code execution vulnerability in the Cluster Management Protocol CMP subsystem due to improper handling of CMP-specific Telnet options. An unauthenticated, remote attacker can exploit this by establishing a Telnet session with malformed CMP-specific telnet...
MS KB2982792: Improperly Issued Digital Certificates Could Allow Spoofing
The remote host is missing KB2982792, KB2677070 automatic updater, or the latest disallowed certificate update using KB2813430 manual updater. If KB2677070 is installed, it is missing the latest auto-updates. Note that this plugin checks that the updaters have actually updated the disallowed CTL...
Quikstore Shopping Cart quikstore.cgi Multiple Vulnerabilities
The CGI 'quickstore.cgi' is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the HTTP daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10712...
WordPress 6.1.x < 6.1.3 Shortcode Execution
According to its self-reported version number, the detected WordPress application is affected by a shortcode execution in user generated content. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...
RHEL 8 : java-1.8.0-openjdk (RHSA-2022:5700)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5700 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
KB5005568: Windows 10 Version 1809 and Windows Server 2019 September 2021 Security Update
The remote Windows host is missing security update 5005568. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2021-36954, CVE-2021-36955, CVE-2021-36963, CVE-2021-36964, CVE-2021-36966,...
KB5004945: Windows 10 2004 / 20H2 / 21H1 OOB Security Update RCE (July 2021)
A remote command execution vulnerability exists in Windows Print Spooler service improperly performs privileged file operations. An authenticated, remote attacker can exploit this to bypass and run arbitrary code with SYSTEM privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Nessus Launched Plugin List
This plugin displays the list of launched plugins in a semicolon delimited list. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid112154; scriptversion"1.4"; scriptcvsdate"Date: 2018/09/24 10:11:01"; scriptnameenglish:"Nessus Launched Plugin List";...
AIX Java Advisory : java_april2016_advisory.asc (April 2016 CPU)
The version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities in the following components : - 2D - Deployment - Hotspot - JCE - JMX - JVM - ORB - SDK - Serialization %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
PHP 5.6.x < 5.6.13 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.13. It is, therefore, affected by multiple vulnerabilities : - A directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/phpzip.c could allow a remote attacker to create...
MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) (remote check)
The version of Windows DNS server running on the remote host has a memory corruption vulnerability that can be triggered by making a specially crafted NAPTR query. This could allow an attacker to write arbitrary data to the heap and potentially execute arbitrary code. Note that upstream servers m...
SuSE 11.1 Security Update : IBM Java (SAT Patch Number 4875)
IBM Java 1.6.0 SR9-FP2 fixes several of bugs and thew following security issues : - An unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start...
rsh NULL Login Remote Privilege Escalation
It is possible to execute arbitrary command on this host using rsh by supplying a NULL username. C Tenable Network Security, Inc. include"compat.inc"; include"dataprotection.inc"; ifdescription scriptid10096; scriptversion "1.17"; scriptcvsdate"Date: 2018/08/13 14:32:36";...
RHEL 7 : curl (CVE-2022-43552)
The remote Red Hat Enterprise Linux 7 host has a curl package installed that is affected by a vulnerability: - A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunne...
ESXi 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2021-0014)
The remote VMware ESXi host is version 6.5, 6.7 or 7.0 and is affected by multiple vulnerabilities: - SFCB Small Footprint CIM Broker as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB...
CentOS 7 : php (RHSA-2020:1112)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1112 advisory. - An issue was discovered in ext/phar/pharobject.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is...
Ubuntu 16.04 LTS / 18.04 LTS : OpenJDK vulnerabilities (USN-3975-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3975-1 advisory. It was discovered that the BigDecimal implementation in OpenJDK performed excessive computation when given certain values. An attacker could...
Security Updates for Microsoft Office Products (October 2017)
The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - Microsoft has released an update for Microsoft Office that provides enhanced security as a defense-in-depth measure. - A remote code execution vulnerability exists in Microsoft...
HP System Management Homepage < 6.1.0.102 / 6.1.0-103 Multiple Vulnerabilities
According to the web server banner, the version of HP System Management Homepage SMH running on the remote host is potentially affected by the following vulnerabilities : - Session renegotiations are not handled properly, which could be exploited to insert arbitrary plaintext by a...
SMB Registry : Starting the Registry Service during the scan failed
To perform a full credentialed scan, Nessus needs the ability to connect to the remote registry service RemoteRegistry. Nessus attempted to start the service but failed, therefore OS security patch assessment of the remote host will not be complete. C Tenable Network Security, Inc...
XMB < 1.9.1 Multiple XSS
The remote host is running XMB Forum, a web forum written in PHP. The version of XMB installed on the remote host is affected by several cross-site scripting issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Jenkins LTS < 2.361.1 / Jenkins weekly < 2.363
According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.361.1 or Jenkins weekly prior to 2.363. It is, therefore, affected by a vulnerability: - In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid...
Jenkins plugins Multiple Vulnerabilities (2022-06-22)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Multiple cross-site scripting XSS vulnerabilities in Jenkins 2.355 and earlier, LTS 2.332.3 and earlier allow attackers to inject HTML and...
Security Updates for Microsoft Office Web Apps (January 2022)
The Microsoft Office Web Apps installation on the remote host is missing a security update. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary code. CVE-2022-21840 %NASLMINLEVEL 70300 C...
RHEL 7 : kernel-rt (RHSA-2017:1616) (Stack Clash)
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Amazon Linux AMI : kernel (ALAS-2017-828)
Infinite recursion in ahash.c by triggering EBUSY on a full queue : A vulnerability was found in crypto/ahash.c in the Linux kernel which allows attackers to cause a denial of service API operation calling its own callback, and infinite recursion by triggering EBUSY on a full queue.CVE-2017-7618...
F5 Networks BIG-IP : SSL/TLS RC4 vulnerability (K16864) (Bar Mitzvah)
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
MS15-080 : Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3078662)
The remote Windows host is affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist due to the Windows Adobe Type Manager Library not properly handling specially crafted OpenType fonts. An attacker can exploit these, by using a crafted document or web page wit...
IBM WebSphere Application Server 8.0 < Fix Pack 10 Multiple Vulnerabilities (POODLE)
The remote host is running IBM WebSphere Application Server version 8.0 prior to Fix Pack 10. It is, therefore, affected by the following vulnerabilities : - Multiple errors exist related to the included IBM HTTP server that can allow remote code execution or denial of service. CVE-2013-5704,...
HTTP cookies import
This plugin imports cookies for all web tests. The cookie file must be in 'Netscape format'. It does not perform any test by itself. TRUSTED...
Microsoft Windows Web Media Extensions Library RCE (May 2021)
The Windows 'Web Media Extensions' app installed on the remote host is affected by a remote code execution vulnerability. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted...
CentOS 7 : sudo (RHSA-2021:0221)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0221 advisory. - Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via sudoedit -s an...
Security Updates for Exchange (February 2019)
The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - Multiple Vulnerabilites with the included libraries from Oracle Outside. CVE-2018-18223, CVE-2018-18224, CVE-2018-3147, CVE-2018-3217, CVE-2018-3218,...
SSL/TLS Services Support RC4 (PCI DSS)
At least one of the SSL or TLS services on the remote host supports the use of RC4 for encryption. RC4 does not meet the PCI definition of strong cryptography as defined by NIST Special Publication 800-57 Part 1. The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so tha...
MS15-058: Vulnerabilities in SQL Server Could Allow Remote Code Execution (3065718)
The remote Microsoft SQL Server installation is affected by multiple vulnerabilities : - A privilege escalation vulnerability exists due to the casting of pointers to an incorrect class. An authenticated, remote attacker can exploit this, via a specially crafted SQL query, to gain elevated...
Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE)
The remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.2. This update contains several security-related fixes for the following components : - bash - Bluetooth - CFNetwork Cache - CommerceKit Framework - CoreGraphics - CoreSymbolication - CPU Software - FontParser...
MS14-059: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass (2990942)
The version of ASP.NET MVC Model View Controller installed on the remote host is affected by an unspecified cross-site scripting vulnerability. A remote unauthenticated attacker could exploit this flaw to execute arbitrary script code in a user's browser subject to the privileges of the user...
Security Updates for Microsoft .NET core (May 2022)
The Microsoft .NET core installations on the remote host are missing security updates. It is, therefore, affected by multiple denial of service vulnerabilities: - A vulnerability where a malicious client can cause a denial of service via excess memory allocations through HttpClient. CVE-2022-2326...
KB5014001: Windows 8.1 and Windows Server 2012 R2 Security Update (May 2022)
The remote Windows host is missing security update 5014001. It is, therefore, affected by multiple vulnerabilities - Windows LDAP Remote Code Execution Vulnerability CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29137, CVE-2022-29139,...
EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-1148)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In drivers/target/targetcorexcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used ...
Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674) (Deprecated)
This plugin was a workaround for unpatched vulnerability CVE-2020-0674 which was patched in the Feb 2020 rollups. The plugin smbntms20febinternetexplorer.nasl plugin ID 133619 includes the check for the new patch for this vulnerability. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on...
KB4056899: Windows Server 2012 January 2018 Security Update
The remote Windows host is missing security update 4056899 or cumulative update 4056896. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver ATMFD.dll when it fails to properly handle objects in memory...
Cisco IOS XE Smart Install Protocol Misuse (cisco-sr-20170214-smi)
The remote Cisco IOS XE device has the Smart Install Feature enabled. The Smart Install SMI protocol does not require authentication by design. The absence of an authorization or authentication mechanism in the SMI protocol between the integrated branch clients IBC and the director can allow a...