Oracle Java SE 1.7.0_251 / 1.8.0_241 / 1.11.0_6 / 1.13.0_2 Multiple Vulnerabilities (Jan 2020 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 251, 8 Update 241, 11 Update 6, or 13 Update 2. It is, therefore, affected by multiple vulnerabilities: - Oracle Java SE and Java SE Embedded are prone to a severe division by zero,...

KB4512497: Windows 10 August 2019 Security Update

The remote Windows host is missing security update 4512497. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call ALPC. An attacker who successfully exploited this...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4062)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4062 advisory. - fork: fix incorrect fput of -exefile causing use-after-free Eric Biggers Orabug: 27290198 CVE-2017-17052 - KVM: x86: fix singlestepping over...

RHEL 6 : kernel (RHSA-2018:0022)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0022 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: An industry-wide issue was found in th...

KB4056891: Windows 10 Version 1703 January 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4056891 or 4057144. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to...

SSH Commands Ran With Privilege Escalation

The remote host required a privilege escalation in order to run one or more SSH commands, or a privilege escalation was forced by a plugin for one or more SSH commands. Note that this plugin only reports if 'Attempt least privilege' is enabled in the scan policy. TRUSTED...

CentOS 6 / 7 : samba (CESA-2017:1270) (SambaCry)

An update for samba is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

RHEL 7 : httpd (RHSA-2017:0906)

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

SUSE SLES12 Security Update : kernel (SUSE-SU-2016:3197-1)

This update for the Linux Kernel 3.12.60-5254 fixes several issues. The following security bugs were fixed : - CVE-2016-8655: A race condition in the afpacket packetsetring function could be used by local attackers to crash the kernel or gain privileges bsc1012759. - CVE-2016-9555: The sctpsfootb...

Scientific Linux Security Update : poppler on SL5.x i386/x86_64

Multiple integer overflow flaws were found in poppler. An attacker could create a malicious PDF file that would cause applications that use poppler such as Evince to crash or, potentially, execute arbitrary code when opened. CVE-2009-0147, CVE-2009-1179, CVE-2009-1187, CVE-2009-1188 Multiple buff...

Microsoft Windows SMB Registry : Winreg Registry Key Detection

The registry key HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\Winreg is missing. This key allows you to define what can be viewed in the registry by non administrators. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10431; scriptversion"$Revision: 1.31 $";...

Oracle WebLogic Server (January 2025 CPU)

The 12.2.1.4.0, 14.1.1.0.0, and 14.1.2.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2025 CPU advisory. - Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to...

Jenkins LTS < 2.440.3 / Jenkins weekly < 2.452

According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.440.3 or Jenkins weekly prior to 2.452. It is, therefore, affected by a vulnerability: - The SSH transport protocol with certain OpenSSH extensions, found in OpenSS...

Dell Wyse Management Suite < 3.6.1 Multiple Vulnerabilities (DSA-2022-098)

The version of Dell Wyse Management Suite installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the DSA-2022-098 advisory. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to...

F5 Networks BIG-IP : OpenSSL vulnerability (K19559038)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K19559038 advisory. ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the...

RHEL 7 : kernel (RHSA-2021:3438)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3438 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in route4change in...

SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1211-1)

The SUSE Linux Enterprise 15 SP2 kernel RT was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was known to b...

Amazon Linux AMI : git (ALAS-2020-1413)

The version of git installed on the remote host is prior to 2.18.4-2.71. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1413 advisory. Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host...

Oracle Linux 7 : openssl (ELSA-2018-3221)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3221 advisory. - fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA - fix CVE-2017-3735 - possible one byte overread with X.509 IPAdressFamily - fi...

OS Security Patch Assessment Checks Not Supported

OS Security Patch Assessment is not available for this host because the checks may be infeasible or are not supported by Nessus. The credentials supplied in the scan policy may have been successful, but OS Security Patch Assessment cannot be performed at this time. C Tenable Network Security, Inc...

KB4103729: Security update for Adobe Flash Player (May 2018)

The remote Windows host is missing security update KB4103729. It is, therefore, affected by multiple remote code execution vulnerabilities in Adobe Flash Player. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid109609; scriptversion"1.7"; scriptcvsdate"Date: 2019/11/08...

openSUSE Security Update : libqt5-qtbase (openSUSE-2016-613)

This update for libqt5-qtbase fixes the following issues : - boo865241: disable RC4 based ciphers which are now considered insecure The following non-security bugs were fixed : - boo957006: dolphin freeze when opening a folder containing symlinks to special files %NASLMINLEVEL 70300 C Tenable...

MS KB3050995: Improperly Issued Digital Certificates Could Allow Spoofing (deprecated)

The remote host is missing KB3050995, KB2677070 automatic updater, or the latest disallowed certificate update using KB2813430 manual updater. If KB2677070 has been installed, it has not yet obtained the latest auto-updates. Note that this plugin checks that the updaters have actually updated the...

openSUSE Security Update : libpng-devel (openSUSE-SU-2010:0594-1)

Specially crafted png files could cause crashes or even execution of arbitrary code in applications using libpng to process such files CVE-2010-1205, CVE-2010-2249. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

MS10-054: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214) (remote check)

The remote host is affected by several vulnerabilities in the SMB server that may allow an attacker to execute arbitrary code or perform a denial of service against the remote host. These vulnerabilities depend on access to a shared drive, but do not necessarily require credentials. C Tenable...

FTP Server Traversal Arbitrary File Access

The remote FTP server allows users to browse the entire remote disk by issuing commands with traversal style characters. An attacker could exploit this flaw to gain access to arbitrary files. TRUSTED...

Node.js Module vm2 < 3.9.16 Sandbox Breakout

There exists a vulnerability in source code transformer exception sanitization logic of vm2 for versions up to 3.9.15, allowing attackers to bypass handleException and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. A threat actor c...

OpenSSL 1.0.2 < 1.0.2zd Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.0.2zd. It is, therefore, affected by a vulnerability as referenced in the 1.0.2zd advisory. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli...

PHP 7.3.x < 7.3.33 Local File Inclusion

According to its self-reported version number, the version of PHP running on the remote web server is 7.3.x prior to 7.3.33, 7.4.x prior to 7.4.26 or 8.0.x prior to 8.0.13. It is, therefore, affected by a local file inclusion vulnerability due to NULL byte special character breaking the path in x...

SonicWall SonicOS Buffer Overflow Vulnerability

According to its self-reported version, the remote SonicWall firewall is running a version of SonicOS that is affected by a buffer overflow vulnerability, allowing a remote attacker to cause Denial of Service DoS, and potentially execute arbitrary code by sending a malicious request to the...

LibreOffice < 6.2.7 / 6.3.x < 6.3.1 Multiple Vulnerabilities (Windows)

The version of LibreOffice installed on the remote Windows host is prior to 6.2.7 or 6.3.x prior to 6.3.1. It is, therefore, affected by the following vulnerabilities: - A directory traversal vulnerability resulting from a feature in LibreOffice which allows documents to specify pre-installed...

NewStart CGSL MAIN 4.05 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0136)

The remote NewStart CGSL host, running version MAIN 4.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...

RHEL 7 : kernel (RHSA-2018:1852)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

MS17-016: Security Update for Windows IIS (4013074)

The remote Windows host is missing a security update. It is, therefore, affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code i...

freeFTPd / freeSSHd SFTP Authentication Bypass

The SFTP server included with freeFTPd or freeSSHd has an authentication bypass vulnerability. Authentication can be bypassed by opening an SSH channel before any credentials are provided. A remote, unauthenticated attacker could exploit this to login without providing credentials. After logging...

Hydra: POP3

This plugin runs Hydra to find POP3 accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...

osTicket Detection

osTicket was detected on the remote host. TRUSTED...

Novonyx Web Server Multiple Sample Application Files Present

Novell NetWare default Novonyx web server files. A default installation of Novell 5.x will install the Novonyx web server. Numerous web server files included with this installation could reveal system information. This script was written by David Kyger See the Nessus Scripts License for details...

Microsoft OneNote Spoofing(June 2023)

The Microsoft OneNote Products are missing a security update. It is, therefore, affected by a spoofing vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable Network Security, Inc...

Security Updates for Microsoft Office Products C2R RCE (August 2022)

The Microsoft Office Products are missing security updates. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for this issue but has instead relied...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:2107-1)

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-15780: A lockdown bypass for loading unsigned modules using ACPI table injection was fixed. bsc1173573 CVE-2020-15393: Fixed a memory leak in...

OracleVM 3.4 : openssl (OVMSA-2019-0040)

The remote OracleVM system is missing necessary patches to address critical security updates : - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 - Avoid out-of-bounds read. Fixes CVE-2017-3735. By Rich Salz -...

Mozilla Firefox ESR < 60.7

The version of Firefox ESR installed on the remote Windows host is prior to 60.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-14 advisory. - A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This...

Photon OS 1.0: Linux / Openssh PHSA-2016-0014 (deprecated)

An update of openssh , linux packages for PhotonOS has been released. File data PhotonOSPHSA-2016-0014.nasl...

Mozilla Firefox < 56.0

The version of Firefox installed on the remote Windows host is prior to 56.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-21 advisory. - Mozilla developers and community members Christian Holler, Jason Kratzer, Tobias Schneider, Tyson Smith, David Keeler,...

SUSE SLED12 / SLES12 Security Update : bash (SUSE-SU-2016:2872-1) (Shellshock)

This update for bash fixes the following issues : - CVE-2016-7543: Local attackers could have executed arbitrary commands via specially crafted SHELLOPTS+PS4 variables bsc1001299 - CVE-2016-0634: Malicious hostnames could have allowed arbitrary command execution when $HOSTNAME was expanded in the...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3596)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-3596 advisory. - KEYS: potential uninitialized variable Dan Carpenter Orabug: 24402831 CVE-2016-4470 - vfs: add vfsselectinode helper Miklos Szeredi Orabug:...

SSL Certificate Chain Contains Weak RSA Keys

At least one of the X.509 certificates sent by the remote host has a key that is shorter than 1024 bits. Such keys are considered weak due to advances in available computing power decreasing the time required to factor cryptographic keys. Some SSL implementations, notably Microsoft's, may conside...

Link-Local Multicast Name Resolution (LLMNR) Detection

The remote device answered to a Link-local Multicast Name Resolution LLMNR request. This protocol provides a name lookup service similar to NetBIOS or DNS. It is enabled by default on modern Windows versions. TRUSTED...

HP Mercury LoadRunner Agent Remote Command Execution

The version of the LoadRunner Agent installed on the remote host allows an unauthorized attacker to execute arbitrary commands on the remote system provided 'Secure Channel' is disabled which is disabled by default. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...