MS KB2905247: Insecure ASP.NET Site Configuration Could Allow Elevation of Privilege

The version of the .NET Framework installed on the remote Windows host is affected by a privilege escalation vulnerability that allows a remote attacker to inject and execute arbitrary code in the context of the service account for the ASP.NET server. This advisory was re-released on September 9,...

Oracle Linux 4 : kernel (ELSA-2009-1671)

From Red Hat Security Advisory 2009:1671 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9692)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9692 advisory. 5.4.17-2136.309.5.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460937 CVE-2022-2588 Tenable has extract...

Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)

Spring MVC and Spring WebFlux applications, when packaged as a traditional WAR file, running on JDK version 9 and higher in an Apache Tomcat servlet container and exposing one or more endpoints with DataBinder enabled, suffer from a Remote Code Execution RCE vulnerability. By crafting a specific...

Foxit PDF Reader < 11.2.1 Multiple Vulnerabilities

According to its version, the Foxit PDF Reader application previously named Foxit Reader installed on the remote Windows host is prior to 11.2.1. It is, therefore affected by multiple vulnerabilities: - Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204...

CentOS 7 : binutils (RHSA-2021:4033)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4033 advisory. - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control...

Debian DLA-2753-1 : qemu - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2753 advisory. - A flaw was found in the USB redirector device usb-redir of QEMU. Small USB packets are combined into a single, large transfer request, to reduce the overhead and...

Amazon Linux AMI : kernel (ALAS-2020-1437)

The version of kernel installed on the remote host is prior to 4.14.200-116.320. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1437 advisory. In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and...

EulerOS 2.0 SP2 : systemd (EulerOS-SA-2019-1060)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling CVE-2018-15688 - systemd: stack overflow when calling syslog from ...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2018-4269)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4269 advisory. - scsi: libsas: fix memory leak in sassmpgetphyevents Jason Yan Orabug: 27927686 CVE-2018-7757 Tenable has extracted the preceding description block directl...

openSUSE Security Update : the Linux Kernel (openSUSE-2017-891)

The openSUSE Leap 42.2 kernel was updated to 4.4.79 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-7542: The ip6find1stfragopt function in net/ipv6/outputcore.c in the Linux kernel allowed local users to cause a denial of service integer overflow and...

RHEL 6 : kernel-rt (RHSA-2015:1976)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1976 advisory. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's VFS subsystem...

CiscoWorks Common Services HTTP Response Splitting

The version of CiscoWorks Common Services on the remote host has an HTTP response splitting vulnerability. Common Services is a framework included with several Cisco products. Input to the 'URL' parameter of Autologin.jsp is not properly sanitized. A remote attacker could exploit this by tricking...

Oracle Java JDK / JRE 7 < Update 17 Remote Code Execution

Binary data 6711.prm...

Ubuntu 11.04 / 11.10 : firefox vulnerabilities (USN-1277-1)

Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this fl...

Apache Tomcat < 4.1.40 / 5.5.28 / 6.0.20 Multiple Vulnerabilities

According to its self-reported version number, the Apache Tomcat server listening on the remote host is prior to 4.1.40, 5.5.28, or 6.0.20. It is, therefore, affected by the following vulnerabilities : - The remote server is affected by a directory traversal vulnerability if a RequestDispatcher...

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.7 Security update (Important) (RHSA-2022:6821)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6821 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

Rocky Linux 8 : kernel-rt (RLSA-2022:5834)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5834 advisory. - net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root because an...

Amazon Corretto Java 17.x < 17.0.1.12.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 17 17.0.1.12.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2021-Oct-19 advisory. - security-libs/javax.net.ssl CVE-2021-35550, CVE-2021-35578, CVE-2021-35603 -...

SUSE SLES15 Security Update : kernel (Live Patch 7 for SLE 15 SP2) (SUSE-SU-2021:2387-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2387-1 advisory. This update for the Linux Kernel 5.3.18-2437 fixes several issues. The following security issues were fixed: - CVE-2021-0512: Fixed a possible...

Photon OS 3.0: Libxml2 PHSA-2021-3.0-0246

An update of the libxml2 package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0246. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Fedora 31 : 2:samba (2020-a1d139381a)

Security fixes for CVE-2020-1472 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1516)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The hi3660stubclkprobe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows loca...

Security Updates for Microsoft .NET Framework (September 2018)

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability : - A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this...

RHEL 7 : Red Hat JBoss Core Services (RHSA-2017:2709)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2709 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

F5 TLS Session Ticket Implementation Remote Memory Disclosure (Ticketbleed) (uncredentialed check)

Based on its response to a resumed TLS connection, the remote service appears to be affected by an information disclosure vulnerability, known as Ticketbeed, in the TLS Session Ticket implementation. The issue is due to the server incorrectly echoing back 32 bytes of memory, even if the Session I...

MS KB3155527: Update to Cipher Suites for FalseStart

The remote Windows host is affected by a cipher downgrade vulnerability in FalseStart due to allowing TLS clients to send application data before receiving and verifying the server 'Finished' message. A man-in-the-middle attacker can exploit this to force a TLS client to encrypt the first flight ...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3035)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3035 advisory. - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 - xen/pciback: Don't disable PCICOMMAND on PCI...

Oracle Linux 6 / 7 : glibc (ELSA-2015-0092)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-0092 advisory. - Fix parsing of numeric hosts in gethostbynamer CVE-2015-0235, 1183535. - Fix wordexp to honour WRDENOCMD CVE-2014-7817, 1170118 - Remove gconv...

CentOS 5 : kernel (CESA-2011:1212)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6943)

This update adds support for RFC5746 TLS renegotiations to address vulnerabilities tracked as CVE-2009-3555. It also fixes a mishandling of OOM conditions in bnwexpand. CVE-2009-3245 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

MySQL Community Server 5.0 < 5.0.67 Multiple Vulnerabilities

The version of MySQL Community Server 5.0 installed on the remote host is before 5.0.66. Such versions are reportedly affected by the following issues : - When using a FEDERATED table, a local server could be forced to crash if the remote server returns a result with fewer columns than expected B...

WordPress Trackback 'wp-trackback.php' 'tb_id' Parameter SQL Injection

The version of WordPress on the remote host fails to properly sanitize input to the 'tbid' parameter of the 'wp-trackback.php' script before using it in database queries. An unauthenticated, remote attacker can leverage this issue to launch SQL injection attacks against the affected application,...

KB5027222: Windows 10 version 1809 / Windows Server 2019 Security Update (June 2023)

The remote Windows host is missing security update 5027222. It is, therefore, affected by multiple vulnerabilities - Windows Pragmatic General Multicast PGM Remote Code Execution Vulnerability CVE-2023-29363, CVE-2023-32014, CVE-2023-32015 - Windows Collaborative Translation Framework Elevation o...

NVIDIA Linux GPU Display Driver (Aug 2022)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities: - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where a local user with basic capabilities can cause...

McAfee Agent < 5.7.6 Multiple Vulnerabilities (SB10382)

The version of McAfee Agent, formerly McAfee ePolicy Orchestrator ePO Agent, installed on the remote host is prior to 5.7.6. It is, therefore, affected by the following vulnerabilities: - A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged use...

F5 BIG-IP RCE (CVE-2021-22986)

Binary data f5cve-2021-22986.nbin...

RHEL 7 : nss-softokn (RHSA-2020:1267)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1267 advisory. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Security Fixes: nss: Out-of-bounds write when...

Amazon Linux AMI : php72, php73 (ALAS-2020-1339)

The version of php72 installed on the remote host is prior to 7.2.26-1.19. The version of php73 installed on the remote host is prior to 7.3.13-1.22. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1339 advisory. In PHP versions 7.2.x below 7.2.26, 7.3.x belo...

F5 Networks BIG-IP : Linux kernel vulnerability (K61429540)

The tcpv6synrecvsock function in net/ipv6/tcpipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9077 Impact This...

PHP 5.6.x < 5.6.37 exif_thumbnail_extract() DoS

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.37. It is, therefore, affected by a denial of service vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

PHP 7.3.0 [alpha|beta] < 7.3.0 Multiple vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.3.0 alpha|beta prior to 7.3.0. It is, therefore, affected by multiple vulnerabilities: - An arbitrary command injection vulnerability exists in the imapopen function due to improper filters for mailbox names prior t...

Oracle VM VirtualBox 5.1.x < 5.1.32 / 5.2.x < 5.2.6 (January 2018 CPU)

The version of Oracle VM VirtualBox running on the remote host is 5.1.x prior to 5.1.32 or 5.2.x prior to 5.2.6. It is, therefore, affected by multiple vulnerabilities as noted in the January 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for addition...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3635)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3635 advisory. - sched: panic on corrupted stack end Jann Horn Orabug: 24971921 CVE-2016-1583 - ecryptfs: forbid opening files without mmap handler Jann Horn Orabug:...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3099-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3099-2 advisory. USN-3099-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

RHEL 6 / 7 : java-1.7.0-openjdk (RHSA-2015:1920)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1920 advisory. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple...

RHEL 6 : java-1.6.0-openjdk (RHSA-2010:0865)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0865 advisory. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. defaultReadObject of the...

HP OpenView BBC Service Detection

The remote host appears to be running an HP OpenView product. This specific service is an HTTP server. By sending special requests version, info, status, ping, services, ..., it is possible to obtain information about the remote host. C Tenable Network Security, Inc. include"compat.inc"; if...

Security Updates for Microsoft ASP.NET Core (October 2023)

The version of ASP.NET core installed on the remote host is affected by a denial of service DoS vulnerability. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October...

SUSE SLES12: kernel-livepatch-4_12_14-150000_150_92-default / etc (SUSE-SU-2022:2762-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2762-1 advisory. This update for the Linux Kernel 4.12.14-122121 fixes several issues. The following security issues were fixed: - CVE-2022-1679: Fixed...