Ubuntu 12.10 : linux vulnerabilities (USN-2138-1)

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

SNMP Version 3 Authentication Vulnerabilities (cisco-sa-20080610-snmpv3)

Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network Management Protocol version 3 SNMPv3 feature. These vulnerabilities can be exploited when processing a malformed SNMPv3 message. The vulnerabilities could allow the disclosure of network information...

RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2013:0823)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0823 advisory. IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several...

Default Password (nasadmin) for 'root' Account

The account 'root' on the remote host has the password 'nasadmin'. An attacker may leverage this issue to gain total control of the affected system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "root"; password = "nasadmin"; include'deprecatednasllevel.inc'; include'compat.inc';...

RHEL 6 : kernel (RHSA-2011:0421)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Apache 2.2.x < 2.2.8 Multiple Vulnerabilities (XSS, DoS)

According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.8. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting issue involving modimagemap CVE-2007-5000. - A cross-site scripting issue involving 413 error pages via a...

Oracle WebLogic Server (July 2024 CPU)

The 12.2.1.4.0 and 14.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory: - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that a...

VMware ESXi 7.0 / 8.0 Authenticaton Bypass (CVE-2024-37085)

The version of VMware ESXi installed on the remote host is prior to 8.0 Update 3. It is, therefore, affected by an authentication bypass vulnerability as referenced in the VMSA-2024-0013 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerability (USN-5634-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5634-1 advisory. Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below th...

Oracle Linux 8 : kernel (ELSA-2022-6460)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6460 advisory. - Conflict with shim-ia32 and shim-x64 = 15-11.0.5 debug: lockdown kgdb Orabug: 34270802 CVE-2022-21499 - x86/speculation/mmio: Print SMT warning Waima...

Amazon Linux 2 : java-1.8.0-amazon-corretto (ALASCORRETTO8-2021-001)

The version of java-1.8.0-amazon-corretto installed on the remote host is prior to 1.8.0312.b07-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2CORRETTO8-2021-001 advisory. No versions of an Amazon Linux Java Virtual Machine JVM are affected by CVE-2021-44228 o...

Jenkins LTS < 2.289.2 / Jenkins weekly < 2.300 Multiple Vulnerabilities

According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.289.2 or Jenkins weekly prior to 2.300. It is, therefore, affected by multiple vulnerabilities: - Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to...

SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0735-1)

The SUSE Linux Enterprise 15 SP2 kernel RT was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping XSA-365 bsc1181843. CVE-2021-26931: Fixed an issue where Linux kernel was treating...

CentOS 6 : java-1.8.0-openjdk (RHSA-2020:4348)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4348 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE:...

Oracle Linux 8 : kernel (ELSA-2020-0339)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0339 advisory. - x86 kvm: vmx: use MSRIA32TSXCTRL to hard-disable TSX on guest that lack it Paolo Bonzini 1781660 1779553 CVE-2019-19338 - x86 kvm: vmx: implement...

RancherOS < 1.4.0 Information Disclosure

The remote host is running a version of RancherOS prior to 1.4.0, hence is exposted to a side-channel vulnerabilities: - Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a...

FreeBSD : webkit2-gtk3 -- Multiple vulnerabilities (92243b6a-5775-4aea-8727-a938058df5ba)

The WebKitGTK project reports multiple vulnerabilities. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2022 Jacques Vidrine and contributors Redistribution and use in source VuXML and 'compile...

openSUSE Security Update : MozillaFirefox (openSUSE-2019-2260)

This update for MozillaFirefox to 68.1 fixes the following issues : Security issues fixed : - CVE-2019-9811: Fixed a sandbox escape via installation of malicious language pack. bsc1140868 - CVE-2019-9812: Fixed a sandbox escape through Firefox Sync. bsc1149294 - CVE-2019-11710: Fixed several memo...

Apache Tomcat 7.0.x < 7.0.91 Open Redirect Weakness

Binary data 700681.pasl...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2018:3589-1)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-18445: A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier...

RHEL 6 : java-1.8.0-ibm (RHSA-2018:1975)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1975 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

RHEL 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.23 (RHSA-2017:3476)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3476 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2017:2481)

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a...

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2017:1392-1) (SambaCry)

This update for samba fixes the following issue : - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. CVE-2017-7494, bso12780, bsc1038231 Note that Tenable...

Apple TV < 10.2 Multiple Vulnerabilities

According to its banner, the version of Apple TV on the remote device is prior to 10.2. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds read error exists in LibTIFF in the DumpModeEncode function within file tifdumpmode.c. An unauthenticated, remote attacker can exploi...

Sonatype Nexus Repository Manager Java Object Deserialization RCE

The Sonatype Nexus Repository Manager server application running on the remote host is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC library. An unauthenticated, remote attacker can exploit...

Cisco Catalyst Switches NMSP Port Information Disclosure Vulnerability (cisco-sa-20160413-nms)

The remote Cisco Catalyst switch is affected by an information disclosure vulnerability in IOS due to a failure by the Network Mobility Services Protocol NMSP daemon to require authentication. A remote attacker can exploit this, via a request to the NMSP port, to gain version information about th...

Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 8 Update 71, 7 Update 95, or 6 Update 111. It is, therefore, affected by security vulnerabilities in the following components : - 2D - AWT - JAXP - JMX - Libraries - Networking - Security...

Oracle JRockit R28 < R28.3.7 Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah) (Logjam)

The version of Oracle JRockit installed on the remote Windows host is R28 prior to R28.3.7. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the JCE component that allows a remote attacker to gain access to sensitive information. CVE-2015-2601 - An...

Cisco TelePresence Video Communication Server GNU glibc gethostbyname Function Buffer Overflow Vulnerability (GHOST)

According to its self-reported version number, the Cisco TelePresence Video Communication Server is affected by a heap-based buffer overflow vulnerability in the GNU C Library glibc due to improperly validating user-supplied input to the nsshostnamedigitsdots, gethostbyname, and gethostbyname2...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2491-1)

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 Lars Bull reported a race condition in the PIT...

RHEL 5 / 6 : glibc (RHSA-2015:0099) (GHOST)

Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat Enterprise Linux 6.4 and 6.5 Extended Update Support. Red Hat...

PHP 5.5.x < 5.5.21 Multiple Vulnerabilities

According to its banner, the version of PHP 5.5.x installed on the remote host is prior to 5.5.21. It is, therefore, affected by multiple vulnerabilities: - A double free vulnerability in the zendtshashgracefuldestroy function in zendtshash.c in the Zend Engine could allow a remote attacker to...

Oracle Linux 5 / 6 : java-1.7.0-openjdk (ELSA-2013-0247)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0247 advisory. 1.7.0.9-2.3.5.3.0.1.el63 - Update DISTRONAME in specfile 1.7.0.9-2.3.5.3.el63 - Sync logging fixes with upstream icedtea7-forest and jdk7u...

CentOS 5 : kernel (CESA-2013:0621)

Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

FreeBSD : java 7.x -- security manager bypass (d5e0317e-5e45-11e2-a113-c48508086173)

US CERT reports : Java 7 Update 10 and earlier versions of Java 7 contain a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The Java JRE plug-in provides its own Security Manager. Typically, a web applet runs with a security manage...

Mozilla Thunderbird 10.0.x < 10.0.8 Multiple Vulnerabilities

The installed version of Thunderbird 10.0.x is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. CVE-2012-3983 - Some methods of a feature used for testing...

Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20120717)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...

openSUSE Security Update : kernel (openSUSE-SU-2010:0895-2)

This security update of the SUSE Linux Enterprise 11 GA kernel updates the kernel to 2.6.27.54 and fixes various security issues and other bugs. Following security issues were fixed: CVE-2010-3310: Multiple integer signedness errors in net/rose/afrose.c in the Linux kernel allowed local users to...

RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2008:0882)

Updated SeaMonkey packages that fix a security issues are now available for Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web...

KB5094128: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (June 2026)

The remote Windows host is missing security update 5094128. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVE-2026-47291 - Heap-based buffer overflow in Remote Desktop...

MikroTik RouterOS Improper Privilege Management (CVE-2023-30799)

MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super- admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrar...

OpenSSL 3.0.0 < 3.0.10 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.10. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.10 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functio...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-2159)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege...

Security Updates for Microsoft Office Products C2R (April 2020)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries. An attacker could then install programs; view, change, or delete dat...

Sophos XG Firewall <= 18.5.3 RCE

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEV...

Oracle Linux 7 : kernel (ELSA-2021-3327)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3327 advisory. - redhat: ppc64: CONFIGRTASFILTER Aristeu Rozanski 1906443 CVE-2020-27777 - powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter Aristeu Rozanski...

openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2645-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2645-1 advisory. - An issue was discovered in Linux: KVM through Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks and can lead to pages...

Mozilla Firefox < 91.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 91.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-33 advisory. - Mozilla developers and community members Kershaw Chang, Philipp, Chris Peterson, and Sebastian Hengst reporte...

EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2021-2312)

According to the version of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'...