MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)

The remote host is running a version of Windows that is affected by multiple buffer overflow vulnerabilities when viewing TIFF, PNG, BMP, and Office files that could allow an attacker to execute arbitrary code on the remote host. Additionally, there is a GDI+ .NET API vulnerability that allows a...

RHEL 5 : tomcat (RHSA-2009:1164)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1164 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was discovered that the Red Hat Security...

Amazon Linux 2023 : gnupg2, gnupg2-minimal, gnupg2-smime (ALAS2023-2023-087)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-087 advisory. A vulnerability was found in GnuPG. This issue occurs due to an escape detection loop at the writestatustextandbuffer function in g10/cpr.c. This flaw allows a malicious actor to bypass access control...

AlmaLinux 8 : openssl (ALSA-2020:5476)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:5476 advisory. - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a...

SUSE SLED15: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-pa / etc (SUSE-SU-2021:1942-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1942-1 advisory. - Switch method of splitting off hw-s390x-virtio-gpu-ccw.so as a module to what was accepted upstream bsc1181103 - Fix OOB access in...

GLSA-202104-09 : Mozilla Thunderbird: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202104-09 Mozilla Thunderbird: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CV...

Photon OS 1.0: Nodejs10 PHSA-2021-1.0-0373

An update of the nodejs10 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0373. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Oracle WebLogic Server wls9_async_response / wls-wsat Remote Code Execution

The version of Oracle WebLogic Server installed on the remote host is affected by a remote code execution vulnerability in the WLS9-async component due to unsafe deserialization of XML encoded Java objects. An unauthenticated, remote attacker can exploit this, via a crafted Java object, to execut...

FreeBSD : Apache -- vulnerability (eb888ce5-1f19-11e9-be05-4c72b94353b5)

The Apache httpd Project reports : SECURITY: CVE-2018-17199 modsession: modsessioncookie does not respect expiry time allowing sessions to be reused. SECURITY: CVE-2019-0190 modssl: Fix infinite loop triggered by a client-initiated renegotiation in TLSv1.2 or earlier with OpenSSL 1.1.1 and later...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : OpenSSH vulnerabilities (USN-3809-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3809-1 advisory. Robert Swiecki discovered that OpenSSH incorrectly handled certain messages. An attacker could possibly use this issue to cause a...

Oracle Linux 6 : kernel (ELSA-2018-2164)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-2164 advisory. - x86 entry/64: Don't use IST entry for BP stack Waiman Long 1596113 CVE-2018-10872 - mm mempolicy: fix use after free when calling getmempolicy August...

RHEL 7 : kernel (RHSA-2018:0395)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0395 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security...

SUSE SLES11 Security Update : zlib (SUSE-SU-2016:3209-1)

This update for zlib fixes the following issues : - Incompatible declarations for external linkage function deflate bnc1003577 - CVE-2016-9842: Undefined Left Shift of Negative Number bnc1003580 - CVE-2016-9840 CVE-2016-9841: Out-of-bounds pointer arithmetic in inftrees.c bnc1003579 -...

Oracle WebLogic Server Multiple Vulnerabilities (October 2016 CPU)

The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the JMXInvokerServlet interface due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC...

MS16-035: Security Update for .NET Framework to Address Security Feature Bypass (3141780)

The remote Windows host is missing a security update. It is, therefore, affected by a security feature bypass vulnerability in the .NET Framework due to improper validation of certain elements in a signed XML document. An attacker can exploit this vulnerability to modify the contents of an XML fi...

RHEL 7 : kernel-rt (RHSA-2016:0212)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0212 advisory. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem...

Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10679) (FREAK)

According to its self-reported version number, the remote Juniper Junos device is affected by the following vulnerabilities related to OpenSSL : - A NULL pointer dereference flaw exists when the SSLv3 option isn't enabled and an SSLv3 ClientHello is received. This allows a remote attacker, using ...

RHEL 6 : Red Hat JBoss Enterprise Application Platform 6.3.0 update (Important) (RHSA-2014:1020)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1020 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A race condition...

openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0645-1)

This php5 update fixes : - CVE-2011-0421: CVSS v2 Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P: Input Validation CWE-20 - CVE-2011-1092: CVSS v2 Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P: Numeric Errors CWE-189 - CVE-2011-1148: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P: Resource Managemen...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20130122)

This update fixes the following security issues : - It was found that the Xen hypervisor implementation did not perform range checking on the guest provided values in multiple hypercalls. A privileged guest user could use this flaw to trigger long loops, leading to a denial of service Xen...

CoSoSys Endpoint Protector 4 Predictable Password

The remote CoSoSys Endpoint Protector 4 is affected by a password disclosure flaw. Specifically, the 'epproot' account is set to the default password 'eroot!00$SUMRO', where $SUM is the sum of the 9 digits in the appliance serial number. C Tenable Network Security, Inc. include"compat.inc";...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fix : - Using the SGIO IOCTL to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single...

Mozilla Thunderbird 10.0.x < 10.0.5 Multiple Vulnerabilities

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Multiple memory corruption errors exist. CVE-2012-1937, CVE-2012-1939...

PHP 5.3.x < 5.3.7 Multiple Vulnerabilities

Binary data 6015.prm...

TCP Channel Detection

The remote host is running a TCP-based .NET Remoting Channel Service, also known as a 'TCP channel'. .NET Remoting is an API developed by Microsoft and used for interprocess communications, and a channel service provides the mechanism by which such communications occur. Two channel services are...

phpBB viewtopic.php highlight Parameter SQL Injection (ESMARKCONANT)

The remote host is running phpBB. There is a flaw in the remote software that could allow anyone to inject arbitrary SQL commands in the login form. An attacker could exploit this flaw to bypass the authentication of the remote host or execute arbitrary SQL statements against the remote database...

Microsoft Windows SMB LsaQueryInformationPolicy Function NULL Session Domain SID Enumeration

By making or emulating a call to LsaQueryInformationPolicy, it was possible to obtain the domain SID Security Identifier. The domain SID can then be used to get the list of users of the domain. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10398; scriptversion"1.59"...

Oracle Linux 8 : java-17-openjdk (ELSA-2022-5726)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5726 advisory. 1:17.0.4.0.8-0.2.ea - Add rpminspect.yaml to turn off Java bytecode inspections - java-17-openjdk deliberately produces Java 17 bytecode, not the defau...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9583)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9583 advisory. - floppy: use a statically allocated error counter Willy Tarreau Orabug: 34218640 CVE-2022-1652 Tenable has extracted the preceding description block directly...

RHEL 8 : thunderbird (RHSA-2021:4130)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4130 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.3.0. Security Fixes: Mozilla:...

EulerOS Virtualization for ARM 64 3.0.2.0 : glibc (EulerOS-SA-2021-2076)

According to the versions of the glibc packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input...

Photon OS 1.0: Glibc PHSA-2021-1.0-0401

An update of the glibc package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0401. The text itself is copyright C VMware, Inc...

EulerOS Virtualization for ARM 64 3.0.2.0 : qemu-kvm (EulerOS-SA-2021-1046)

According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in...

Mozilla Firefox < 83.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 83.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-50 advisory. - Mozilla developers Tyson Smith, Aaron Klotz, David Major and Jason Kratzer reported memory safety bugs presen...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4576-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4576-1 advisory. Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal (cisco-sa-asaftd-ro-path-KJuQhB86)

A vulnerability exists in the web services interface of Cisco Adaptive Security Appliance ASA and Firepower Threat Defense FTD Software. An unauthenticated, remote attacker can exploit this, by sending a crafted HTTP request containing directory traversal character sequences to an affected device...

RHEL 7 : OpenShift Container Platform 4.1 (RHSA-2019:3265)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3265 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

Photon OS 1.0: Python2 PHSA-2019-1.0-0252

An update of the python2 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0252. The text itself is copyright C VMware, Inc. include"compat.inc"; if description...

Pulse Connect Secure Multiple Vulnerabilities (SA44101)

According to its self-reported version, the version of Pulse Connect Secure running on the remote host is affected by multiple vulnerabilities. - An arbitrary file read vulnerability exists in PCS. An unauthenticated, remote attacker can exploit this, via specially crafted URI, to read arbitrary...

Photon OS 2.0: Linux PHSA-2018-2.0-0009

An update of the linux package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0009. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121903...

RHEL 7 : kernel (RHSA-2018:3083)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3083 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A flaw named FragmentSmack was found i...

CentOS 6 : kernel (CESA-2018:0512) (Meltdown) (Spectre)

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Oracle Linux 7 : httpd (ELSA-2017-2479)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2479 advisory. - Resolves: 1463194 - CVE-2017-3167 httpd: apgetbasicauthpw authentication bypass - Resolves: 1463197 - CVE-2017-3169 httpd: modssl NULL pointer...

EulerOS 2.0 SP2 : kernel (EulerOS-SA-2017-1155)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be...

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerability (USN-3333-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3333-1 advisory. USN-3326-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel...

Ubuntu 12.04 LTS : linux vulnerability (USN-3104-1) (Dirty COW)

It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges. Note that Tenable Network Security has extracted the preceding...

Debian DLA-499-1 : php5 security update

CVE-2015-8865 The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and...

RHEL 7 : kernel (RHSA-2016:0185)

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2015-616)

Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2015-4835 , CVE-2015-4881 , CVE-2015-4843 , CVE-2015-4883 , CVE-2015-4860 ,...

Realtek SDK miniigd SOAP Service RCE

According to its banner, the Realtek Software Development Kit is running on the remote device. It is, therefore, affected by a flaw in the miniigd SOAP service due to a failure to properly sanitize user input when handling NewInternalClient requests. An unauthenticated, remote attacker, using a...