Debian DSA-5050-1 : linux - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5050 advisory. Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4155...

Ubuntu 18.04 LTS / 20.04 LTS : Apache Log4j 2 vulnerability (USN-5192-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5192-1 advisory. Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this...

Photon OS 1.0: Openssl PHSA-2021-1.0-0429

An update of the openssl package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0429. The text itself is copyright C VMware, Inc...

openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1142-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1142-1 advisory. - arch/powerpc/kvm/book3srtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memor...

Photon OS 1.0: Linux PHSA-2021-1.0-0375

An update of the linux package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0375. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid148294...

SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2021:0529-1)

This update for python3 fixes the following issues : CVE-2021-3177: Fixed buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution bsc1181126. Provide the newest setuptools wheel bsc1176262, CVE-2019-20916 in their correct form bsc1180686. Note that Tenable...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9024)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-9024 advisory. 4.14.35-2025.404.1.2.el7 - Revert 'rds: Deregister all FRWR mr with freemr' aru kolappan Orabug: 32426280 Tenable has extracted the preceding descripti...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerability (USN-4683-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4683-1 advisory. Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to...

RHEL 8 : bind (RHSA-2020:2338)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2338 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C...

Fedora 32 : python27 (2020-e9251de272)

Avoid infinite loop when reading specially crafted TAR files CVE-2019-20907 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

CentOS 6 : kernel (RHSA-2020:1524)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1524 advisory. - The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocate...

Amazon Linux 2 : python-virtualenv (ALAS-2020-1413)

The version of python-virtualenv installed on the remote host is prior to 15.1.0-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1413 advisory. urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirec...

EulerOS 2.0 SP2 : bind (EulerOS-SA-2019-2453)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called...

MySQL 5.6.x < 5.6.45 Multiple Vulnerabilities (Jul 2019 CPU)

The version of MySQL running on the remote host is 5.6.x prior to 5.6.45. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the July 2019 Critical Patch Update advisory: - An unspecified vulnerability in the 'Server: XML'...

Ubuntu 16.04 LTS / 18.04 LTS : NSS vulnerabilities (USN-4060-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4060-1 advisory. Henry Corrigan-Gibbs discovered that NSS incorrectly handled importing certain curve25519 private keys. An attacker could use this issue to...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2106-1)

This update for the Linux Kernel 3.12.74-606488 fixes several issues. The following security issue was fixed : - CVE-2018-3665: System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially have allowed a local process to infer data fr...

SUSE SLES11 Security Update : MozillaFirefox, mozilla-nss (SUSE-SU-2017:2872-2)

This update for MozillaFirefox and mozilla-nss fixes the following issues: Mozilla Firefox was updated to ESR 52.4 bsc1060445 - MFSA 2017-22/CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces - MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating...

CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2017:2998)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

MySQL 5.5.x < 5.5.58 Multiple Vulnerabilities (RPM Check) (October 2017 CPU)

The version of MySQL running on the remote host is 5.5.x prior to 5.5.58. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has no...

EulerOS 2.0 SP1 : qemu-kvm (EulerOS-SA-2017-1223)

According to the versions of the qemu-kvm package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds memory access issue was found in Quick Emulator QEMU in the VNC display driver. This flaw could occur while refreshing the VNC...

EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2017-1016)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrust...

Citrix XenServer Multiple Vulnerabilities (CTX220112)

The version of Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by the following vulnerabilities : - A man-in-the-middle MitM vulnerability exists in the NTP component due to an improperly implemented threshold limitation for the '-g' option. A...

Ubuntu 16.04 LTS : Tomcat vulnerability (USN-3027-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3027-1 advisory. It was discovered that the Tomcat Fileupload library incorrectly handled certain upload requests. A remote attacker could possibly use this issue to cause a denia...

MariaDB Server 5.4.x < 5.4.46 / 10.0.x < 10.0.22 Multiple Vulnerabilities

Binary data 9302.prm...

Palo Alto Networks PAN-OS GlobalProtect Web Portal RCE (PAN-SA-2016-0005)

The Palo Alto Networks PAN-OS running on the remote host is affected by a remote code execution vulnerability in the GlobalProtect web portal due to improper validation of user-supplied input when handling SSL VPN requests. An unauthenticated, remote attacker can exploit this, via a crafted...

Fedora 23 : xen-4.5.1-9.fc23 (2015-28cfce6702)

ui/vnc: limit clientcuttext msg payload size CVE-2015-5239 1259504, e1000: Avoid infinite loop in processing transmit descriptor CVE-2015-6815 1260224, net: add checks to validate ring buffer pointers CVE-2015-5279 1263278, net: avoid infinite loop when receiving packets CVE-2015-5278 1263281, qe...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3046)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3046 advisory. - x86/asm/entry/64: Remove a bogus 'retfromfork' optimization Andy Lutomirski Orabug: 21308308 CVE-2015-2830 Tenable has extracted the preceding...

SAP Host Agent SOAP Web Service Information Disclosure (SAP Note 1816536)

The version of SAP Host Agent discloses sensitive system information, such as operating system version, databases version, CPU make and model, and information on network interfaces. A remote, unauthenticated attacker could use this to specialize attacks. %NASLMINLEVEL 70300 C Tenable Network...

USN-1726-1 : linux-ti-omap4 vulnerabilities

It was discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating the origin on Netlink messages. An untrusted local user can cause a denial of service of Linux guests in Hyper-V virtualization environments. CVE-2012-2669 Dmitry Monakhov reported a race...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6810)

This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel. The following security issues were fixed : - Two sysfs filers in the qla2xxx driver were worldwriteable, so users could change SCSI attributes of the qla2xxx driver. CVE-2009-4536:...

PCI DSS Compliance : Database Reachable from the Internet

The remote host is running a database server that is reachable from the Internet. This violates PCI DSS, section 1.3.7. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid57581; scriptversion"1.13"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/04/27"...

Google Chrome < 10.0.648.127 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 10.0.648.127. Such versions are reportedly affected by multiple vulnerabilities : - It may be possible to navigate or close the top location in a sandboxed frame. Issue 42574, 42765 - A cross-origin error message leak exist...

SuSE 11 / 11.1 Security Update : IBM Java 1.4.2 (SAT Patch Numbers 2413 / 2483)

IBM Java 1.4.2 was updated to Version U13 FP 4 iFixes, to fix the SSL renegotiation flaw reported via CVE-2009-3555. Also, SAP installer related bugs have been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Su...

Fedora 13 : thunderbird-3.1.7-2.fc13 (2010-18778)

Update to new upstream Thunderbird version 3.1.7, fixing multiple security issues detailed in the upstream advisory : http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.ht mlthunderbird3.1.7 Note that Tenable Network Security has extracted the preceding description block directly...

openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-1330)

This update of java-160-openjdk fixes the following issues : - CVE-2009-2670: OpenJDK Untrusted applet System properties access - CVE-2009-2671,CVE-2009-2672: OpenJDK Proxy mechanism information leaks - CVE-2009-2673: OpenJDK proxy mechanism allows non-authorized socket connections - CVE-2009-267...

Slackware 12.0 / 12.1 / 12.2 / current : httpd (SSA:2009-214-01)

New httpd packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2009-214-01. The text itself is copyrig...

openSUSE Security Update : kernel (kernel-423)

This update fixes various security issues and several bugs in the openSUSE 11.0 kernel. It was also updated to the stable version 2.6.25.20. CVE-2008-5702: Buffer underflow in the ibwdtioctl function in drivers/watchdog/ib700wdt.c might allow local users to have an unknown impact via a certain...

Samba Server Detection

The remote host is running Samba, a CIFS/SMB server for Linux and Unix. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid25240; scriptversion"1.15"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/12"; scriptnameenglish:"Samba Server Detection";...

Nukestyles.com viewpage.php Addon for PHP-Nuke File Parameter Traversal Arbitrary File Access

viewpage.php part of Nukestyles.com addon for PHP-Nuke does not filter user-supplied input. As a result, an attacker may use it to read arbitrary files on the remote host by supplying a bogus value to the 'file' parameter of this CGI. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Microsoft IIS /iisadmpwd/aexp2.htr Password Policy Bypass

Microsoft IIS installs the 'aexp2.htr', 'aexp2b.htr', 'aexp3.htr', or 'aexp4.htr' files in the '/iisadmpwd' directory by default. These fiels can be used by an attacker to brute-force a valid username/password. A valid user may also use it to change his password on a locked account, bypassing...

Microsoft Windows Server 2012 SEoL

Microsoft Windows Server 2012 is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Apache Tomcat 10.0.0.M1 < 10.0.27

The version of Tomcat installed on the remote host is prior to 10.0.27. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat10.0.27security-10 advisory. - If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2022-9427)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-9427 advisory. 4.14.35-2047.513.2.2.el7 - debug: Lock down kgdb Stephen Brennan Orabug: 34152700 CVE-2022-21499 Tenable has extracted the preceding description block directly...

Oracle Linux 7 : java-11-openjdk (ELSA-2022-1440)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1440 advisory. 1:11.0.15.0.9-2.0.1 - link atomic for ix86 build 1:11.0.15.0.9-2 - Add JDK-8284920 fix for XPath regression - Related: rhbz2073422 1:11.0.15.0.9-2 -...

SUSE SLES12 Security Update : nodejs14 (SUSE-SU-2022:0569-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0569-1 advisory. - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symli...

Apache OFBiz Log4Shell Direct Check (CVE-2021-44228)

Binary data apacheofbizlog4shell.nbin...

VMware vCenter Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)

Binary data vmwarevcenterlog4shell.nbin...

Photon OS 1.0: Linux PHSA-2021-1.0-0416

An update of the linux package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0416. The text itself is copyright C VMware, Inc...

KB5003197: Windows 10 1607 / Windows Server 2016 Security Update (May 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9221)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9221 advisory. - Revert 'x86/vmlinux: Use INT3 instead of NOP for linker fill bytes' John Donnelly Orabug: 32576398 CVE-2021-3411 - netfilter: xtables: Use correc...