SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:0864-1)

The SUSE Linux Enterprise 12 kernel was updated to fix the following security bugs : - CVE-2017-7184: The Linux kernel allowed local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access via unspecified vectors, as demonstrated during a Pwn2Own competition a...

Fedora 23 : php (2016-db71b72137)

15 Sep 2016 PHP version 5.6.26 Core: - Fixed bug php72907 NULL pointer deref, segfault in gcremovezvalfrombuffer zendgc.c:260. Laruence Dba: - Fixed bug php71514 Bad dbareplace condition because of wrong API usage. cmb - Fixed bug php70825 Cannot fetch multiple values with group in ini file. cmb...

Debian DSA-3618-1 : php5 - security update

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.23, which includes additional bug fixes. Please refer to the upstream changelog for mor...

Scientific Linux Security Update : nss on SL6.x, SL7.x i386/x86_64 (20160107) (SLOTH)

A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to...

openSUSE Security Update : php5 (openSUSE-2015-352)

PHP was updated to fix three security issues. The following vulnerabilities were fixed : - CVE-2015-3330: Specially crafted PHAR files could, when executed under Apache httpd 2.4 apache2handler, allow arbitrary code execution bnc928506 - CVE-2015-3329: Specially crafted PHAR data could lead to...

Oracle Linux 7 : kernel (ELSA-2014-1971)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1971 advisory. - alsa control: Make sure that id-index does not overflow Jaroslav Kysela 1117313 1117314 CVE-2014-4656 - alsa control: Handle numid overflow Jaroslav...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20141028)

Security fixes : - A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT Programmable Interval Timer emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. CVE-2014-3611, Important - A NULL pointer dereference flaw was...

Amazon Linux AMI : xerces-j2 (ALAS-2014-436)

A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application to use an...

Debian DSA-3060-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service : - CVE-2014-3610 Lars Bull of Google and Nadav Amit reported a flaw in how KVM handles noncanonical writes to certain MSR registers. A privileged guest user can exploit this flaw to cause a deni...

GLSA-201408-12 : Apache HTTP Server: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201408-12 Apache HTTP Server: Multiple vulnerabilities Multiple vulnerabilities have been found in Apache HTTP Server. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send a special...

Oracle Linux 5 / 6 : openssl097a / and / openssl098e (ELSA-2014-0626)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-0626 advisory. - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Cisco Wireless LAN Controller (WLC) Version

The remote host is running Cisco Wireless LAN Controller WLC, an operating system for Cisco switches. It is possible to read the WLC version by connecting to the switch using SSH, SNMP, and/or CAPWAP. TRUSTED...

RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2013:1060)

Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Fedora 18 : kernel-3.9.9-201.fc18 (2013-12530)

Update to latest upstream stable release, Linux v3.9.9. This also includes fixes for issues running VM guests some people were seeing. Update to latest stable upstream release, Linux v3.9.8 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

CentOS 6 : kernel (CESA-2013:0496)

Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fourth regular update. The Red Hat Security Response Team has...

RHEL 5 : kernel (RHSA-2010:0148)

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, whi...

RHEL 5 / 6 : firefox (RHSA-2013:0144)

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

IBM Rational ClearQuest Installed

IBM Rational ClearQuest, change management software for development, is installed on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid61564; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/10";...

Apache Tomcat 6.x < 6.0.35 Multiple Vulnerabilities

According to its self-reported version number, the instance of Apache Tomcat 6.x listening on the remote host is prior to 6.0.35. It is, therefore, affected by multiple vulnerabilities : - Specially crafted requests are incorrectly processed by Tomcat and can cause the server to allow injection o...

SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6655)

The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's modssl was vulnerable to this kind of...

Unprotected QNX qconn Service

A QNX qconn service is running on this host. QNX plans to add some authentication to qconn. Meanwhile, qconn should be used only in development phase. Through this service, it is possible to upload and execute arbitrary code on the host. An attacker can use this service to take complete control o...

HP-UX PHNE_40339 : s700_800 11.23 BIND 9.2.0 Revision 5.0

s700800 11.23 BIND 9.2.0 Revision 5.0 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to create a Denial of Service DoS and permit unauthorized...

openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-1252)

The XML signature checker did not impose limits on the minimum length of HMAC signatures in XML documentes. Attackers could therefore specify a length of e.g. 1 to make the signature appear valid and therefore effectively bypass verification of XML documents. CVE-2009-0217 The WebStart component...

Safari < 3.2.2 Multiple Vulnerabilities

Binary data 4932.prm...

SuSE 10 Security Update : gecko-sdk and mozilla-xulrunner (ZYPP Patch Number 5811)

This update backports the latest security fixes to the Mozilla XULRunner engine. It fixes following security issues : - The http-index-format MIME type parser nsDirIndexParser in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for an allocatio...

RHEL 4 : php (RHSA-2008:0545)

Updated php packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

SuSE 10 Security Update : bind (ZYPP Patch Number 5409)

The transaction id and the udp source port used for DNS queries by the bind nameserver were predicatable. Attackers could potentially exploit that weakness to manipulate the DNS cache 'DNS cache poisoning', CVE-2008-1447. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description o...

MS05-051: Vulnerabilities in MSDTC Could Allow Remote Code Execution (902400) (uncredentialed check)

The remote version of Windows contains a version of MSDTC Microsoft Data Transaction Coordinator service that has several remote code execution, local privilege escalation, and denial of service vulnerabilities. An attacker may exploit these flaws to obtain the complete control of the remote host...

PHP 8.1.x < 8.1.29 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.29, 8.2.x prior to 8.2.20, or 8.3.x prior to 8.3.8. It is, therefore, affected by multiple vulnerabilities: - An argument Injection in PHP-CGI with a bypass of CVE-2012-1823...

Grafana Labs Security Bypass (CVE-2023-4822)

According to its self-reported version number, the version of Grafana Labs Enterprise edition running on the remote host is a version 8.0.0 prior to 9.4.17, 9.5.x prior to 9.5.13, 10.0.x prior to 10.0.9 or 10.1.x prior to 10.1.5. It is, therefore, affected by a security bypass vulnerability: - Th...

GLSA-202211-01 : OpenSSL: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202211-01 OpenSSL: Multiple Vulnerabilities - A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and...

RHEL 7 : expat (RHSA-2022:6834)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6834 advisory. Expat is a C library for parsing XML documents. Security Fixes: expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 For mo...

Amazon Linux 2022 : php, php-bcmath, php-cli (ALAS2022-2022-073)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-073 advisory. A flaw was found in php. The main cause of this vulnerability is improper input validation while parsing an Extensible Markup LanguageXML entity. A special character could allow an attacker to...

openSUSE 15 Security Update : slirp4netns (openSUSE-SU-2022:0943-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2022:0943-1 advisory. - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total...

Debian DLA-2898-1 : nss - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2898 advisory. It was found that nss, the Mozilla Network Security Service library, was vulnerable to a NULL pointer dereference when parsing empty PKCS 7 sequences, which could result in...

Apache Log4j 2.x < 2.16.0 RCE (MacOS) (deprecated)

This plugin has been deprecated as a duplicated of apachelog4j2160.nasl 156057. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2020/12/30. Deprecated by apachelog4j2160.nasl. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid156165;...

Apache Log4Shell RCE detection via callback correlation (Direct Check SSH)

Binary data apachelog4shellssh.nbin...

SUSE SLES11: xen / xen-doc-html / xen-kmp-default / xen-kmp-pae / xen-libs / etc (SUSE-SU-2021:14848-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14848-1 advisory. - CVE-2021-0089: Fixed Speculative Code Store Bypass XSA-375 bsc1186433. - CVE-2021-20255: Fixed stack overflow via infinite recursion in...

CentOS 8 : annobin (CESA-2021:4593)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4593 advisory. - Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 Note that Nessus has not tested for thi...

Security Updates for Windows Defender (November 2021)

The Malware Protection Engine version of Microsoft Windows Defender installed on the remote Windows host is equal or prior to 1.1.18700.3. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary...

EulerOS 2.0 SP5 : glib2 (EulerOS-SA-2021-1898)

According to the versions of the glib2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If gbytearraynewtake was called with a buffer of 4GB or more on a...

EulerOS Virtualization 3.0.6.6 : qemu (EulerOS-SA-2021-1455)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an idecanceldmasyn...

CentOS 8 : kernel (CESA-2019:1167)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1167 advisory. - hardware: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - hardware: Micro-architectural Load Port Data Sampling - Information Le...

Microsoft Windows 10 Version 1809 Unsupported Version Detection

Microsoft Windows 10 version 1809 is running on the remote host. Microsoft ended support for Windows 10 version 1809 Home/Pro on November 10, 2020 and Windows 10 version 1809 Enterprise/Educational on May 11, 2021. Lack of support implies that no new security patches for the product will be...

KB4586808: Windows Server 2012 November 2020 Security Update

The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from t...

Oracle Solaris Critical Patch Update : oct2020_SRU11_3_36_23_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Pluggable authentication module. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows...

EulerOS 2.0 SP3 : kernel (EulerOS-SA-2020-2150)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state ...

openSUSE Security Update : grub2 (openSUSE-2020-1168)

This update for grub2 fixes the following issues : - CVE-2020-10713 bsc1168994 - CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 bsc1173812 - CVE-2020-15706 bsc1174463 - CVE-2020-15707 bsc1174570 - Use overflow checking primitives where the arithmetic expression for buffer allocatio...

Fedora 31 : 1:java-11-openjdk (2020-93cc9c3ef2)

July 2020 OpenJDK security update for OpenJDK 11 Full release notes: https://bitly.com/openjdk1108 Security fixes - JDK-8230613: Better ASCII conversions - JDK-8231800: Better listing of arrays - JDK-8232014: Expand DTD support - JDK-8233234: Better Zip Naming - JDK-8233239, CVE-2020-14562: Enhan...

RHEL 8 : qt5 (RHSA-2020:1665)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1665 advisory. Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt...