Oracle Linux 7 : unbreakable enterprise kernel (ELSA-2014-3049)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3049 advisory. - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229497 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4458)

Mozilla Thunderbird was updated to the 3.1.10 security release. MFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain...

Scientific Linux Security Update : php on SL5.x i386/x86_64 (20131211)

A memory corruption flaw was found in the way the opensslx509parse function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the...

RHEL 5 : php (RHSA-2013:1814)

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Oracle Linux 6 : libjpeg-turbo (ELSA-2013-1803)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-1803 advisory. - Resolves: 1031955 apply patch for CVE-2013-6630 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

Ubuntu 10.04 LTS : linux vulnerabilities (USN-1899-1)

Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. CVE-2012-4508 An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compa...

Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1834-1)

A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a denial of service crash the system or potentially escalate privileges on the system. CVE-2013-1929 A flaw was discovered in the Linux kernel's...

Mac OS X Multiple Vulnerabilities (Security Update 2012-004) (BEAST)

The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-004 applied. This update contains multiple security-related fixes for the following components : - Apache - Data Security - DirectoryService - ImageIO - International Components for Unicode - Mail - PHP ...

Scientific Linux Security Update : gpdf on SL4.x i386/x86_64

Multiple integer overflow flaws were found in GPdf's JBIG2 decoder. An attacker could create a malicious PDF file that would cause GPdf to crash or, potentially, execute arbitrary code when opened. CVE-2009-0147, CVE-2009-1179 Multiple buffer overflow flaws were found in GPdf's JBIG2 decoder. An...

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : php5 vulnerabilities (USN-1358-1)

It was discovered that PHP computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters. CVE-2011-4885 ATTENTION: this update changes previous PHP...

SuSE 11 / 11.1 Security Update : PHP5 (SAT Patch Numbers 3489 / 3490)

The following issues have been fixed : - Insufficient handling of certain character sequences in the utf8decode function could be leveraged to conduct cross-site scripting XSS attacks. CVE-2010-3870 - php5 could also consume large amounts of memory and crash if a long mail address was passed to...

Fedora 13 : sepostgresql-9.0.1-20101007.fc13 (2010-16004)

Upgrade base version to v9.0.1 which contains various bug and security fixes. - http://www.postgresql.org/docs/9.0/static/release-9-0.ht ml - http://www.postgresql.org/docs/9.0/static/release-9-0- 1.html Note that Tenable Network Security has extracted the preceding description block directly fro...

Ubuntu 8.04 LTS / 10.04 LTS : firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities (USN-930-1)

If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.0...

Microsoft Windows SMB Registry : Enumerate the list of SNMP communities

Using the registry, it was possible to extract the list of SNMP communities configured on the remote host. You should ensure that each community has the appropriate permission and that it can not be guessed by an attacker C Tenable Network Security, Inc. include"compat.inc"; if description...

SuSE 10 Security Update : MozillaFirefox, MozillaFirefox-branding-upstream, MozillaFirefox-translations, mozilla-xulrunner191, mozilla-xulrunner191-devel, mozilla-xulrunner191-gnomevfs, mozilla-xulrunner191-translations, python-xpcom191 (ZYPP Patch Number 6970)

Mozilla Firefox was updated to version 3.5.9 fixing lots of bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed...

openSUSE Security Update : libltdl-3 (libltdl-3-1638)

libtool: libltdl may load modules from the current working directory. CVE-2009-3736 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libltdl-3-1638. The text...

SuSE 11 Security Update : Xerces-j2 (SAT Patch Number 1235)

The xerces-j2 package was vulnerable to various bugs while parsing XML.CVE-2009-2625 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...

Sun Java Web Console helpwindow.jsp / masthead.jsp Multiple XSS

The version of Sun Java Web Console running on the remote host has multiple cross-site scripting vulnerabilities in 'helpwindow.jsp' and 'masthead.jsp'. A remote attacker could exploit these to trick a user into executing arbitrary HTML or script code in the context of the web server. %NASLMINLEV...

Mozilla Thunderbird < 2.0.0.18 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 2.0.0.18. Such versions are potentially affected by the following security issues : - The canvas element can be used in conjunction with an HTTP redirect to bypass same-origin restrictions and gain access to the content in arbitrary images from...

PowerDNS Version Detection

The remote host is running PowerDNS, an open source DNS server. It was possible to extract the version number of the remote installation by sending a special DNS request for the text 'version.pdns' in the domain 'chaos'. C Tenable Network Security, Inc. include"compat.inc"; if description...

RHEL 3 / 5 : php (RHSA-2008:0544)

Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

phpwcms spaw_control.class.php spaw_root Parameter Remote File Inclusion

The remote host is running phpwcms, an open source content management system written in PHP. The version of phpwcms installed on the remote host fails to sanitize user-supplied input to the 'spawroot' parameter before using it in PHP include functions in the...

Contenido < 4.6.4 class.inuse.php Multiple Parameter Remote File Inclusion

Binary data 3323.prm...

Finger Service Remote Information Disclosure

The remote host is running the 'finger' service. The purpose of this service is to show who is currently logged into the remote system, and to give information about the users of the remote system. It provides useful information to attackers, since it allows them to gain usernames, determine how...

Apache Tomcat 9.0.0.M1 < 9.0.44 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.44. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.44security-9 advisory. - Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate...

Rocky Linux 8 : ruby:2.5 (RLSA-2021:2587)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2587 advisory. - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions. CVE-2019-15845 -...

AlmaLinux 8 : GNOME (ALSA-2019:3553)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2019:3553 advisory. - It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical...

Ubuntu 18.04 LTS : Samba vulnerability (USN-5260-2)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5260-2 advisory. Orange Tsai discovered that the Samba vfsfruit module incorrectly handled certain memory operations. A remote attacker could use this issue to cause Samba to cras...

Oracle Database Server (Jan 2022 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2022 CPU advisory. - Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c...

Debian DSA-5044-1 : firefox-esr - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5044 advisory. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information...

Amazon Linux 2 : java-17-amazon-corretto, java-11-amazon-corretto, java-1.8.0-openjdk, java-1.7.0-openjdk (ALAS-2021-1731)

The version of java-1.7.0-openjdk installed on the remote host is prior to 1.7.0.261-2.6.22.2. The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.312.b07-1. The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.13+8-2. The version of...

openSUSE 15 Security Update : MozillaFirefox (openSUSE-SU-2021:3745-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3745-1 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing...

KB5005106: Windows 8.1 and Windows Server 2012 R2 Security Update (August 2021)

The remote Windows host is missing security update 5005106 or cumulative update 5005076. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2021-26425, CVE-2021-26426, CVE-2021-34483,...

Fedora 33 : python3.10 (2021-b326fcb83f)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-b326fcb83f advisory. - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are...

AngularJS < 1.8.0 Cross-Site Scripting

According to its self-reported version number, AngularJS is prior to 1.8.0. Therefore, it may be affected by a a Cross-Site Scripting XSS vulnerability through the wrapping of elements in ones. Note that the scanner has not tested for these issues but has instead relied only on the application's...

EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2020-2526)

According to the versions of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client...

EulerOS 2.0 SP9 : freetype (EulerOS-SA-2020-2496)

According to the version of the freetype package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a...

Debian DLA-2397-1 : php7.0 security update

A vulnerability was discovered in PHP, a server-side, HTML-embedded scripting language. When PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like Host confused with cookies that decode to such prefix, thus leading to an...

Oracle Linux 7 : docker-cli / docker-engine (ELSA-2020-5739)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5739 advisory. - update to 19.03.11 for CVE-2020-13401 - apply e4931e664feac6fa8846f3f04268a0cc98822549, fixes CVE-2019-5736 - update to 19.03.11 for CVE-2020-13401 - apply...

Apache Tomcat 9.0.0 < 9.0.35

The version of Tomcat installed on the remote host is prior to 9.0.35. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.35security-9 advisory. - When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to...

CentOS 7 : thunderbird (RHSA-2020:2050)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2050 advisory. - A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash...

MongoDB 2.x, 3.0.x < 3.0.15, 3.1.x < 3.2.14, 3.3.x < 3.3.14 Mongo Shell Information Disclosure Vulnerability (SERVER-25335)

The version of the remote MongoDB server is 2.x, 3.x 3.0.15, 3.2.x 3.2.14, 3.3.x 3.3.14. It is, therefore, affected by an information disclosure in mongo shell due to the MongoDB client having world-readable permissions on .dbshell history files. An unauthenticated, local attacker can exploit thi...

Amazon Linux AMI : mysql56 (ALAS-2020-1332)

The version of mysql56 installed on the remote host is prior to 5.6.46-1.35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1332 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Information Schema. Supported versions that are...

EulerOS 2.0 SP3 : libtiff (EulerOS-SA-2019-2621)

According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service memory consumption, as...

EulerOS 2.0 SP5 : expat (EulerOS-SA-2019-2145)

According to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox 50.CVE-2016-9063 - In libexpat before...

Photon OS 3.0: Linux PHSA-2019-3.0-0030

An update of the linux package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0030. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid129163;...

EulerOS Virtualization for ARM 64 3.0.2.0 : glibc (EulerOS-SA-2019-1703)

According to the version of the glibc packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The iconv program in the GNU C Library aka glibc or libc6 2.25 and earlier, when invoked with the -c option, enters an...

Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3982-2) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

USN-3982-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 for Ubuntu 14.04 LTS. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas,...

EulerOS Virtualization 2.5.4 : kvm (EulerOS-SA-2019-1372)

According to the version of the kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating ...

Fedora 29 : kernel / kernel-headers / kernel-tools (2019-be9add5b77)

The 5.0.6 update contains a number of importnat fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...