Debian Security Advisory DSA 1381-1 (linux-2.6)

The remote host is missing an update to linux-2.6 announced via advisory DSA 1381-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

'/WEB-INF./' Information Disclosure Vulnerability (HTTP)

Various application or web servers / products are prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2002 Matt Moore SPDX-FileCopyrightText: New NASL code since 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Ubuntu: Security Advisory (USN-3885-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Samba 4.x Multiple Vulnerabilities (CVE-2018-1050, CVE-2018-1057)

Samba is prone to multiple vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PRTG Network Monitor Multiple Vulnerabilities

PRTG Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

OpenSSL 'OOB read' Security Bypass Vulnerability - Windows

OpenSSL is prone to an SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...

Evolution Script CMS 5.3 XSS Vulnerability

Evolution Script CMS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Windows JScript and VBScript Remote Code Execution Vulnerabilities (3156764)

This host is missing a critical security update according to Microsoft Bulletin MS16-053. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

OpenSSH Client Information Leak

The OpenSSH client code between 5.4 and 7.1p1 contains experimental support for resuming SSH-connections roaming. The matching server code has never been shipped, but the client code was enabled by default and could be tricked by a malicious server into leaking client memory to the server,...

IPMI 'Null' Usernames Allowed (IPMI Protocol)

The remote Intelligent Platform Management Interface IPMI service allows SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Private IP address Leaked using the PROPFIND method

The remote web server leaks a private IP address through the WebDAV interface. If this web server is behind a Network Address Translation NAT firewall or proxy server, then the internal IP addressing scheme has been leaked. This is typical of IIS 5.0 installations that are not configured properly...

Too Long Basic Authentication DoS Vulnerability

It was possible to kill the web server by sending a request with a too long Basic authentication field. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Apache HTTP Server 2.4.0 < 2.4.42 Multiple Vulnerabilities - Windows

Apache HTTP Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"; if...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1324)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LimeSurvey < 3.17.10 Multiple Vulnerabilities

Limesurvey is prone to an input validation and multiple XSS vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CentOS Update for curl CESA-2019:1880 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-1808-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OTRS 7.x < 7.0.7 Information Disclosure Vulnerability

OTRS is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if...

Debian: Security Advisory (DLA-1783-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Duplicator Plugin < 1.2.42 RCE Vulnerability

An issue was discovered in Snap Creek Duplicator. By accessing leftover installer files installer.php and installer-backup.php, an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution. SPDX-FileCopyrightText: 2018 Greenbone AG Some tex...

Microsoft Windows Multiple Vulnerabilities (KB4343887)

This host is missing a critical security update according to Microsoft KB4343887 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft .NET Framework Multiple Vulnerabilities (KB4338419)

This host is missing an important security update according to Microsoft KB4338419. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Microsoft SQL Server 2016 Information Disclosure Vulnerability (KB4019095)

Microsoft SQL Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Proxmox Virtual Environment (VE, PVE) Detection (HTTP)

HTTP based detection of Proxmox Virtual Environment VE, PVE. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

OpenVAS / Greenbone Vulnerability Manager Detection (OMP/GMP)

OpenVAS Management Protocol OMP / Greenbone Management Protocol GMP based detection of an OpenVAS Manager openvasmd or Greebone Vulnerability Manager gmvd. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Apache ZooKeeper < 3.4.14, 3.5.0-alpha - 3.5.4-beta Information Disclosure Vulnerability

Apache ZooKeeper is prone to an information disclosure vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Debian: Security Advisory (DLA-1833-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-1792-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

QNAP QTS Multiple PHP Vulnerabilities (NAS-201805-10)

QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; if description...

Teamviewer Session Hijacking Vulnerability

Teamviewer is vulnerable to session hijacking. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:teamviewer:teamviewer";...

Microsoft Internet Explorer Multiple Vulnerabilities (KB4034733)

This host is missing a critical security update according to Microsoft security updates KB4034733. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Joomla! < 3.7.1 SQLi Vulnerability - Active Check

Joomla is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...

Check for Quote of the Day (qotd) Service (TCP)

The Quote of the Day qotd service is running on this host. SPDX-FileCopyrightText: 1999 Mathieu Perrin Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB5031377)

This host is missing a critical security update according to Microsoft KB5031377 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Missing Linux Kernel mitigations for hardware vulnerabilities (sysfs interface not available)

The remote host is missing all known mitigations on Linux Kernel side for the referenced hardware vulnerabilities. Note: The sysfs interface to read the migitation status from the Linux Kernel is not available. Based on this it is assumed that no Linux Kernel mitigations are available and that th...

openSUSE: Security Advisory for sudo (openSUSE-SU-2019:2333-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Microsoft Windows Multiple Vulnerabilities (KB4512578)

This host is missing a critical security update according to Microsoft KB4512578 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

CentOS Update for python CESA-2019:1587 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Traccar Server <= 4.2 XXE Vulnerability

Traccar is prone to an XXE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112483...

PHPMailer End of Life (EOL) Detection

The PHPMailer version on the remote host has reached the end of life EOL and should not be used anymore. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Roundcube Webmail < 1.3.7 Enigma Plugin PGP Vulnerability (EFAIL)

Roundcube Webmail is prone to an information disclosure vulnerability in the Enigma Plugin. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later...

mini_httpd Buffer Overflow Vulnerability

The htpasswd implementation of minihttpd is affected by a buffer overflow that can be exploited remotely to perform code execution. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Debian: Security Advisory (DSA-4082-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Windows PowerShell Remote Code Execution Vulnerability (KB4025872)

This host is missing an important security update according to Microsoft KB4025872. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Dropbear Post-authentication root RCE Vulnerability (CVE-2017-9078)

Dropbear is prone to a post-authentication root remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Java SE Security Updates (cpuapr2017-3236618) 02 - Linux

Oracle Java SE is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Cisco NX-OS: GNU Bash Environment Variable Command Injection Vulnerability

On September 24, 2014, a vulnerability in the Bash shell was publicly announced. The vulnerability is related to the way in which shell functions are passed though environment variables. The vulnerability may allow an attacker to inject commands into a Bash shell, depending on how the shell is...

Sophos XG Firewall Detection (HTTP, User Portal)

HTTP based detection of a Sophos XG Firewall from the user portal. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

MayGion IP Cameras Multiple Vulnerabilities

MayGion IP Camera is prone to multiple vulnerabilities. Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...

SAP Crystal Reports Print ActiveX Control Buffer Overflow Vulnerability

This host is installed with SAP Crystal Reports and is prone to heap-based buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsapcrystalreportsbofvuln.nasl 7024 2017-08-30 11:51:43Z teissa $ SAP Crystal Reports Print ActiveX Control Buffer Overflow Vulnerability Authors: Madhuri D...