Nessus multiple unknown vulnerabilities in NASL and libnessus
| nessus-nasl-libnessus (12386) |  Medium Risk |
Description:
Nessus contains multiple unknown vulnerabilities in several functions in the Nessus Attack Scripting Language (NASL) script and the libnessus libraries package.
Note: It is reported that these vulnerabilities are similar to the vulnerabilities described in security issues 12057, 12058, and 12059.
Consequences:
Other
Remedy:
Upgrade to the latest version of Nessus (2.0.6 or later), available from the Nessus FTP site. See References.
References:
- BugTraq Mailing List, Thu May 22 2003 - 15:44:59 CDT: Potential security vulnerability in Nessus .
- Nessus FTP site: Index of /nessus.
- BID-7664: Nessus LibNASL Arbitrary Code Execution Vulnerability
- CVE-2003-0374: Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka similar issues in other nasl functions as well as in libnessus.
Platforms Affected:
- Tenable Network Security Nessus prior to 2.0.6
Reported:
Not available
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net