潜在危险的 PATH 变量

medium Nessus 插件 ID 172180

版本 1.122

Oct 10, 2024, 11:57 PM

  • New

Plugin Feed: 202410102357

版本 1.121

Oct 10, 2024, 4:58 AM

  • Detection (Change dir to $HOME before find commands to handle weird find behavior with escalation.)

Plugin Feed: 202410100458

版本 1.120

Sep 26, 2024, 4:34 PM

  • Detection (adding package association overrides)

Plugin Feed: 202409261634

版本 1.119

Sep 25, 2024, 3:12 PM

  • Detection (Adding support for user-supplied timeout value for the find command.)

Plugin Feed: 202409251512

版本 1.116

Sep 11, 2024, 5:35 PM

  • New (Detects QUIC servers running on the target. Implement a NASL QUIC library to support detection of HTTP/3 and possibly more)

Plugin Feed: 202409111735

版本 1.115

Sep 10, 2024, 4:59 PM

  • New

Plugin Feed: 202409101659

版本 1.114

Sep 3, 2024, 11:47 PM

  • Logic Changes (additional data collection for runtime scanning. fixed logic bug causing potential false negatives. fixed logic bug causing potential false positives. fixed logic bug with potential to break cyberark logins)

Plugin Feed: 202409032347

版本 1.112

Sep 3, 2024, 5:26 PM

  • Detection (Support for Aruba CPPM SSH based local checks)

Plugin Feed: 202409031726

版本 1.111

Aug 14, 2024, 8:33 PM

  • Logic Changes (Endianness fix in Kerberos authentication for SCAP scanning)

Plugin Feed: 202408142033

版本 1.110

Aug 14, 2024, 2:40 AM

  • New
  • Plugin requirements (Trusted)

Plugin Feed: 202408140240

版本 1.108

Aug 8, 2024, 4:43 PM

  • Logic Changes (Support OpenSSH private key formats for authentication.)

Plugin Feed: 202408081643

版本 1.107

Aug 6, 2024, 4:43 PM

  • Detection (Fix to allow Nessus Agent audits to query security settings registry key default values.)

Plugin Feed: 202408061643

版本 1.103

Jul 24, 2024, 6:31 PM

  • Logic Changes (Modernize SSH usage to optimize behavior on Nessus Agents.. adding AI family)

Plugin Feed: 202407241831

版本 1.102

Jul 23, 2024, 9:24 PM

  • New

Plugin Feed: 202407232124

版本 1.100

Jul 17, 2024, 11:02 PM

  • Logic Changes

Plugin Feed: 202407172302

版本 1.99

Jul 6, 2024, 12:22 AM

  • Detection (Changes to support Juniper Session Smart Router)

Plugin Feed: 202407060022

版本 1.98

Jul 5, 2024, 9:04 PM

  • Detection (Adding detection of Juniper SSR devices)

Plugin Feed: 202407052104

版本 1.97

Jun 27, 2024, 9:09 PM

  • New (Deploy nessus_utils binaries on the Nessus Agent)

Plugin Feed: 202406272109

版本 1.94

Jun 21, 2024, 6:31 PM

  • Detection (updated detection for SonicOS devices)

Plugin Feed: 202406211831

版本 1.93

Jun 21, 2024, 2:16 PM

  • Logic Changes

Plugin Feed: 202406211416

版本 1.92

Jun 12, 2024, 4:30 PM

  • Logic Changes (Prefer replace_kb_item in debug KBs to prevent unintentional duplication/forking)

Plugin Feed: 202406121630

版本 1.91

May 20, 2024, 10:13 AM

  • Logic Changes

Plugin Feed: 202405201013

版本 1.90

May 9, 2024, 6:10 PM

  • New

Plugin Feed: 202405091810

版本 1.84

Mar 30, 2024, 4:20 PM

  • New

Plugin Feed: 202403301620

版本 1.83

Mar 30, 2024, 1:01 AM

  • New

Plugin Feed: 202403300101

版本 1.81

Mar 19, 2024, 6:40 PM

  • Logic Changes (Improving logging to reduce disk space usage)

Plugin Feed: 202403191840

版本 1.77

Mar 5, 2024, 2:40 PM

  • Detection (improved file verification for Windows Agents)

Plugin Feed: 202403051440

版本 1.76

Mar 5, 2024, 1:15 AM

  • Logic Changes (Report structured data for Microsoft Exchange checks.. Report structured data for RPM version checks.)

Plugin Feed: 202403050115

版本 1.71

Feb 9, 2024, 11:22 AM

  • New

Plugin Feed: 202402091122

版本 1.70

Jan 16, 2024, 8:55 PM

  • Logic Changes (Improving debug logging)

Plugin Feed: 202401162055

版本 1.68

Jan 16, 2024, 5:39 PM

  • Detection (Add carrier grade NAT IPs to the IPv4 private address ranges.. Support privacy mode DCOM over Kerberos)
  • Logic Changes (Improving debug logging)

Plugin Feed: 202401161739

版本 1.66

Jan 15, 2024, 9:56 AM

  • Detection (improved regex)

Plugin Feed: 202401150956

版本 1.65

Jan 8, 2024, 6:41 PM

  • Detection (retooled detection to better handle managed installs)

Plugin Feed: 202401081841

版本 1.61

Dec 11, 2023, 6:11 PM

  • Detection (Fix error handling for find_cmd. Remove bash error from the output of commands that timed out)

Plugin Feed: 202312111811

版本 1.60

Dec 6, 2023, 12:08 AM

  • Logic Changes (Fixes bug in special case shell handling logic.)

Plugin Feed: 202312060008

版本 1.59

Dec 5, 2023, 9:49 PM

  • Logic Changes (Fixes bug in special case shell handling logic.)

Plugin Feed: 202312052149

版本 1.57

Nov 28, 2023, 11:17 AM

  • Detection (Fixing detection of Cisco Firepower devices)

Plugin Feed: 202311281117

版本 1.56

Nov 27, 2023, 6:11 PM

  • Detection (No longer fall back to the legacy SSH library. Only use the old library explicitly.)

Plugin Feed: 202311271811

版本 1.55

Nov 14, 2023, 4:21 PM

  • Detection (Support SHA2 based encryption for Kerberos)

Plugin Feed: 202311141621

版本 1.55

Nov 27, 2023, 4:16 PM

  • Detection (No longer fall back to the legacy SSH library. Only use the old library explicitly.)

Plugin Feed: 202311271616

版本 1.53

Oct 30, 2023, 1:08 PM

  • Detection (Fixed detection of JUNOS)

Plugin Feed: 202310301308

版本 1.52

Oct 25, 2023, 5:17 PM

  • Detection (Handle SSH exec hang and pagination ctrl codes for PanOS)

Plugin Feed: 202310251717

版本 1.50

Oct 18, 2023, 7:26 PM

  • New

Plugin Feed: 202310181926

版本 1.43

Oct 9, 2023, 8:58 PM

  • New

Plugin Feed: 202310092058

版本 1.41

Oct 4, 2023, 11:07 PM

  • Detection (Fixed Cisco Firepower detection)

Plugin Feed: 202310042307

版本 1.40

Oct 3, 2023, 9:02 PM

  • Detection (Added Alma Linux to package association checks)

Plugin Feed: 202310032102

版本 1.39

Sep 26, 2023, 8:16 PM

  • Logic Changes

Plugin Feed: 202309262016

版本 1.37

Aug 9, 2023, 11:01 PM

  • Logic Changes

Plugin Feed: 202308092301

版本 1.33

Jul 31, 2023, 8:08 PM

  • Logic Changes

Plugin Feed: 202307312008

版本 1.31

Jul 24, 2023, 7:10 PM

  • Logic Changes (added debugging)

Plugin Feed: 202307241910

版本 1.29

Jul 17, 2023, 5:15 PM

  • Logic Changes (Make torture_cgi library PCP clean and consolidate utf16_to_ascii(). Permit CIDR entries in target priority list)

Plugin Feed: 202307171715

版本 1.27

Jul 10, 2023, 7:11 PM

  • Logic Changes (Restrict ClientHello ciphersuites by encapsulation)

Plugin Feed: 202307101911

版本 1.26

Jul 5, 2023, 9:03 PM

  • Logic Changes (added ingestion and ability of target priority lists for SSH credentials)

Plugin Feed: 202307052103

版本 1.24

Jun 20, 2023, 9:07 PM

  • Logic Changes (Temporarily limit debug logging)

Plugin Feed: 202306202107

版本 1.19

Jun 9, 2023, 12:10 AM

  • Logic Changes (Fix two function returns)

Plugin Feed: 202306090010

版本 1.17

Jun 1, 2023, 5:27 AM

  • Logic Changes (Better logging)

Plugin Feed: 202306010527

版本 1.16

May 23, 2023, 1:57 PM

  • Detection

Plugin Feed: 202305231357

版本 1.15

May 18, 2023, 1:08 AM

  • Detection (Port Alcatel-Lucent OmniSwitch support from ssh_get_info.nasl to ssh_lib as a rate limited device.)

Plugin Feed: 202305180108

版本 1.13

May 16, 2023, 7:02 PM

  • Detection (Authenticate WMI/DCOM using Kerberos credentials.)

Plugin Feed: 202305161902

版本 1.11

May 4, 2023, 4:01 PM

  • Logic Changes (Add KB item for downstream use)

Plugin Feed: 202305041601

版本 1.9

May 1, 2023, 9:07 PM

  • Detection (Make and use compatibility wrapper for running commands on scanner localhost to handle deprecation of pread().)

Plugin Feed: 202305012107

版本 1.7

Apr 25, 2023, 11:11 PM

  • Plugin metadata (Add note about paranoia being required for Windows)

Plugin Feed: 202304252311

版本 1.6

Apr 14, 2023, 10:10 AM

  • Detection (require paranoia for Windows path detection)
  • Logic Changes (Add more output to Windows detection)

Plugin Feed: 202304141010

版本 1.5

Apr 6, 2023, 6:58 PM

  • Detection (Add Kerberos debug logging)

Plugin Feed: 202304061858

版本 1.4

Mar 23, 2023, 2:01 PM

  • Plugin metadata (More detail about when plugin will fire)
  • Logic Changes (Output the identity groups that can write to the path)

Plugin Feed: 202303231401

版本 1.3

Mar 14, 2023, 2:09 PM

  • Logic Changes (Remove thorough tests attribute)

Plugin Feed: 202303141409

版本 1.1

Mar 8, 2023, 2:20 PM

  • Plugin metadata (Add detail to description)

Plugin Feed: 202303081420

版本 1.0

Mar 7, 2023, 2:00 PM

  • New

Plugin Feed: 202303071400

* Changelogs are generally available for changes made after Nov 1, 2022