Nessus Report

Report generated by Nessus™

masked_systemname Pre V6 masked_hostname

Tue, 23 Apr 2024 13:04:25 Tokyo Standard Time

TABLE OF CONTENTS
Vulnerabilities by PluginExpand All | Collapse All
155999 (2) - Apache Log4j < 2.15.0 Remote Code Execution (Nix)
-
Synopsis
A package installed on the remote host is affected by a remote code execution vulnerability.
Description
The version of Apache Log4j on the remote host is 2.x < 2.3.1 / 2.4 < 2.12.3 / 2.13 < 2.15.0. It is, therefore, affected by a remote code execution vulnerability in the JDNI parser due to improper log validation. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands.

Log4j 1.x, which reached its End of Life prior to 2016, comes with JMSAppender which will perform a JNDI lookup if enabled in Log4j's configuration file, hence customers should evaluate triggers in 1.x based on the risk that it is EOL and whether JNDI lookups are enabled.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Upgrade to Apache Log4j version 2.3.1 / 2.12.3 / 2.15.0 or later, or apply the vendor mitigation.

Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.
Risk Factor
High
CVSS v3.0 Base Score
10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.5 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
8.1 (CVSS2#E:H/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-44228
XREF IAVA:2021-A-0573
XREF IAVA:0001-A-0650
XREF CISA-KNOWN-EXPLOITED:2021/12/24
XREF CEA-ID:CEA-2021-0052
XREF CEA-ID:CEA-2023-0004
Exploitable With
CANVAS (true) Core Impact (true)
Plugin Information
Published: 2021/12/10, Modified: 2023/02/17
Plugin Output

ipaddr (tcp/0)


Path : /opt/glassfish5/glassfish/domains/domain1/applications/sfcf/WEB-INF/lib/log4j-core-2.8.2.jar
Installed version : 2.8.2
Fixed version : 2.12.2

ipaddr (tcp/0)


Path : /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/applications/sfcf/WEB-INF/lib/log4j-core-2.8.2.jar
Installed version : 2.8.2
Fixed version : 2.12.2
156057 (2) - Apache Log4j 2.x < 2.16.0 RCE
-
Synopsis
A package installed on the remote host is affected by a remote code execution vulnerability.
Description
The version of Apache Log4j on the remote host is 2.x < 2.12.2 / 2.16.0. It is, therefore, affected by a remote code execution vulnerability. The fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allow attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in a remote code execution (RCE) attack.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Upgrade to Apache Log4j version 2.3.1, 2.12.2, 2.16.0 or later, or apply the vendor mitigation.

Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.
Risk Factor
Medium
CVSS v3.0 Base Score
9.0 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.3 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
4.2 (CVSS2#E:F/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-45046
XREF IAVA:2021-A-0573
XREF IAVA:2021-A-0598
XREF IAVA:2021-A-0597
XREF IAVA:2021-A-0596
XREF IAVA:0001-A-0650
XREF CISA-KNOWN-EXPLOITED:2023/05/22
Plugin Information
Published: 2021/12/14, Modified: 2023/05/01
Plugin Output

ipaddr (tcp/0)


Path : /opt/glassfish5/glassfish/domains/domain1/applications/sfcf/WEB-INF/lib/log4j-core-2.8.2.jar
Installed version : 2.8.2
Fixed version : 2.12.2

ipaddr (tcp/0)


Path : /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/applications/sfcf/WEB-INF/lib/log4j-core-2.8.2.jar
Installed version : 2.8.2
Fixed version : 2.12.2
128349 (1) - CentOS 7 : gdm / libX11 / libxkbcommon / xorg-x11-drv-ati / xorg-x11-drv-vesa / etc (CESA-2019:2079)
-
Synopsis
The remote CentOS host is missing one or more security updates.
Description
An update for Xorg is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.

Security Fix(es) :

* libX11: Crash on invalid reply in XListExtensions in ListExt.c (CVE-2018-14598)

* libX11: Off-by-one error in XListExtensions in ListExt.c (CVE-2018-14599)

* libX11: Out of Bounds write in XListExtensions in ListExt.c (CVE-2018-14600)

* libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash (CVE-2018-15857)

* libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash (CVE-2018-15853)

* libxkbcommon: NULL pointer dereference resulting in a crash (CVE-2018-15854)

* libxkbcommon: NULL pointer dereference when handling xkb_geometry (CVE-2018-15855)

* libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash (CVE-2018-15856)

* libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash (CVE-2018-15859)

* libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash (CVE-2018-15861)

* libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash (CVE-2018-15862)

* libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash (CVE-2018-15863)

* libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash (CVE-2018-15864)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes :

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
Plugin Information
Published: 2019/08/30, Modified: 2020/02/07
Plugin Output

ipaddr (tcp/0)


Remote package installed : xorg-x11-drv-ati-19.0.1-3.el7
Should be : xorg-x11-drv-ati-19.0.1-3.el7_7


NOTE: The security advisory associated with this vulnerability has a
fixed package version that may only be available in the continuous
release (CR) repository for CentOS, until it is present in the next
point release of CentOS.

If an equal or higher package level does not exist in the baseline
repository for your major version of CentOS, then updates from the CR
repository will need to be applied in order to address the
vulnerability.
142600 (1) - CentOS 7 : nss and nspr (CESA-2020:4076)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4076 advisory.

- nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719)

- nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727)

- nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756)

- nss: Check length of inputs for cryptographic primitives (CVE-2019-17006)

- nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023)

- nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400)

- nss: ECDSA timing attack mitigation bypass (CVE-2020-12401)

- nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402)

- nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403)

- nss: Side channel attack on ECDSA signature generation (CVE-2020-6829)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.8 (CVSS2#E:POC/RL:OF/RC:C)
References
Plugin Information
Published: 2020/11/06, Modified: 2024/02/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : nspr-4.21.0-1.el7
Should be : nspr-4.25.0-2.el7_9

Remote package installed : nss-3.44.0-7.el7_7
Should be : nss-3.53.1-3.el7_9

Remote package installed : nss-softokn-3.44.0-8.el7_7
Should be : nss-softokn-3.53.1-6.el7_9

Remote package installed : nss-softokn-freebl-3.44.0-8.el7_7
Should be : nss-softokn-freebl-3.53.1-6.el7_9

Remote package installed : nss-sysinit-3.44.0-7.el7_7
Should be : nss-sysinit-3.53.1-3.el7_9

Remote package installed : nss-tools-3.44.0-7.el7_7
Should be : nss-tools-3.53.1-3.el7_9

Remote package installed : nss-util-3.44.0-4.el7_7
Should be : nss-util-3.53.1-1.el7_9


NOTE: The security advisory associated with this vulnerability has a
fixed package version that may only be available in the continuous
release (CR) repository for CentOS, until it is present in the next
point release of CentOS.

If an equal or higher package level does not exist in the baseline
repository for your major version of CentOS, then updates from the CR
repository will need to be applied in order to address the
vulnerability.
142602 (1) - CentOS 7 : firefox (CESA-2020:4310)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:4310 advisory.

- Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)

- chromium-browser: Use after free in WebRTC (CVE-2020-15969)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-15683
CVE CVE-2020-15969
XREF RHSA:2020:4310
XREF CWE:120
Plugin Information
Published: 2020/11/06, Modified: 2020/11/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-78.4.0-1.el7.centos


NOTE: The security advisory associated with this vulnerability has a
fixed package version that may only be available in the continuous
release (CR) repository for CentOS, until it is present in the next
point release of CentOS.

If an equal or higher package level does not exist in the baseline
repository for your major version of CentOS, then updates from the CR
repository will need to be applied in order to address the
vulnerability.
146880 (1) - CentOS 7 : libexif (CESA-2020:5402)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:5402 advisory.

- libexif: out of bounds write due to an integer overflow in exif-entry.c (CVE-2020-0452)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected libexif, libexif-devel and / or libexif-doc packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-0452
XREF RHSA:2020:5402
XREF CWE:190
Plugin Information
Published: 2021/02/27, Modified: 2021/03/01
Plugin Output

ipaddr (tcp/0)


Remote package installed : libexif-0.6.22-1.el7
Should be : libexif-0.6.22-2.el7_9
152909 (1) - CentOS 7 : libX11 (CESA-2021:3296)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:3296 advisory.

- libX11: missing request length checks (CVE-2021-31535)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected libX11, libX11-common and / or libX11-devel packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2021-31535
XREF RHSA:2021:3296
XREF CWE:20
XREF CWE:77
Plugin Information
Published: 2021/08/30, Modified: 2021/08/31
Plugin Output

ipaddr (tcp/0)


Remote package installed : libX11-1.6.7-2.el7
Should be : libX11-1.6.7-4.el7_9

Remote package installed : libX11-common-1.6.7-2.el7
Should be : libX11-common-1.6.7-4.el7_9

Remote package installed : libX11-devel-1.6.7-2.el7
Should be : libX11-devel-1.6.7-4.el7_9
155539 (1) - CentOS 7 : firefox (CESA-2021:4116)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:4116 advisory.

- Mozilla: iframe sandbox rules did not apply to XSLT stylesheets (CVE-2021-38503)

- Mozilla: Use-after-free in file picker dialog (CVE-2021-38504)

- Mozilla: Firefox could be coaxed into going into fullscreen mode without notification or warning (CVE-2021-38506)

- Mozilla: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports (CVE-2021-38507)

- Mozilla: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing (CVE-2021-38508)

- Mozilla: Javascript alert box could have been spoofed onto an arbitrary domain (CVE-2021-38509)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
High
CVSS v3.0 Base Score
10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-38503
CVE CVE-2021-38504
CVE CVE-2021-38506
CVE CVE-2021-38507
CVE CVE-2021-38508
CVE CVE-2021-38509
XREF IAVA:2021-A-0527-S
XREF RHSA:2021:4116
XREF CWE:416
XREF CWE:732
XREF CWE:829
XREF CWE:1021
Plugin Information
Published: 2021/11/17, Modified: 2022/03/17
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-91.3.0-1.el7.centos
155543 (1) - CentOS 7 : libxml2 (CESA-2021:3810)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:3810 advisory.

- libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-4658
XREF RHSA:2021:3810
XREF CWE:416
Plugin Information
Published: 2021/11/17, Modified: 2021/11/17
Plugin Output

ipaddr (tcp/0)


Remote package installed : libxml2-2.9.1-6.el7.5
Should be : libxml2-2.9.1-6.el7_9.6

Remote package installed : libxml2-python-2.9.1-6.el7.5
Should be : libxml2-python-2.9.1-6.el7_9.6
155551 (1) - CentOS 7 : firefox (CESA-2021:3791)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:3791 advisory.

- rust-crossbeam-deque: race condition may lead to double free (CVE-2021-32810)

- Mozilla: Use-after-free in MessageTask (CVE-2021-38496)

- Mozilla: Validation message could have been overlaid on another origin (CVE-2021-38497)

- Mozilla: Use-after-free of nsLanguageAtomService object (CVE-2021-38498)

- Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 (CVE-2021-38500)

- Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 (CVE-2021-38501)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Medium
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-32810
CVE CVE-2021-38496
CVE CVE-2021-38497
CVE CVE-2021-38498
CVE CVE-2021-38500
CVE CVE-2021-38501
XREF IAVA:2021-A-0461-S
XREF IAVA:2021-A-0450-S
XREF RHSA:2021:3791
XREF CWE:119
XREF CWE:120
XREF CWE:416
XREF CWE:1021
Plugin Information
Published: 2021/11/17, Modified: 2022/05/06
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-91.2.0-4.el7.centos
155942 (1) - CentOS 7 : nss (CESA-2021:4904)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4904 advisory.

- nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS) (CVE-2021-43527)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.1 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:C)
References
CVE CVE-2021-43527
XREF RHSA:2021:4904
XREF CWE:120
Plugin Information
Published: 2021/12/08, Modified: 2023/11/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : nss-3.44.0-7.el7_7
Should be : nss-3.67.0-4.el7_9

Remote package installed : nss-sysinit-3.44.0-7.el7_7
Should be : nss-sysinit-3.67.0-4.el7_9

Remote package installed : nss-tools-3.44.0-7.el7_7
Should be : nss-tools-3.67.0-4.el7_9
156821 (1) - CentOS 7 : firefox (CESA-2022:0124)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:0124 advisory.

- Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140)

- Mozilla: Race condition when playing audio files (CVE-2022-22737)

- Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)

- Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739)

- Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)

- Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741, CVE-2022-22743)

- Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742)

- Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745)

- Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)

- Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748)

- Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.8 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
Plugin Information
Published: 2022/01/19, Modified: 2023/11/20
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-91.5.0-1.el7.centos
156860 (1) - Apache Log4j 1.x Multiple Vulnerabilities
-
Synopsis
A logging library running on the remote host has multiple vulnerabilities.
Description
According to its self-reported version number, the installation of Apache Log4j on the remote host is 1.x and is no longer supported. Log4j reached its end of life prior to 2016. Additionally, Log4j 1.x is affected by multiple vulnerabilities, including :

- Log4j includes a SocketServer that accepts serialized log events and deserializes them without verifying whether the objects are allowed or not. This can provide an attack vector that can be exploited. (CVE-2019-17571)

- Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. (CVE-2020-9488)

- JMSSink uses JNDI in an unprotected manner allowing any application using the JMSSink to be vulnerable if it is configured to reference an untrusted site or if the site referenced can be accesseed by the attacker.
(CVE-2022-23302)

Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.
See Also
Solution
Upgrade to a version of Apache Log4j that is currently supported.

Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.1 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:F/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2019-17571
CVE CVE-2020-9488
CVE CVE-2022-23302
CVE CVE-2022-23305
CVE CVE-2022-23307
CVE CVE-2023-26464
XREF CEA-ID:CEA-2021-0004
XREF CEA-ID:CEA-2021-0025
XREF IAVA:2021-A-0573
Plugin Information
Published: 2022/01/19, Modified: 2023/11/20
Plugin Output

ipaddr (tcp/0)


Path : /usr/share/java/log4j.jar
Installed version : 1.2.17
157452 (1) - CentOS 7 : log4j (CESA-2022:0442)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:0442 advisory.

- log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)

- log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)

- log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected log4j, log4j-javadoc and / or log4j-manual packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.1 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:F/RL:OF/RC:C)
References
CVE CVE-2022-23302
CVE CVE-2022-23305
CVE CVE-2022-23307
XREF RHSA:2022:0442
XREF CWE:20
XREF CWE:502
Plugin Information
Published: 2022/02/08, Modified: 2023/11/13
Plugin Output

ipaddr (tcp/0)


Remote package installed : log4j-1.2.17-16.el7_4
Should be : log4j-1.2.17-18.el7_4
158083 (1) - CentOS 7 : firefox (CESA-2022:0514)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:0514 advisory.

- Mozilla: Extensions could have bypassed permission confirmation during update (CVE-2022-22754)

- Mozilla: Drag and dropping an image could have resulted in the dropped object being an executable (CVE-2022-22756)

- Mozilla: Sandboxed iframes could have executed script if the parent appended elements (CVE-2022-22759)

- Mozilla: Cross-Origin responses could be distinguished between script and non-script content-types (CVE-2022-22760)

- Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages (CVE-2022-22761)

- Mozilla: Script Execution during invalid object state (CVE-2022-22763)

- Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6 (CVE-2022-22764)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.6 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.8 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2022-22754
CVE CVE-2022-22756
CVE CVE-2022-22759
CVE CVE-2022-22760
CVE CVE-2022-22761
CVE CVE-2022-22763
CVE CVE-2022-22764
XREF IAVA:2022-A-0079-S
XREF RHSA:2022:0514
XREF CWE:94
XREF CWE:120
XREF CWE:829
XREF CWE:1021
Plugin Information
Published: 2022/02/15, Modified: 2023/11/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-91.6.0-1.el7.centos
159315 (1) - CentOS 7 : firefox (CESA-2022:0824)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:0824 advisory.

- expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)

- expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution (CVE-2022-25236)

- expat: Integer overflow in storeRawNames() (CVE-2022-25315)

- Mozilla: Use-after-free in text reflows (CVE-2022-26381)

- Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)

- Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)

- Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)

- Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)

- Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)

- Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.1 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2022-25235
CVE CVE-2022-25236
CVE CVE-2022-25315
CVE CVE-2022-26381
CVE CVE-2022-26383
CVE CVE-2022-26384
CVE CVE-2022-26386
CVE CVE-2022-26387
CVE CVE-2022-26485
CVE CVE-2022-26486
XREF IAVA:2022-A-0103-S
XREF CISA-KNOWN-EXPLOITED:2022/03/21
XREF RHSA:2022:0824
XREF CWE:20
XREF CWE:190
XREF CWE:281
XREF CWE:367
XREF CWE:416
XREF CWE:451
XREF CWE:787
XREF CWE:838
Plugin Information
Published: 2022/03/29, Modified: 2023/04/25
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-91.7.0-3.el7.centos
159324 (1) - CentOS 7 : expat (CESA-2022:1069)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1069 advisory.

- expat: Large number of prefixed XML attributes on a single tag can crash libexpat (CVE-2021-45960)

- expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143)

- expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822)

- expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823)

- expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824)

- expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825)

- expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826)

- expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827)

- expat: Integer overflow in function XML_GetBuffer (CVE-2022-23852)

- expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)

- expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution (CVE-2022-25236)

- expat: Integer overflow in storeRawNames() (CVE-2022-25315)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected expat, expat-devel and / or expat-static packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.1 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:F/RL:OF/RC:C)
References
Plugin Information
Published: 2022/03/30, Modified: 2023/11/03
Plugin Output

ipaddr (tcp/0)


Remote package installed : expat-2.1.0-12.el7
Should be : expat-2.1.0-14.el7_9
160683 (1) - CentOS 7 : firefox (CESA-2022:1703)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:1703 advisory.

- Mozilla: Bypassing permission prompt in nested browsing contexts (CVE-2022-29909)

- Mozilla: iframe Sandbox bypass (CVE-2022-29911)

- Mozilla: Reader mode bypassed SameSite cookies (CVE-2022-29912)

- Mozilla: Fullscreen notification bypass using popups (CVE-2022-29914)

- Mozilla: Leaking browser history with CSS variables (CVE-2022-29916)

- Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9 (CVE-2022-29917)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.8 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2022-29909
CVE CVE-2022-29911
CVE CVE-2022-29912
CVE CVE-2022-29914
CVE CVE-2022-29916
CVE CVE-2022-29917
XREF IAVA:2022-A-0188-S
XREF RHSA:2022:1703
XREF CWE:120
XREF CWE:200
XREF CWE:281
XREF CWE:565
XREF CWE:1021
Plugin Information
Published: 2022/05/06, Modified: 2023/10/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-91.9.0-1.el7.centos
163736 (1) - CentOS 7 : firefox (CESA-2022:5479)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:5479 advisory.

- Mozilla: Undesired attributes could be set as part of prototype pollution (CVE-2022-2200)

- Mozilla: CSP bypass enabling stylesheet injection (CVE-2022-31744)

- Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI (CVE-2022-34468)

- Mozilla: Use-after-free in nsSHistory (CVE-2022-34470)

- Mozilla: Unavailable PAC file resulted in OCSP requests being blocked (CVE-2022-34472)

- Mozilla: A popup window could be resized in a way to overlay the address bar with web content (CVE-2022-34479)

- Mozilla: Potential integer overflow in ReplaceElementsAt (CVE-2022-34481)

- Mozilla: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 (CVE-2022-34484)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.8 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2022-2200
CVE CVE-2022-31744
CVE CVE-2022-34468
CVE CVE-2022-34470
CVE CVE-2022-34472
CVE CVE-2022-34479
CVE CVE-2022-34481
CVE CVE-2022-34484
XREF IAVA:2022-A-0226-S
XREF IAVA:2022-A-0256-S
XREF RHSA:2022:5479
XREF CWE:79
XREF CWE:120
XREF CWE:190
XREF CWE:393
XREF CWE:416
XREF CWE:1021
XREF CWE:1321
Plugin Information
Published: 2022/08/02, Modified: 2023/10/17
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-91.11.0-2.el7.centos
163748 (1) - CentOS 7 : python (CESA-2022:5235)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:5235 advisory.

- python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)

- python-urllib3: CRLF injection via HTTP request method (CVE-2020-26137)

- python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.1 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2020-26116
CVE CVE-2020-26137
CVE CVE-2021-3177
XREF IAVA:2021-A-0052-S
XREF IAVA:2020-A-0340-S
XREF RHSA:2022:5235
XREF CWE:113
XREF CWE:120
Plugin Information
Published: 2022/08/02, Modified: 2023/10/17
Plugin Output

ipaddr (tcp/0)


Remote package installed : python-2.7.5-89.el7
Should be : python-2.7.5-92.el7_9

Remote package installed : python-libs-2.7.5-89.el7
Should be : python-libs-2.7.5-92.el7_9
163750 (1) - CentOS 7 : firefox (CESA-2022:4870)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:4870 advisory.

- Mozilla: Cross-Origin resource's length leaked (CVE-2022-31736)

- Mozilla: Heap buffer overflow in WebGL (CVE-2022-31737)

- Mozilla: Browser window spoof using fullscreen mode (CVE-2022-31738)

- Mozilla: Register allocation problem in WASM on arm64 (CVE-2022-31740)

- Mozilla: Uninitialized variable leads to invalid memory read (CVE-2022-31741)

- Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross- origin information (CVE-2022-31742)

- Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10 (CVE-2022-31747)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2022-31736
CVE CVE-2022-31737
CVE CVE-2022-31738
CVE CVE-2022-31740
CVE CVE-2022-31741
CVE CVE-2022-31742
CVE CVE-2022-31747
XREF IAVA:2022-A-0226-S
XREF RHSA:2022:4870
XREF CWE:120
XREF CWE:457
XREF CWE:770
XREF CWE:829
XREF CWE:1021
Plugin Information
Published: 2022/08/02, Modified: 2023/01/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-91.10.0-1.el7.centos
164630 (1) - CentOS 7 : systemd (CESA-2022:6160)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:6160 advisory.

- systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c (CVE-2022-2526)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-2526
XREF RHSA:2022:6160
XREF CWE:416
Plugin Information
Published: 2022/09/01, Modified: 2022/12/06
Plugin Output

ipaddr (tcp/0)


Remote package installed : libgudev1-219-78.el7
Should be : libgudev1-219-78.el7_9.7

Remote package installed : systemd-219-78.el7
Should be : systemd-219-78.el7_9.7

Remote package installed : systemd-libs-219-78.el7
Should be : systemd-libs-219-78.el7_9.7

Remote package installed : systemd-python-219-78.el7
Should be : systemd-python-219-78.el7_9.7

Remote package installed : systemd-sysv-219-78.el7
Should be : systemd-sysv-219-78.el7_9.7
168318 (1) - CentOS 7 : firefox (CESA-2022:8552)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:8552 advisory.

- Mozilla: Service Workers might have learned size of cross-origin media files (CVE-2022-45403)

- Mozilla: Fullscreen notification bypass (CVE-2022-45404)

- Mozilla: Use-after-free in InputStream implementation (CVE-2022-45405)

- Mozilla: Use-after-free of a JavaScript Realm (CVE-2022-45406)

- Mozilla: Fullscreen notification bypass via windowName (CVE-2022-45408)

- Mozilla: Use-after-free in Garbage Collection (CVE-2022-45409)

- Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy (CVE-2022-45410)

- Mozilla: Cross-Site Tracing was possible via non-standard override headers (CVE-2022-45411)

- Mozilla: Symlinks may resolve to partially uninitialized buffers (CVE-2022-45412)

- Mozilla: Keystroke Side-Channel Leakage (CVE-2022-45416)

- Mozilla: Custom mouse cursor could have been drawn over browser UI (CVE-2022-45418)

- Mozilla: Iframe contents could be rendered outside the iframe (CVE-2022-45420)

- Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5 (CVE-2022-45421)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
Plugin Information
Published: 2022/12/01, Modified: 2023/01/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-102.5.0-1.el7.centos
172034 (1) - CentOS 7 : git (RHSA-2023:0978)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0978 advisory.

- git: gitattributes parsing integer overflow (CVE-2022-23521)

- git: Heap overflow in `git archive`, `git log --format` leading to RCE (CVE-2022-41903)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-23521
CVE CVE-2022-41903
XREF RHSA:2023:0978
XREF CWE:190
Plugin Information
Published: 2023/03/01, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : git-1.8.3.1-23.el7_8
Should be : git-1.8.3.1-24.el7_9

Remote package installed : perl-Git-1.8.3.1-23.el7_8
Should be : perl-Git-1.8.3.1-24.el7_9
172360 (1) - CentOS 7 : zlib (RHSA-2023:1095)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1095 advisory.

- zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). (CVE-2022-37434)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.8 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2022-37434
XREF RHSA:2023:1095
XREF CWE:119
Plugin Information
Published: 2023/03/09, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : zlib-1.2.7-18.el7
Should be : zlib-1.2.7-21.el7_9
182252 (1) - Apache Log4j SEoL (<= 1.x)
-
Synopsis
An unsupported version of Apache Log4j is installed on the remote host.
Description
According to its version, Apache Log4j is less than or equal to 1.x. It is, therefore, no longer maintained by its vendor or provider.

Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities.
See Also
Solution
Upgrade to a version of Apache Log4j that is currently supported.
Risk Factor
Critical
CVSS v3.0 Base Score
10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Plugin Information
Published: 2023/09/29, Modified: 2023/11/02
Plugin Output

ipaddr (tcp/0)


Path : /usr/share/java/log4j.jar
Installed version : 1.2.17
Security End of Life : August 4, 2015
Time since Security End of Life (Est.) : >= 8 years
187240 (1) - CentOS 7 : openssh (RHSA-2023:4382)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4382 advisory.

- The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009. (CVE-2023-38408)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.8 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-38408
XREF IAVA:2023-A-0377-S
XREF RHSA:2023:4382
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : openssh-7.4p1-21.el7
Should be : openssh-7.4p1-23.el7_9

Remote package installed : openssh-clients-7.4p1-21.el7
Should be : openssh-clients-7.4p1-23.el7_9

Remote package installed : openssh-server-7.4p1-21.el7
Should be : openssh-server-7.4p1-23.el7_9
187255 (1) - CentOS 7 : firefox (RHSA-2023:3579)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3579 advisory.

- The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a site with a certificate error and made the renderer extremely busy at the same time, it could create a gap between when the error page was loaded and when the display actually refreshed. With the right timing the elicited clicks could land in that gap and activate the button that overrides the certificate error for that site.
This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12. (CVE-2023-34414)

- Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12. (CVE-2023-34416)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-34414
CVE CVE-2023-34416
XREF IAVA:2023-A-0277-S
XREF RHSA:2023:3579
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-102.12.0-1.el7.centos
187257 (1) - CentOS 7 : firefox (RHSA-2023:5477)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5477 advisory.

- During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1. (CVE-2023-3600)

- A compromised content process could have provided malicious data in a `PathRecording` resulting in an out- of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. (CVE-2023-5169)

- During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. (CVE-2023-5171)

- Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. (CVE-2023-5176)

- Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-5217)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.1 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
8.3 (CVSS2#E:F/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-3600
CVE CVE-2023-5169
CVE CVE-2023-5171
CVE CVE-2023-5176
CVE CVE-2023-5217
XREF CISA-KNOWN-EXPLOITED:2023/10/23
XREF IAVA:2023-A-0337-S
XREF IAVA:2023-A-0507-S
XREF IAVA:2023-A-0522-S
XREF RHSA:2023:5477
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-115.3.1-1.el7_9
187266 (1) - CentOS 7 : firefox (RHSA-2023:6162)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6162 advisory.

- VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. (CVE-2023-44488)

- It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119, Firefox ESR <
115.4, and Thunderbird < 115.4.1. (CVE-2023-5721)

- Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
(CVE-2023-5724)

- A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. (CVE-2023-5725)

- During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. (CVE-2023-5728)

- Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. (CVE-2023-5730)

- An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4.1. (CVE-2023-5732)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-5721
CVE CVE-2023-5724
CVE CVE-2023-5725
CVE CVE-2023-5728
CVE CVE-2023-5730
CVE CVE-2023-5732
CVE CVE-2023-44488
XREF IAVA:2023-A-0585-S
XREF RHSA:2023:6162
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-115.4.0-1.el7_9
187759 (1) - CentOS 7 : firefox (RHSA-2023:4461)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4461 advisory.

- Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. (CVE-2023-4045)

- In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. (CVE-2023-4046)

- A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. (CVE-2023-4047)

- An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR <
115.1. (CVE-2023-4048)

- Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. (CVE-2023-4049)

- In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. (CVE-2023-4050)

- When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused requests to be sent with some cookies missing. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. (CVE-2023-4055)

- Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. (CVE-2023-4056)

- Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1. (CVE-2023-4057)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-4045
CVE CVE-2023-4046
CVE CVE-2023-4047
CVE CVE-2023-4048
CVE CVE-2023-4049
CVE CVE-2023-4050
CVE CVE-2023-4055
CVE CVE-2023-4056
CVE CVE-2023-4057
XREF IAVA:2023-A-0388-S
XREF RHSA:2023:4461
Plugin Information
Published: 2024/01/09, Modified: 2024/01/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-102.14.0-1.el7_9
189284 (1) - CentOS 7 : xorg-x11-server (RHSA-2024:0320)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0320 advisory.

- A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used. (CVE-2023-6816)

- The X.Org project reports: Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255 but the X.Org Server was only allocating space for the device's number of buttons, leading to a heap overflow if a bigger value was used. If a device has both a button class and a key class and numButtons is zero, we can get an out-of-bounds write due to event under- allocation in the DeliverStateNotifyEvent function. The XISendDeviceHierarchyEvent() function allocates space to store up to MAXDEVICES (256) xXIHierarchyInfo structures in info.
If a device with a given ID was removed and a new device with the same ID added both in the same operation, the single device ID will lead to two info structures being written to info. Since this case can occur for every device ID at once, a total of two times MAXDEVICES info structures might be written to the allocation, leading to a heap buffer overflow. The DisableDevice() function is called whenever an enabled device is disabled and it moves the device from the inputInfo.devices linked list to the inputInfo.off_devices linked list. However, its link/unlink operation has an issue during the recursive call to DisableDevice() due to the prev pointer pointing to a removed device. This issue leads to a length mismatch between the total number of devices and the number of device in the list, leading to a heap overflow and, possibly, to local privilege escalation.
(CVE-2024-0229, CVE-2024-21885, CVE-2024-21886)

- A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.
(CVE-2024-0408)

- A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context. (CVE-2024-0409)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
Plugin Information
Published: 2024/01/22, Modified: 2024/01/29
Plugin Output

ipaddr (tcp/0)


Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-27.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-27.el7_9
26919 (1) - Microsoft Windows SMB Guest Account Local User Access
-
Synopsis
It is possible to log into the remote host.
Description
The remote host is running one of the Microsoft Windows operating systems or the SAMBA daemon. It was possible to log into it as a guest user using a random account.
Solution
In the group policy change the setting for 'Network access: Sharing and security model for local accounts' from 'Guest only - local users authenticate as Guest' to 'Classic - local users authenticate as themselves'. Disable the Guest account if applicable.

If the SAMBA daemon is running, double-check the SAMBA configuration around guest user access and disable guest access if appropriate
Risk Factor
High
CVSS v2.0 Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
References
Exploitable With
Metasploit (true)
Plugin Information
Published: 2007/10/04, Modified: 2020/09/21
Plugin Output

ipaddr (tcp/445/cifs)

42873 (1) - SSL Medium Strength Cipher Suites Supported (SWEET32)
-
Synopsis
The remote service supports the use of medium strength SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite.

Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network.
See Also
Solution
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
References
Plugin Information
Published: 2009/11/23, Modified: 2021/02/03
Plugin Output

ipaddr (tcp/443/www)


Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EDH-RSA-DES-CBC3-SHA 0x00, 0x16 DH RSA 3DES-CBC(168) SHA1
ECDHE-RSA-DES-CBC3-SHA 0xC0, 0x12 ECDH RSA 3DES-CBC(168) SHA1
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
139420 (1) - CentOS 7 : firefox (CESA-2020:3253)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:3253 advisory.

- Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)

- Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)

- chromium-browser: Use after free in ANGLE (CVE-2020-6463)

- chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.3 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2020-6463
CVE CVE-2020-6514
CVE CVE-2020-15652
CVE CVE-2020-15659
XREF RHSA:2020:3253
XREF IAVA:2020-A-0344-S
XREF CWE:120
XREF CWE:209
XREF CWE:416
Plugin Information
Published: 2020/08/07, Modified: 2024/02/26
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-68.11.0-1.el7.centos
140123 (1) - CentOS 7 : firefox (CESA-2020:3556)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:3556 advisory.

- Mozilla: Attacker-induced prompt for extension installation (CVE-2020-15664)

- Mozilla: Use-After-Free when aborting an operation (CVE-2020-15669)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2020-15664
CVE CVE-2020-15669
XREF RHSA:2020:3556
XREF IAVA:2020-A-0391-S
XREF CWE:416
XREF CWE:648
Plugin Information
Published: 2020/09/01, Modified: 2020/12/01
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-68.12.0-1.el7.centos
142603 (1) - CentOS 7 : libX11 (CESA-2020:4908)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4908 advisory.

- libX11: integer overflow leads to double free in locale handling (CVE-2020-14363)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected libX11, libX11-common and / or libX11-devel packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
3.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2020-14363
XREF RHSA:2020:4908
XREF CWE:190
XREF CWE:416
Plugin Information
Published: 2020/11/06, Modified: 2024/02/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : libX11-1.6.7-2.el7
Should be : libX11-1.6.7-3.el7_9

Remote package installed : libX11-common-1.6.7-2.el7
Should be : libX11-common-1.6.7-3.el7_9

Remote package installed : libX11-devel-1.6.7-2.el7
Should be : libX11-devel-1.6.7-3.el7_9


NOTE: The security advisory associated with this vulnerability has a
fixed package version that may only be available in the continuous
release (CR) repository for CentOS, until it is present in the next
point release of CentOS.

If an equal or higher package level does not exist in the baseline
repository for your major version of CentOS, then updates from the CR
repository will need to be applied in order to address the
vulnerability.
142607 (1) - CentOS 7 : xorg-x11-server (CESA-2020:4910)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4910 advisory.

- xorg-x11-server: Out-of-bounds access in XkbSetNames function (CVE-2020-14345)

- xorg-x11-server: Integer underflow in the X input extension protocol (CVE-2020-14346)

- xorg-x11-server: XkbSelectEvents integer underflow privilege escalation vulnerability (CVE-2020-14361)

- xorg-x11-server: XRecordRegisterClients integer underflow privilege escalation vulnerability (CVE-2020-14362)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
3.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-14345
CVE CVE-2020-14346
CVE CVE-2020-14361
CVE CVE-2020-14362
XREF RHSA:2020:4910
XREF CWE:119
XREF CWE:190
Plugin Information
Published: 2020/11/06, Modified: 2020/11/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-12.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-12.el7_9


NOTE: The security advisory associated with this vulnerability has a
fixed package version that may only be available in the continuous
release (CR) repository for CentOS, until it is present in the next
point release of CentOS.

If an equal or higher package level does not exist in the baseline
repository for your major version of CentOS, then updates from the CR
repository will need to be applied in order to address the
vulnerability.
142609 (1) - CentOS 7 : libcroco (CESA-2020:4072)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4072 advisory.

- libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c (CVE-2020-12825)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected libcroco and / or libcroco-devel packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.1 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H)
CVSS v3.0 Temporal Score
6.4 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)
CVSS v2.0 Temporal Score
4.5 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2020-12825
XREF RHSA:2020:4072
XREF CWE:121
XREF CWE:674
Plugin Information
Published: 2020/11/06, Modified: 2024/02/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : libcroco-0.6.12-4.el7
Should be : libcroco-0.6.12-6.el7_9


NOTE: The security advisory associated with this vulnerability has a
fixed package version that may only be available in the continuous
release (CR) repository for CentOS, until it is present in the next
point release of CentOS.

If an equal or higher package level does not exist in the baseline
repository for your major version of CentOS, then updates from the CR
repository will need to be applied in order to address the
vulnerability.
143046 (1) - CentOS 7 : python (CESA-2020:5009)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:5009 advisory.

- python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2019-20907
XREF RHSA:2020:5009
XREF CWE:20
XREF CWE:835
Plugin Information
Published: 2020/11/18, Modified: 2020/11/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : python-2.7.5-89.el7
Should be : python-2.7.5-90.el7

Remote package installed : python-libs-2.7.5-89.el7
Should be : python-libs-2.7.5-90.el7
143048 (1) - CentOS 7 : python3 (CESA-2020:5010)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5010 advisory.

- python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907)

- python: DoS via inefficiency in IPv{4,6}Interface classes (CVE-2020-14422)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2019-20907
CVE CVE-2020-14422
XREF RHSA:2020:5010
XREF CWE:20
XREF CWE:400
XREF CWE:835
Plugin Information
Published: 2020/11/18, Modified: 2020/11/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : python3-3.6.8-17.el7
Should be : python3-3.6.8-18.el7

Remote package installed : python3-libs-3.6.8-17.el7
Should be : python3-libs-3.6.8-18.el7
143057 (1) - CentOS 7 : curl (CESA-2020:5002)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:5002 advisory.

- curl: Incorrect argument check can allow remote servers to overwrite local files (CVE-2020-8177)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected curl, libcurl and / or libcurl-devel packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
3.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2020-8177
XREF RHSA:2020:5002
Plugin Information
Published: 2020/11/18, Modified: 2024/02/08
Plugin Output

ipaddr (tcp/0)


Remote package installed : curl-7.29.0-59.el7
Should be : curl-7.29.0-59.el7_9.1

Remote package installed : libcurl-7.29.0-59.el7
Should be : libcurl-7.29.0-59.el7_9.1
143114 (1) - CentOS 7 : firefox (CESA-2020:5099)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the CESA-2020:5099 advisory.

- Mozilla: Write side effects in MCallGetProperty opcode not accounted for (CVE-2020-26950)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.2 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.7 (CVSS2#E:F/RL:OF/RC:C)
References
CVE CVE-2020-26950
XREF RHSA:2020:5099
XREF CWE:416
Exploitable With
Metasploit (true)
Plugin Information
Published: 2020/11/19, Modified: 2022/03/01
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-78.4.1-1.el7.centos
144004 (1) - CentOS 7 : firefox (CESA-2020:5239)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:5239 advisory.

- Mozilla: Variable time processing of cross-origin images during drawImage calls (CVE-2020-16012)

- Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code (CVE-2020-26951)

- Mozilla: Fullscreen could be enabled without displaying the security UI (CVE-2020-26953)

- Mozilla: XSS through paste (manual and clipboard API) (CVE-2020-26956)

- Mozilla: Requests intercepted through ServiceWorkers lacked MIME type restrictions (CVE-2020-26958)

- Mozilla: Use-after-free in WebRequestService (CVE-2020-26959)

- Mozilla: Potential use-after-free in uses of nsTArray (CVE-2020-26960)

- Mozilla: DoH did not filter IPv4 mapped IP Addresses (CVE-2020-26961)

- Mozilla: Software keyboards may have remembered typed passwords (CVE-2020-26965)

- Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 (CVE-2020-26968)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.3 (CVSS2#E:POC/RL:OF/RC:C)
References
Plugin Information
Published: 2020/12/09, Modified: 2024/02/02
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-78.5.0-1.el7.centos
144370 (1) - CentOS 7 : gd (CESA-2020:5443)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:5443 advisory.

- gd: Integer overflow in _gd2GetHeader() resulting in heap overflow (CVE-2016-5766)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected gd, gd-devel and / or gd-progs packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2016-5766
XREF RHSA:2020:5443
XREF CWE:122
XREF CWE:190
Plugin Information
Published: 2020/12/17, Modified: 2024/02/01
Plugin Output

ipaddr (tcp/0)


Remote package installed : gd-2.0.35-26.el7
Should be : gd-2.0.35-27.el7_9
144549 (1) - CentOS 7 : kernel (CESA-2020:5437)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5437 advisory.

- kernel: The flow_dissector feature allows device tracking (CVE-2019-18282)

- kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload longer than 4 bytes is not aligned. (CVE-2020-10769)

- kernel: buffer uses out of index in ext3/4 filesystem (CVE-2020-14314)

- kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt (CVE-2020-14385)

- kernel: umask not applied on filesystem without ACL support (CVE-2020-24394)

- kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212)

- kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow (CVE-2020-25643)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.2 (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.5 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:C)
CVSS v2.0 Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2019-18282
CVE CVE-2020-10769
CVE CVE-2020-14314
CVE CVE-2020-14385
CVE CVE-2020-24394
CVE CVE-2020-25212
CVE CVE-2020-25643
XREF RHSA:2020:5437
XREF CWE:20
XREF CWE:119
XREF CWE:125
XREF CWE:131
XREF CWE:200
XREF CWE:367
XREF CWE:732
Plugin Information
Published: 2020/12/22, Modified: 2024/01/31
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.11.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.11.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.11.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.11.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.11.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.11.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.11.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.11.1.el7
144972 (1) - CentOS 7 : python-rtslib (CESA-2020:5435)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:5435 advisory.

- python-rtslib: weak permissions for /etc/target/saveconfig.json (CVE-2020-14019)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected python-rtslib and / or python-rtslib-doc packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
3.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-14019
XREF RHSA:2020:5435
XREF CWE:282
Plugin Information
Published: 2021/01/14, Modified: 2021/01/15
Plugin Output

ipaddr (tcp/0)


Remote package installed : python-rtslib-2.1.72-1.el7
Should be : python-rtslib-2.1.74-1.el7_9
145037 (1) - CentOS 7 : firefox (CESA-2021:0053)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:0053 advisory.

- Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2020-16044
XREF RHSA:2021:0053
XREF IAVA:2021-A-0005-S
XREF CWE:416
Plugin Information
Published: 2021/01/16, Modified: 2021/08/12
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-78.6.1-1.el7.centos
145444 (1) - CentOS 7 : net-snmp (CESA-2020:5350)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:5350 advisory.

- net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution (CVE-2020-15862)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-15862
XREF RHSA:2020:5350
XREF CWE:250
Plugin Information
Published: 2021/01/26, Modified: 2021/01/27
Plugin Output

ipaddr (tcp/0)


Remote package installed : net-snmp-5.7.2-49.el7
Should be : net-snmp-5.7.2-49.el7_9.1

Remote package installed : net-snmp-agent-libs-5.7.2-49.el7
Should be : net-snmp-agent-libs-5.7.2-49.el7_9.1

Remote package installed : net-snmp-libs-5.7.2-49.el7
Should be : net-snmp-libs-5.7.2-49.el7_9.1

Remote package installed : net-snmp-utils-5.7.2-49.el7
Should be : net-snmp-utils-5.7.2-49.el7_9.1
145519 (1) - CentOS 7 : sudo (CESA-2021:0221)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:0221 advisory.

- sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected sudo and / or sudo-devel packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.3 (CVSS2#E:H/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-3156
XREF RHSA:2021:0221
XREF IAVA:2021-A-0053
XREF CISA-KNOWN-EXPLOITED:2022/04/27
XREF CWE:122
Exploitable With
CANVAS (true) Core Impact (true) Metasploit (true)
Plugin Information
Published: 2021/01/28, Modified: 2023/01/18
Plugin Output

ipaddr (tcp/0)


Remote package installed : sudo-1.8.23-10.el7
Should be : sudo-1.8.23-10.el7_9.1
146097 (1) - CentOS 7 : glibc (CESA-2021:0348)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:0348 advisory.

- glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (CVE-2019-25013)

- glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions (CVE-2020-10029)

- glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern (CVE-2020-29573)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.7 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.1 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS v2.0 Temporal Score
5.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2019-25013
CVE CVE-2020-10029
CVE CVE-2020-29573
XREF RHSA:2021:0348
XREF CWE:119
XREF CWE:121
Plugin Information
Published: 2021/02/03, Modified: 2024/01/24
Plugin Output

ipaddr (tcp/0)


Remote package installed : glibc-2.17-317.el7
Should be : glibc-2.17-322.el7_9

Remote package installed : glibc-common-2.17-317.el7
Should be : glibc-common-2.17-322.el7_9

Remote package installed : glibc-devel-2.17-317.el7
Should be : glibc-devel-2.17-322.el7_9

Remote package installed : glibc-headers-2.17-317.el7
Should be : glibc-headers-2.17-322.el7_9
146099 (1) - CentOS 7 : linux-firmware (CESA-2021:0339)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:0339 advisory.

- hardware: buffer overflow in bluetooth firmware (CVE-2020-12321)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.8 (CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
4.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-12321
XREF RHSA:2021:0339
XREF CWE:120
Plugin Information
Published: 2021/02/03, Modified: 2021/02/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : iwl100-firmware-39.31.5.1-79.el7
Should be : iwl100-firmware-39.31.5.1-80.el7_9

Remote package installed : iwl1000-firmware-39.31.5.1-79.el7
Should be : iwl1000-firmware-39.31.5.1-80.el7_9

Remote package installed : iwl105-firmware-18.168.6.1-79.el7
Should be : iwl105-firmware-18.168.6.1-80.el7_9

Remote package installed : iwl135-firmware-18.168.6.1-79.el7
Should be : iwl135-firmware-18.168.6.1-80.el7_9

Remote package installed : iwl2000-firmware-18.168.6.1-79.el7
Should be : iwl2000-firmware-18.168.6.1-80.el7_9

Remote package installed : iwl2030-firmware-18.168.6.1-79.el7
Should be : iwl2030-firmware-18.168.6.1-80.el7_9

Remote package installed : iwl3160-firmware-25.30.13.0-79.el7
Should be : iwl3160-firmware-25.30.13.0-80.el7_9

Remote package installed : iwl3945-firmware-15.32.2.9-79.el7
Should be : iwl3945-firmware-15.32.2.9-80.el7_9

Remote package installed : iwl4965-firmware-228.61.2.24-79.el7
Should be : iwl4965-firmware-228.61.2.24-80.el7_9

Remote package installed : iwl5000-firmware-8.83.5.1_1-79.el7
Should be : iwl5000-firmware-8.83.5.1_1-80.el7_9

Remote package installed : iwl5150-firmware-8.24.2.2-79.el7
Should be : iwl5150-firmware-8.24.2.2-80.el7_9

Remote package installed : iwl6000-firmware-9.221.4.1-79.el7
Should be : iwl6000-firmware-9.221.4.1-80.el7_9

Remote package installed : iwl6000g2a-firmware-18.168.6.1-79.el7
Should be : iwl6000g2a-firmware-18.168.6.1-80.el7_9

Remote package installed : iwl6000g2b-firmware-18.168.6.1-79.el7
Should be : iwl6000g2b-firmware-18.168.6.1-80.el7_9

Remote package installed : iwl6050-firmware-41.28.5.1-79.el7
Should be : iwl6050-firmware-41.28.5.1-80.el7_9

Remote package installed : iwl7260-firmware-25.30.13.0-79.el7
Should be : iwl7260-firmware-25.30.13.0-80.el7_9

Remote package installed : linux-firmware-20200421-79.git78c0348.el7
Should be : linux-firmware-20200421-80.git78c0348.el7_9
146100 (1) - CentOS 7 : perl (CESA-2021:0343)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:0343 advisory.

- perl: heap-based buffer overflow in regular expression compiler leads to DoS (CVE-2020-10543)

- perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (CVE-2020-10878)

- perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (CVE-2020-12723)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-10543
CVE CVE-2020-10878
CVE CVE-2020-12723
XREF RHSA:2021:0343
XREF CEA-ID:CEA-2021-0004
XREF CEA-ID:CEA-2021-0025
XREF CWE:20
XREF CWE:122
XREF CWE:185
XREF CWE:190
XREF CWE:787
Plugin Information
Published: 2021/02/03, Modified: 2022/12/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : perl-5.16.3-297.el7
Should be : perl-5.16.3-299.el7_9

Remote package installed : perl-libs-5.16.3-297.el7
Should be : perl-libs-5.16.3-299.el7_9

Remote package installed : perl-macros-5.16.3-297.el7
Should be : perl-macros-5.16.3-299.el7_9

Remote package installed : perl-Pod-Escapes-1.04-297.el7
Should be : perl-Pod-Escapes-1.04-299.el7_9
146315 (1) - CentOS 7 : flatpak (CESA-2021:0411)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:0411 advisory.

- flatpak: sandbox escape via spawn portal (CVE-2021-21261)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-21261
XREF RHSA:2021:0411
XREF CWE:77
Plugin Information
Published: 2021/02/09, Modified: 2021/02/11
Plugin Output

ipaddr (tcp/0)


Remote package installed : flatpak-1.0.9-9.el7_7
Should be : flatpak-1.0.9-10.el7_9

Remote package installed : flatpak-libs-1.0.9-9.el7_7
Should be : flatpak-libs-1.0.9-10.el7_9
146881 (1) - CentOS 7 : xorg-x11-server (CESA-2020:5408)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5408 advisory.

- xorg-x11-server: Leak of uninitialized heap memory from the X server to clients in AllocatePixmap of dix/pixmap.c (CVE-2020-14347)

- xorg-x11-server: Out-of-bounds access in XkbSetMap function (CVE-2020-14360)

- xorg-x11-server: XkbSetDeviceInfo heap-based buffer overflow privilege escalation vulnerability (CVE-2020-25712)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.1 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C)
CVSS v2.0 Temporal Score
4.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-14347
CVE CVE-2020-14360
CVE CVE-2020-25712
XREF RHSA:2020:5408
XREF CWE:119
XREF CWE:122
XREF CWE:665
Plugin Information
Published: 2021/02/27, Modified: 2024/01/18
Plugin Output

ipaddr (tcp/0)


Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-15.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-15.el7_9
146882 (1) - CentOS 7 : firefox (CESA-2021:0656)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:0656 advisory.

- Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23968, CVE-2021-23969)

- Mozilla: MediaError message property could have leaked information about cross-origin resources (CVE-2021-23973)

- Mozilla: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 (CVE-2021-23978)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-23968
CVE CVE-2021-23969
CVE CVE-2021-23973
CVE CVE-2021-23978
XREF RHSA:2021:0656
XREF IAVA:2021-A-0107-S
XREF CWE:120
XREF CWE:200
XREF CWE:209
Plugin Information
Published: 2021/02/27, Modified: 2021/06/03
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-78.8.0-1.el7.centos
146958 (1) - CentOS 7 : bind (CESA-2021:0671)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:0671 advisory.

- bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-8625
XREF RHSA:2021:0671
XREF CWE:119
Plugin Information
Published: 2021/03/03, Modified: 2021/03/04
Plugin Output

ipaddr (tcp/0)


Remote package installed : bind-export-libs-9.11.4-26.P2.el7
Should be : bind-export-libs-9.11.4-26.P2.el7_9.4

Remote package installed : bind-libs-9.11.4-26.P2.el7
Should be : bind-libs-9.11.4-26.P2.el7_9.4

Remote package installed : bind-libs-lite-9.11.4-26.P2.el7
Should be : bind-libs-lite-9.11.4-26.P2.el7_9.4

Remote package installed : bind-license-9.11.4-26.P2.el7
Should be : bind-license-9.11.4-26.P2.el7_9.4

Remote package installed : bind-utils-9.11.4-26.P2.el7
Should be : bind-utils-9.11.4-26.P2.el7_9.4
147884 (1) - CentOS 7 : wpa_supplicant (CESA-2021:0808)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:0808 advisory.

- wpa_supplicant: Use-after-free in P2P provision discovery processing (CVE-2021-27803)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected wpa_supplicant package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.4 (CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
4.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-27803
XREF RHSA:2021:0808
XREF CWE:416
Plugin Information
Published: 2021/03/18, Modified: 2021/03/19
Plugin Output

ipaddr (tcp/0)


Remote package installed : wpa_supplicant-2.6-12.el7
Should be : wpa_supplicant-2.6-12.el7_9.2
147885 (1) - CentOS 7 : kernel (CESA-2021:0856)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:0856 advisory.

- kernel: malicious USB devices can lead to multiple out-of-bounds write (CVE-2019-19532)

- kernel: out-of-bounds reads in pinctrl subsystem. (CVE-2020-0427)

- kernel: performance counters race condition use-after-free (CVE-2020-14351)

- kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211)

- kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints (CVE-2020-25645)

- kernel: use-after-free in read in vt_do_kdgkb_ioctl (CVE-2020-25656)

- kernel: ICMP rate limiting can be used for DNS poisoning attack (CVE-2020-25705)

- kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374)

- kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free (CVE-2020-29661)

- kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c (CVE-2020-7053)

- kernel: increase slab leak leads to DoS (CVE-2021-20265)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)
CVSS v3.0 Temporal Score
7.3 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2019-19532
CVE CVE-2020-0427
CVE CVE-2020-7053
CVE CVE-2020-14351
CVE CVE-2020-25211
CVE CVE-2020-25645
CVE CVE-2020-25656
CVE CVE-2020-25705
CVE CVE-2020-28374
CVE CVE-2020-29661
CVE CVE-2021-20265
XREF RHSA:2021:0856
XREF CEA-ID:CEA-2020-0138
XREF CWE:20
XREF CWE:119
XREF CWE:200
XREF CWE:319
XREF CWE:330
XREF CWE:400
XREF CWE:416
XREF CWE:667
Plugin Information
Published: 2021/03/18, Modified: 2022/12/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.21.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.21.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.21.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.21.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.21.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.21.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.21.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.21.1.el7
148184 (1) - CentOS 7 : firefox (CESA-2021:0992)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:0992 advisory.

- Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read (CVE-2021-23981)

- Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2021-23982)

- Mozilla: Malicious extensions could have spoofed popup information (CVE-2021-23984)

- Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 (CVE-2021-23987)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-23981
CVE CVE-2021-23982
CVE CVE-2021-23984
CVE CVE-2021-23987
XREF RHSA:2021:0992
XREF IAVA:2021-A-0144-S
XREF CWE:120
XREF CWE:125
XREF CWE:200
XREF CWE:1021
Plugin Information
Published: 2021/03/26, Modified: 2021/06/03
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-78.9.0-1.el7.centos
148425 (1) - CentOS 7 : kernel (CESA-2021:1071)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1071 advisory.

- kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)

- kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)

- kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
3.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2021-27363
CVE CVE-2021-27364
CVE CVE-2021-27365
XREF RHSA:2021:1071
XREF CWE:122
XREF CWE:125
XREF CWE:200
XREF CWE:250
Plugin Information
Published: 2021/04/10, Modified: 2024/01/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.24.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.24.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.24.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.24.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.24.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.24.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.24.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.24.1.el7
148426 (1) - CentOS 7 : libldb (CESA-2021:1072)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1072 advisory.

- samba: Out of bounds read in AD DC LDAP server (CVE-2021-20277)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-20277
XREF RHSA:2021:1072
XREF CWE:125
Plugin Information
Published: 2021/04/10, Modified: 2021/05/21
Plugin Output

ipaddr (tcp/0)


Remote package installed : libldb-1.5.4-1.el7
Should be : libldb-1.5.4-2.el7

Remote package installed : pyldb-1.5.4-1.el7
Should be : pyldb-1.5.4-2.el7
148745 (1) - CentOS 7 : nettle (CESA-2021:1145)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1145 advisory.

- nettle: Out of bounds memory access in signature verification (CVE-2021-20305)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected nettle and / or nettle-devel packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-20305
XREF RHSA:2021:1145
XREF CWE:327
Plugin Information
Published: 2021/04/17, Modified: 2021/04/17
Plugin Output

ipaddr (tcp/0)


Remote package installed : nettle-2.7.1-8.el7
Should be : nettle-2.7.1-9.el7_9
149205 (1) - CentOS 7 : bind (CESA-2021:1469)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1469 advisory.

- bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-25215
XREF RHSA:2021:1469
XREF IAVA:2021-A-0206-S
XREF CWE:617
Plugin Information
Published: 2021/04/30, Modified: 2021/11/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : bind-export-libs-9.11.4-26.P2.el7
Should be : bind-export-libs-9.11.4-26.P2.el7_9.5

Remote package installed : bind-libs-9.11.4-26.P2.el7
Should be : bind-libs-9.11.4-26.P2.el7_9.5

Remote package installed : bind-libs-lite-9.11.4-26.P2.el7
Should be : bind-libs-lite-9.11.4-26.P2.el7_9.5

Remote package installed : bind-license-9.11.4-26.P2.el7
Should be : bind-license-9.11.4-26.P2.el7_9.5

Remote package installed : bind-utils-9.11.4-26.P2.el7
Should be : bind-utils-9.11.4-26.P2.el7_9.5
150763 (1) - CentOS 7 : dhcp (CESA-2021:2357)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2357 advisory.

- dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Low
CVSS v3.0 Base Score
7.4 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.7 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
3.3 (CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
2.6 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-25217
XREF IAVB:2021-B-0032-S
XREF RHSA:2021:2357
XREF CWE:119
Plugin Information
Published: 2021/06/14, Modified: 2023/12/13
Plugin Output

ipaddr (tcp/0)


Remote package installed : dhclient-4.2.5-82.el7.centos
Should be : dhclient-4.2.5-83.el7.centos.1

Remote package installed : dhcp-common-4.2.5-82.el7.centos
Should be : dhcp-common-4.2.5-83.el7.centos.1

Remote package installed : dhcp-libs-4.2.5-82.el7.centos
Should be : dhcp-libs-4.2.5-83.el7.centos.1
150765 (1) - CentOS 7 : firefox (CESA-2021:2206)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:2206 advisory.

- Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-29967
XREF IAVA:2021-A-0264-S
XREF RHSA:2021:2206
XREF CWE:120
Plugin Information
Published: 2021/06/14, Modified: 2021/09/10
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-78.11.0-3.el7.centos
150770 (1) - CentOS 7 : kernel (CESA-2021:2314)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:2314 advisory.

- kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)

- kernel: Improper input validation in some Intel(R) Graphics Drivers (CVE-2020-12363)

- kernel: Null pointer dereference in some Intel(R) Graphics Drivers (CVE-2020-12364)

- kernel: Speculation on pointer arithmetic against bpf_context pointer (CVE-2020-27170)

- kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c (CVE-2020-8648)

- kernel: Use after free via PI futex state (CVE-2021-3347)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2020-8648
CVE CVE-2020-12362
CVE CVE-2020-12363
CVE CVE-2020-12364
CVE CVE-2020-27170
CVE CVE-2021-3347
XREF RHSA:2021:2314
XREF CWE:20
XREF CWE:190
XREF CWE:200
XREF CWE:416
XREF CWE:476
Plugin Information
Published: 2021/06/14, Modified: 2023/12/13
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.31.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.31.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.31.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.31.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.31.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.31.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.31.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.31.1.el7
150773 (1) - CentOS 7 : glib2 (CESA-2021:2147)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2147 advisory.

- glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.7 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.9 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2021-27219
XREF RHSA:2021:2147
XREF CWE:190
XREF CWE:787
Plugin Information
Published: 2021/06/14, Modified: 2023/12/13
Plugin Output

ipaddr (tcp/0)


Remote package installed : glib2-2.56.1-7.el7
Should be : glib2-2.56.1-9.el7_9
150774 (1) - CentOS 7 : xorg-x11-server (CESA-2021:2033)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2033 advisory.

- xorg-x11-server: XChangeFeedbackControl integer underflow leads to privilege escalation (CVE-2021-3472)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-3472
XREF RHSA:2021:2033
XREF CWE:191
Plugin Information
Published: 2021/06/14, Modified: 2021/06/14
Plugin Output

ipaddr (tcp/0)


Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-16.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-16.el7_9
151674 (1) - CentOS 7 : firefox (CESA-2021:2741)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:2741 advisory.

- Mozilla: Use-after-free in accessibility features of a document (CVE-2021-29970)

- Mozilla: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12 (CVE-2021-29976)

- chromium-browser: Out of bounds write in ANGLE (CVE-2021-30547)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-29970
CVE CVE-2021-29976
CVE CVE-2021-30547
XREF IAVA:2021-A-0309-S
XREF IAVA:2021-A-0293-S
XREF RHSA:2021:2741
XREF CWE:120
XREF CWE:416
Plugin Information
Published: 2021/07/15, Modified: 2023/12/08
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-78.12.0-1.el7.centos
151979 (1) - CentOS 7 : kernel (CESA-2021:2725)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:2725 advisory.

- kernel: use-after-free in show_numa_stats function (CVE-2019-20934)

- kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c (CVE-2020-11668)

- kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c (CVE-2021-33033)

- kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034)

- kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.3 (CVSS2#E:H/RL:OF/RC:C)
STIG Severity
II
References
CVE CVE-2019-20934
CVE CVE-2020-11668
CVE CVE-2021-33033
CVE CVE-2021-33034
CVE CVE-2021-33909
XREF RHSA:2021:2725
XREF IAVA:2021-A-0350
XREF CWE:20
XREF CWE:416
XREF CWE:476
XREF CWE:787
Plugin Information
Published: 2021/07/22, Modified: 2021/07/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.36.2.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.36.2.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.36.2.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.36.2.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.36.2.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.36.2.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.36.2.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.36.2.el7
152360 (1) - CentOS 7 : microcode_ctl (CESA-2021:3028)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:3028 advisory.

- hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)

- hw: Vector Register Data Sampling (CVE-2020-0548)

- hw: L1D Cache Eviction Sampling (CVE-2020-0549)

- hw: vt-d related privilege escalation (CVE-2020-24489)

- hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)

- hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)

- hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)

- hw: Vector Register Leakage-Active (CVE-2020-8696)

- hw: Fast forward store predictor (CVE-2020-8698)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected microcode_ctl package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
3.4 (CVSS2#E:U/RL:OF/RC:C)
References
Plugin Information
Published: 2021/08/09, Modified: 2021/08/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : microcode_ctl-2.1-73.el7
Should be : microcode_ctl-2.1-73.11.el7_9
152361 (1) - CentOS 7 : flatpak (CESA-2021:1002)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1002 advisory.

- flatpak: file forwarding feature can be used to gain unprivileged access to files (CVE-2021-21381)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.2 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N)
CVSS v3.0 Temporal Score
7.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS v2.0 Temporal Score
4.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-21381
XREF RHSA:2021:1002
XREF CWE:284
Plugin Information
Published: 2021/08/09, Modified: 2021/08/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : flatpak-1.0.9-9.el7_7
Should be : flatpak-1.0.9-11.el7_9

Remote package installed : flatpak-libs-1.0.9-9.el7_7
Should be : flatpak-libs-1.0.9-11.el7_9
152497 (1) - CentOS 7 : java-1.8.0-openjdk (CESA-2021:2845)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:2845 advisory.

- OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341)

- OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369)

- OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
4.2 (CVSS2#E:F/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-2341
CVE CVE-2021-2369
CVE CVE-2021-2388
XREF IAVA:2021-A-0327-S
XREF RHSA:2021:2845
XREF CWE:200
XREF CWE:347
XREF CWE:697
Plugin Information
Published: 2021/08/11, Modified: 2023/12/04
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9
152663 (1) - CentOS 7 : firefox (CESA-2021:3154)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:3154 advisory.

- Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980)

- Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984)

- Mozilla: Use-after-free media channels (CVE-2021-29985)

- Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986)

- Mozilla: Memory corruption as a result of incorrect style treatment (CVE-2021-29988)

- Mozilla: Memory safety bugs fixed in Thunderbird 78.13 (CVE-2021-29989)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-29980
CVE CVE-2021-29984
CVE CVE-2021-29985
CVE CVE-2021-29986
CVE CVE-2021-29988
CVE CVE-2021-29989
XREF IAVA:2021-A-0366-S
XREF RHSA:2021:3154
XREF CWE:119
XREF CWE:120
XREF CWE:367
XREF CWE:416
XREF CWE:908
Plugin Information
Published: 2021/08/19, Modified: 2023/12/04
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-78.13.0-2.el7.centos
152910 (1) - CentOS 7 : libsndfile (CESA-2021:3295)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:3295 advisory.

- libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution (CVE-2021-3246)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected libsndfile, libsndfile-devel and / or libsndfile-utils packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2021-3246
XREF RHSA:2021:3295
XREF CWE:119
Plugin Information
Published: 2021/08/30, Modified: 2023/12/01
Plugin Output

ipaddr (tcp/0)


Remote package installed : libsndfile-1.0.25-12.el7
Should be : libsndfile-1.0.25-12.el7_9.1
152970 (1) - CentOS 7 : kernel (CESA-2021:3327)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3327 advisory.

- kernel: powerpc: RTAS calls can be used to compromise kernel integrity (CVE-2020-27777)

- kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c (CVE-2021-22555)

- kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)

- kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS (CVE-2021-29650)

- kernel: race condition for removal of the HCI controller (CVE-2021-32399)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.3 (CVSS2#E:H/RL:OF/RC:C)
References
CVE CVE-2020-27777
CVE CVE-2021-22555
CVE CVE-2021-29154
CVE CVE-2021-29650
CVE CVE-2021-32399
XREF RHSA:2021:3327
XREF CWE:119
XREF CWE:362
XREF CWE:662
XREF CWE:667
XREF CWE:787
XREF CWE:862
Exploitable With
CANVAS (true) Core Impact (true) Metasploit (true)
Plugin Information
Published: 2021/09/02, Modified: 2023/01/17
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.41.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.41.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.41.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.41.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.41.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.41.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.41.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.41.1.el7
152976 (1) - CentOS 7 : sssd (CESA-2021:3336)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:3336 advisory.

- sssd: shell command injection in sssctl (CVE-2021-3621)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-3621
XREF RHSA:2021:3336
XREF CWE:77
Plugin Information
Published: 2021/09/02, Modified: 2022/01/10
Plugin Output

ipaddr (tcp/0)


Remote package installed : libipa_hbac-1.16.5-10.el7
Should be : libipa_hbac-1.16.5-10.el7_9.10

Remote package installed : libsss_autofs-1.16.5-10.el7
Should be : libsss_autofs-1.16.5-10.el7_9.10

Remote package installed : libsss_certmap-1.16.5-10.el7
Should be : libsss_certmap-1.16.5-10.el7_9.10

Remote package installed : libsss_idmap-1.16.5-10.el7
Should be : libsss_idmap-1.16.5-10.el7_9.10

Remote package installed : libsss_nss_idmap-1.16.5-10.el7
Should be : libsss_nss_idmap-1.16.5-10.el7_9.10

Remote package installed : libsss_sudo-1.16.5-10.el7
Should be : libsss_sudo-1.16.5-10.el7_9.10

Remote package installed : python-sssdconfig-1.16.5-10.el7
Should be : python-sssdconfig-1.16.5-10.el7_9.10

Remote package installed : sssd-1.16.5-10.el7
Should be : sssd-1.16.5-10.el7_9.10

Remote package installed : sssd-ad-1.16.5-10.el7
Should be : sssd-ad-1.16.5-10.el7_9.10

Remote package installed : sssd-client-1.16.5-10.el7
Should be : sssd-client-1.16.5-10.el7_9.10

Remote package installed : sssd-common-1.16.5-10.el7
Should be : sssd-common-1.16.5-10.el7_9.10

Remote package installed : sssd-common-pac-1.16.5-10.el7
Should be : sssd-common-pac-1.16.5-10.el7_9.10

Remote package installed : sssd-ipa-1.16.5-10.el7
Should be : sssd-ipa-1.16.5-10.el7_9.10

Remote package installed : sssd-krb5-1.16.5-10.el7
Should be : sssd-krb5-1.16.5-10.el7_9.10

Remote package installed : sssd-krb5-common-1.16.5-10.el7
Should be : sssd-krb5-common-1.16.5-10.el7_9.10

Remote package installed : sssd-ldap-1.16.5-10.el7
Should be : sssd-ldap-1.16.5-10.el7_9.10

Remote package installed : sssd-proxy-1.16.5-10.el7
Should be : sssd-proxy-1.16.5-10.el7_9.10
153472 (1) - CentOS 7 : firefox (CESA-2021:3498)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:3498 advisory.

- Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 (CVE-2021-38493)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-38493
XREF IAVA:2021-A-0405
XREF RHSA:2021:3498
XREF CWE:120
Plugin Information
Published: 2021/09/17, Modified: 2021/11/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-78.14.0-1.el7.centos
153767 (1) - CentOS 7 : kernel (CESA-2021:3438)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:3438 advisory.

- kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-3715
XREF RHSA:2021:3438
XREF CWE:416
Plugin Information
Published: 2021/09/27, Modified: 2022/03/11
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.42.2.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.42.2.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.42.2.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.42.2.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.42.2.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.42.2.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.42.2.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.42.2.el7
155540 (1) - CentOS 7 : freerdp (CESA-2021:4619)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4619 advisory.

- freerdp: improper client input validation for gateway connections allows to overwrite memory (CVE-2021-41159)

- freerdp: improper region checks in all clients allow out of bound write to memory (CVE-2021-41160)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-41159
CVE CVE-2021-41160
XREF RHSA:2021:4619
XREF CWE:787
Plugin Information
Published: 2021/11/17, Modified: 2021/11/17
Plugin Output

ipaddr (tcp/0)


Remote package installed : freerdp-libs-2.1.1-2.el7
Should be : freerdp-libs-2.1.1-5.el7_9

Remote package installed : libwinpr-2.1.1-2.el7
Should be : libwinpr-2.1.1-5.el7_9
155545 (1) - CentOS 7 : openssl (CESA-2021:3798)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3798 advisory.

- openssl: integer overflow in CipherUpdate (CVE-2021-23840)

- openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
4.1 (CVSS2#E:F/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-23840
CVE CVE-2021-23841
XREF IAVA:2021-A-0103-S
XREF IAVA:2021-A-0195
XREF RHSA:2021:3798
XREF CEA-ID:CEA-2021-0025
XREF IAVA:2021-A-0193-S
XREF CWE:190
XREF CWE:476
Plugin Information
Published: 2021/11/17, Modified: 2023/11/23
Plugin Output

ipaddr (tcp/0)


Remote package installed : openssl-1.0.2k-19.el7
Should be : openssl-1.0.2k-22.el7_9

Remote package installed : openssl-libs-1.0.2k-19.el7
Should be : openssl-libs-1.0.2k-22.el7_9
155547 (1) - CentOS 7 : kernel (CESA-2021:3801)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3801 advisory.

- kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543)

- kernel: SVM nested virtualization issue in KVM (AVIC support) (CVE-2021-3653)

- kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656)

- kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2021-3653
CVE CVE-2021-3656
CVE CVE-2021-22543
CVE CVE-2021-37576
XREF RHSA:2021:3801
XREF CWE:20
XREF CWE:119
XREF CWE:862
XREF CWE:863
Plugin Information
Published: 2021/11/17, Modified: 2023/11/23
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.45.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.45.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.45.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.45.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.45.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.45.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.45.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.45.1.el7
155548 (1) - CentOS 7 : binutils (CESA-2021:4033)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4033 advisory.

- Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected binutils and / or binutils-devel packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.3 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
4.0 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-42574
XREF IAVA:2021-A-0528
XREF RHSA:2021:4033
XREF CWE:838
Plugin Information
Published: 2021/11/17, Modified: 2023/11/23
Plugin Output

ipaddr (tcp/0)


Remote package installed : binutils-2.27-44.base.el7
Should be : binutils-2.27-44.base.el7_9.1
155550 (1) - CentOS 7 : flatpak (CESA-2021:4044)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4044 advisory.

- flatpak: Sandbox bypass via recent VFS-manipulating syscalls (CVE-2021-41133)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
3.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-41133
XREF RHSA:2021:4044
XREF CWE:20
Plugin Information
Published: 2021/11/17, Modified: 2021/11/17
Plugin Output

ipaddr (tcp/0)


Remote package installed : flatpak-1.0.9-9.el7_7
Should be : flatpak-1.0.9-12.el7_9

Remote package installed : flatpak-libs-1.0.9-9.el7_7
Should be : flatpak-libs-1.0.9-12.el7_9
155757 (1) - CentOS 7 : openssh (CESA-2021:4782)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4782 advisory.

- openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured (CVE-2021-41617)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.0 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.4 (CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
3.3 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-41617
XREF IAVA:2021-A-0474-S
XREF RHSA:2021:4782
XREF CWE:273
Plugin Information
Published: 2021/12/01, Modified: 2023/02/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : openssh-7.4p1-21.el7
Should be : openssh-7.4p1-22.el7_9

Remote package installed : openssh-clients-7.4p1-21.el7
Should be : openssh-clients-7.4p1-22.el7_9

Remote package installed : openssh-server-7.4p1-21.el7
Should be : openssh-server-7.4p1-22.el7_9
155759 (1) - CentOS 7 : kernel (CESA-2021:4777)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4777 advisory.

- kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-36385
XREF RHSA:2021:4777
XREF CWE:416
Plugin Information
Published: 2021/12/01, Modified: 2021/12/01
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.49.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.49.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.49.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.49.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.49.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.49.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.49.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.49.1.el7
155761 (1) - CentOS 7 : rpm (CESA-2021:4785)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4785 advisory.

- rpm: Signature checks bypass via corrupted rpm package (CVE-2021-20271)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.0 (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
3.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-20271
XREF RHSA:2021:4785
XREF CWE:345
Plugin Information
Published: 2021/12/01, Modified: 2021/12/01
Plugin Output

ipaddr (tcp/0)


Remote package installed : rpm-4.11.3-45.el7
Should be : rpm-4.11.3-48.el7_9

Remote package installed : rpm-build-4.11.3-45.el7
Should be : rpm-build-4.11.3-48.el7_9

Remote package installed : rpm-build-libs-4.11.3-45.el7
Should be : rpm-build-libs-4.11.3-48.el7_9

Remote package installed : rpm-libs-4.11.3-45.el7
Should be : rpm-libs-4.11.3-48.el7_9

Remote package installed : rpm-python-4.11.3-45.el7
Should be : rpm-python-4.11.3-48.el7_9

Remote package installed : rpm-sign-4.11.3-45.el7
Should be : rpm-sign-4.11.3-48.el7_9
156103 (1) - Apache Log4j 1.2 JMSAppender Remote Code Execution (CVE-2021-4104)
-
Synopsis
A package installed on the remote host is affected by a remote code execution vulnerability.
Description
The version of Apache Log4j on the remote host is 1.2. It is, therefore, affected by a remote code execution vulnerability when specifically configured to use JMSAppender.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Upgrade to Apache Log4j version 2.16.0 or later since 1.x is end of life.

Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
6.0 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:F/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-4104
XREF IAVA:2021-A-0573
XREF IAVA:0001-A-0650
Plugin Information
Published: 2021/12/15, Modified: 2023/11/22
Plugin Output

ipaddr (tcp/0)


Path : /usr/share/java/log4j.jar
Installed version : 1.2.17
Fixed version : 2.16.0
156240 (1) - CentOS 7 : log4j (CESA-2021:5206)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:5206 advisory.

- log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected log4j, log4j-javadoc and / or log4j-manual packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
6.0 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:F/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-4104
XREF IAVA:2021-A-0573
XREF RHSA:2021:5206
XREF CWE:20
Plugin Information
Published: 2021/12/21, Modified: 2023/11/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : log4j-1.2.17-16.el7_4
Should be : log4j-1.2.17-17.el7_4
156241 (1) - CentOS 7 : samba (CESA-2021:5192)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:5192 advisory.

- samba: SMB1 client connections can be downgraded to plaintext authentication (CVE-2016-2124)

- samba: Active Directory (AD) domain user could become root on domain members (CVE-2020-25717)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)
CVSS v3.0 Temporal Score
7.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
8.5 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:N)
CVSS v2.0 Temporal Score
6.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-2124
CVE CVE-2020-25717
XREF RHSA:2021:5192
XREF CWE:20
XREF CWE:287
Plugin Information
Published: 2021/12/21, Modified: 2022/02/28
Plugin Output

ipaddr (tcp/0)


Remote package installed : libsmbclient-4.10.16-5.el7
Should be : libsmbclient-4.10.16-17.el7_9

Remote package installed : libwbclient-4.10.16-5.el7
Should be : libwbclient-4.10.16-17.el7_9

Remote package installed : samba-4.10.16-5.el7
Should be : samba-4.10.16-17.el7_9

Remote package installed : samba-client-4.10.16-5.el7
Should be : samba-client-4.10.16-17.el7_9

Remote package installed : samba-client-libs-4.10.16-5.el7
Should be : samba-client-libs-4.10.16-17.el7_9

Remote package installed : samba-common-4.10.16-5.el7
Should be : samba-common-4.10.16-17.el7_9

Remote package installed : samba-common-libs-4.10.16-5.el7
Should be : samba-common-libs-4.10.16-17.el7_9

Remote package installed : samba-common-tools-4.10.16-5.el7
Should be : samba-common-tools-4.10.16-17.el7_9

Remote package installed : samba-libs-4.10.16-5.el7
Should be : samba-libs-4.10.16-17.el7_9
156460 (1) - CentOS 7 : xorg-x11-server (CESA-2022:0003)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:0003 advisory.

- xorg-x11-server: SProcRenderCompositeGlyphs out-of-bounds access (CVE-2021-4008)

- xorg-x11-server: SProcXFixesCreatePointerBarrier out-of-bounds access (CVE-2021-4009)

- xorg-x11-server: SProcScreenSaverSuspend out-of-bounds access (CVE-2021-4010)

- xorg-x11-server: SwapCreateRegister out-of-bounds access (CVE-2021-4011)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-4008
CVE CVE-2021-4009
CVE CVE-2021-4010
CVE CVE-2021-4011
XREF RHSA:2022:0003
XREF CWE:119
Plugin Information
Published: 2022/01/04, Modified: 2022/04/26
Plugin Output

ipaddr (tcp/0)


Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-17.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-17.el7_9
157138 (1) - CentOS 7 : polkit (CESA-2022:0274)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:0274 advisory.

- polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected polkit, polkit-devel and / or polkit-docs packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.3 (CVSS2#E:H/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-4034
XREF RHSA:2022:0274
XREF IAVA:2022-A-0055
XREF CISA-KNOWN-EXPLOITED:2022/07/18
XREF CWE:125
XREF CWE:787
Exploitable With
CANVAS (true) Core Impact (true) Metasploit (true)
Plugin Information
Published: 2022/01/26, Modified: 2023/01/16
Plugin Output

ipaddr (tcp/0)


Remote package installed : polkit-0.112-26.el7
Should be : polkit-0.112-26.el7_9.1
157294 (1) - CentOS 7 : samba (CESA-2022:0328)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:0328 advisory.

- samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.4 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.8 (CVSS2#E:H/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-44142
XREF RHSA:2022:0328
XREF IAVA:2022-A-0054-S
XREF CWE:787
Plugin Information
Published: 2022/02/01, Modified: 2023/02/03
Plugin Output

ipaddr (tcp/0)


Remote package installed : libsmbclient-4.10.16-5.el7
Should be : libsmbclient-4.10.16-18.el7_9

Remote package installed : libwbclient-4.10.16-5.el7
Should be : libwbclient-4.10.16-18.el7_9

Remote package installed : samba-4.10.16-5.el7
Should be : samba-4.10.16-18.el7_9

Remote package installed : samba-client-4.10.16-5.el7
Should be : samba-client-4.10.16-18.el7_9

Remote package installed : samba-client-libs-4.10.16-5.el7
Should be : samba-client-libs-4.10.16-18.el7_9

Remote package installed : samba-common-4.10.16-5.el7
Should be : samba-common-4.10.16-18.el7_9

Remote package installed : samba-common-libs-4.10.16-5.el7
Should be : samba-common-libs-4.10.16-18.el7_9

Remote package installed : samba-common-tools-4.10.16-5.el7
Should be : samba-common-tools-4.10.16-18.el7_9

Remote package installed : samba-libs-4.10.16-5.el7
Should be : samba-libs-4.10.16-18.el7_9
158438 (1) - CentOS 7 : kernel (CESA-2022:0620)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:0620 advisory.

- kernel: out of bounds write in hid-multitouch.c may lead to escalation of privilege (CVE-2020-0465)

- kernel: use after free in eventpoll.c may lead to escalation of privilege (CVE-2020-0466)

- kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)

- kernel: double free in bluetooth subsystem when the HCI device initialization fails (CVE-2021-3564)

- kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573)

- kernel: possible use-after-free in bluetooth module (CVE-2021-3752)

- kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)

- kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)

- kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
7.9 (CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.9 (CVSS2#E:H/RL:OF/RC:C)
References
CVE CVE-2020-0465
CVE CVE-2020-0466
CVE CVE-2021-0920
CVE CVE-2021-3564
CVE CVE-2021-3573
CVE CVE-2021-3752
CVE CVE-2021-4155
CVE CVE-2022-0330
CVE CVE-2022-22942
XREF RHSA:2022:0620
XREF CISA-KNOWN-EXPLOITED:2022/06/13
XREF CWE:20
XREF CWE:131
XREF CWE:200
XREF CWE:281
XREF CWE:362
XREF CWE:415
XREF CWE:416
XREF CWE:787
Exploitable With
Metasploit (true)
Plugin Information
Published: 2022/02/25, Modified: 2023/12/13
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.59.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.59.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.59.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.59.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.59.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.59.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.59.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.59.1.el7
158439 (1) - CentOS 7 : cyrus-sasl (CESA-2022:0666)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:0666 advisory.

- cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands (CVE-2022-24407)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.5 (CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
4.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-24407
XREF RHSA:2022:0666
XREF CWE:20
XREF CWE:89
Plugin Information
Published: 2022/02/25, Modified: 2022/03/07
Plugin Output

ipaddr (tcp/0)


Remote package installed : cyrus-sasl-2.1.26-23.el7
Should be : cyrus-sasl-2.1.26-24.el7_9

Remote package installed : cyrus-sasl-gssapi-2.1.26-23.el7
Should be : cyrus-sasl-gssapi-2.1.26-24.el7_9

Remote package installed : cyrus-sasl-lib-2.1.26-23.el7
Should be : cyrus-sasl-lib-2.1.26-24.el7_9

Remote package installed : cyrus-sasl-md5-2.1.26-23.el7
Should be : cyrus-sasl-md5-2.1.26-24.el7_9

Remote package installed : cyrus-sasl-plain-2.1.26-23.el7
Should be : cyrus-sasl-plain-2.1.26-24.el7_9

Remote package installed : cyrus-sasl-scram-2.1.26-23.el7
Should be : cyrus-sasl-scram-2.1.26-24.el7_9
158440 (1) - CentOS 7 : openldap (CESA-2022:0621)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:0621 advisory.

- openldap: assertion failure in Certificate List syntax validation (CVE-2020-25709)

- openldap: assertion failure in CSN normalization with invalid input (CVE-2020-25710)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-25709
CVE CVE-2020-25710
XREF RHSA:2022:0621
XREF CWE:617
Plugin Information
Published: 2022/02/25, Modified: 2022/02/25
Plugin Output

ipaddr (tcp/0)


Remote package installed : openldap-2.4.44-22.el7
Should be : openldap-2.4.44-25.el7_9
159307 (1) - CentOS 7 : openssl (CESA-2022:1066)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:1066 advisory.

- openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.7 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.9 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2022-0778
XREF IAVA:2022-A-0121-S
XREF RHSA:2022:1066
XREF CWE:835
Plugin Information
Published: 2022/03/29, Modified: 2022/06/03
Plugin Output

ipaddr (tcp/0)


Remote package installed : openssl-1.0.2k-19.el7
Should be : openssl-1.0.2k-25.el7_9

Remote package installed : openssl-libs-1.0.2k-19.el7
Should be : openssl-libs-1.0.2k-25.el7_9
161194 (1) - CentOS 7 : zlib (CESA-2022:2213)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:2213 advisory.

- zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
4.1 (CVSS2#E:F/RL:OF/RC:C)
References
CVE CVE-2018-25032
XREF RHSA:2022:2213
XREF CWE:119
Plugin Information
Published: 2022/05/13, Modified: 2023/10/27
Plugin Output

ipaddr (tcp/0)


Remote package installed : zlib-1.2.7-18.el7
Should be : zlib-1.2.7-20.el7_9
161196 (1) - CentOS 7 : gzip (CESA-2022:2191)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the CESA-2022:2191 advisory.

- gzip: arbitrary-file-write vulnerability (CVE-2022-1271)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected gzip package.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-1271
XREF RHSA:2022:2191
XREF CWE:20
Plugin Information
Published: 2022/05/13, Modified: 2022/12/12
Plugin Output

ipaddr (tcp/0)


Remote package installed : gzip-1.5-10.el7
Should be : gzip-1.5-11.el7_9
161374 (1) - CentOS 7 : kernel (CESA-2022:4642)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:4642 advisory.

- kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
6.9 (CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.7 (CVSS2#E:F/RL:OF/RC:C)
References
CVE CVE-2022-0492
XREF RHSA:2022:4642
XREF CWE:287
Exploitable With
Metasploit (true)
Plugin Information
Published: 2022/05/19, Modified: 2023/12/07
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.66.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.66.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.66.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.66.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.66.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.66.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.66.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.66.1.el7
163733 (1) - CentOS 7 : xz (CESA-2022:5052)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:5052 advisory.

- gzip: arbitrary-file-write vulnerability (CVE-2022-1271)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-1271
XREF RHSA:2022:5052
XREF CWE:20
Plugin Information
Published: 2022/08/02, Modified: 2022/12/07
Plugin Output

ipaddr (tcp/0)


Remote package installed : xz-5.2.2-1.el7
Should be : xz-5.2.2-2.el7_9

Remote package installed : xz-libs-5.2.2-1.el7
Should be : xz-libs-5.2.2-2.el7_9
163735 (1) - CentOS 7 : kernel (CESA-2022:5232)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:5232 advisory.

- kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.0 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.0 (CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
4.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-1729
XREF RHSA:2022:5232
XREF CWE:362
XREF CWE:416
Plugin Information
Published: 2022/08/02, Modified: 2024/01/16
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.71.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.71.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.71.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.71.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.71.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.71.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.71.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.71.1.el7
163749 (1) - CentOS 7 : java-1.8.0-openjdk (CESA-2022:5698)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:5698 advisory.

- OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)

- OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)

- OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVSS v3.0 Temporal Score
6.7 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N)
CVSS v2.0 Temporal Score
6.1 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2022-21540
CVE CVE-2022-21541
CVE CVE-2022-34169
XREF RHSA:2022:5698
XREF CWE:192
XREF CWE:284
XREF CWE:402
Plugin Information
Published: 2022/08/02, Modified: 2022/12/07
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.342.b07-1.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.342.b07-1.el7_9
163847 (1) - CentOS 7 : xorg-x11-server (CESA-2022:5905)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:5905 advisory.

- xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access (CVE-2022-2319)

- xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension (CVE-2022-2320)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-2319
CVE CVE-2022-2320
XREF RHSA:2022:5905
XREF CWE:787
XREF CWE:1320
Plugin Information
Published: 2022/08/04, Modified: 2022/12/07
Plugin Output

ipaddr (tcp/0)


Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-18.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-18.el7_9
163849 (1) - CentOS 7 : firefox (CESA-2022:5776)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:5776 advisory.

- Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 (CVE-2022-2505)

- Mozilla: Directory indexes for bundled resources reflected URL parameters (CVE-2022-36318)

- Mozilla: Mouse Position spoofing with CSS transforms (CVE-2022-36319)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2022-2505
CVE CVE-2022-36318
CVE CVE-2022-36319
XREF IAVA:2022-A-0298-S
XREF RHSA:2022:5776
XREF CWE:79
XREF CWE:120
XREF CWE:1021
Plugin Information
Published: 2022/08/04, Modified: 2023/01/04
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-91.12.0-2.el7.centos
164621 (1) - CentOS 7 : firefox (CESA-2022:6179)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:6179 advisory.

- Mozilla: Address bar spoofing via XSLT error handling (CVE-2022-38472)

- Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions (CVE-2022-38473)

- Mozilla: Data race and potential use-after-free in PK11_ChangePW (CVE-2022-38476)

- Mozilla: Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 (CVE-2022-38477)

- Mozilla: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13 (CVE-2022-38478)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-38472
CVE CVE-2022-38473
CVE CVE-2022-38476
CVE CVE-2022-38477
CVE CVE-2022-38478
XREF RHSA:2022:6179
XREF CWE:120
XREF CWE:356
XREF CWE:416
XREF CWE:1021
Plugin Information
Published: 2022/09/01, Modified: 2023/01/02
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-91.13.0-1.el7.centos
164624 (1) - CentOS 7 : rsync (CESA-2022:6170)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the CESA-2022:6170 advisory.

- rsync: remote arbitrary files write inside the directories of connecting peers (CVE-2022-29154)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected rsync package.
Risk Factor
High
CVSS v3.0 Base Score
7.4 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS v3.0 Temporal Score
6.7 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.1 (CVSS2#AV:N/AC:H/Au:N/C:N/I:C/A:C)
CVSS v2.0 Temporal Score
5.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2022-29154
XREF RHSA:2022:6170
XREF CWE:22
Plugin Information
Published: 2022/09/01, Modified: 2023/10/13
Plugin Output

ipaddr (tcp/0)


Remote package installed : rsync-3.1.2-10.el7
Should be : rsync-3.1.2-11.el7_9
164990 (1) - CentOS 7 : open-vm-tools (CESA-2022:6381)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:6381 advisory.

- open-vm-tools: local root privilege escalation in the virtual machine (CVE-2022-31676)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-31676
XREF RHSA:2022:6381
XREF CWE:250
Plugin Information
Published: 2022/09/13, Modified: 2022/12/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : open-vm-tools-11.0.5-3.el7
Should be : open-vm-tools-11.0.5-3.el7_9.4

Remote package installed : open-vm-tools-desktop-11.0.5-3.el7
Should be : open-vm-tools-desktop-11.0.5-3.el7_9.4
166549 (1) - CentOS 7 : expat (CESA-2022:6834)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:6834 advisory.

- expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected expat, expat-devel and / or expat-static packages.
Risk Factor
High
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.6 (CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.6 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-40674
XREF RHSA:2022:6834
XREF CWE:416
Plugin Information
Published: 2022/10/26, Modified: 2023/02/02
Plugin Output

ipaddr (tcp/0)


Remote package installed : expat-2.1.0-12.el7
Should be : expat-2.1.0-15.el7_9
166556 (1) - CentOS 7 : bind (CESA-2022:6765)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:6765 advisory.

- bind: memory leak in ECDSA DNSSEC verification code (CVE-2022-38177)

- bind: memory leaks in EdDSA DNSSEC verification code (CVE-2022-38178)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS v2.0 Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2022-38177
CVE CVE-2022-38178
XREF IAVA:2022-A-0387-S
XREF RHSA:2022:6765
XREF CWE:401
Plugin Information
Published: 2022/10/26, Modified: 2023/01/26
Plugin Output

ipaddr (tcp/0)


Remote package installed : bind-export-libs-9.11.4-26.P2.el7
Should be : bind-export-libs-9.11.4-26.P2.el7_9.10

Remote package installed : bind-libs-9.11.4-26.P2.el7
Should be : bind-libs-9.11.4-26.P2.el7_9.10

Remote package installed : bind-libs-lite-9.11.4-26.P2.el7
Should be : bind-libs-lite-9.11.4-26.P2.el7_9.10

Remote package installed : bind-license-9.11.4-26.P2.el7
Should be : bind-license-9.11.4-26.P2.el7_9.10

Remote package installed : bind-utils-9.11.4-26.P2.el7
Should be : bind-utils-9.11.4-26.P2.el7_9.10
168319 (1) - CentOS 7 : krb5 (CESA-2022:8640)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:8640 advisory.

- krb5: integer overflow vulnerabilities in PAC parsing (CVE-2022-42898)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.0 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2022-42898
XREF RHSA:2022:8640
XREF CWE:190
Plugin Information
Published: 2022/12/01, Modified: 2023/09/29
Plugin Output

ipaddr (tcp/0)


Remote package installed : krb5-libs-1.15.1-50.el7
Should be : krb5-libs-1.15.1-55.el7_9

Remote package installed : krb5-workstation-1.15.1-50.el7
Should be : krb5-workstation-1.15.1-55.el7_9

Remote package installed : libkadm5-1.15.1-50.el7
Should be : libkadm5-1.15.1-55.el7_9
168320 (1) - CentOS 7 : device-mapper-multipath (CESA-2022:7186)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:7186 advisory.

- device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket (CVE-2022-41974)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2022-41974
XREF RHSA:2022:7186
XREF CWE:285
Plugin Information
Published: 2022/12/01, Modified: 2022/12/01
Plugin Output

ipaddr (tcp/0)


Remote package installed : device-mapper-multipath-0.4.9-133.el7
Should be : device-mapper-multipath-0.4.9-136.el7_9

Remote package installed : device-mapper-multipath-libs-0.4.9-133.el7
Should be : device-mapper-multipath-libs-0.4.9-136.el7_9

Remote package installed : kpartx-0.4.9-133.el7
Should be : kpartx-0.4.9-136.el7_9
168321 (1) - CentOS 7 : xorg-x11-server (CESA-2022:8491)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:8491 advisory.

- xorg-x11-server: buffer overflow in _GetCountedString() in xkb/xkb.c (CVE-2022-3550)

- xorg-x11-server: memory leak in ProcXkbGetKbdByName() in xkb/xkb.c (CVE-2022-3551)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-3550
CVE CVE-2022-3551
XREF RHSA:2022:8491
XREF CWE:119
XREF CWE:120
XREF CWE:401
XREF CWE:404
Plugin Information
Published: 2022/12/01, Modified: 2022/12/01
Plugin Output

ipaddr (tcp/0)


Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-19.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-19.el7_9
170851 (1) - CentOS 7 : firefox (RHSA-2023:0296)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0296 advisory.

- Mozilla: libusrsctp library out of date (CVE-2022-46871)

- Mozilla: Fullscreen notification bypass (CVE-2022-46877)

- Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)

- Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)

- Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)

- Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)

- Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)

- Memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.
(CVE-2023-23605)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2022-46871
CVE CVE-2022-46877
CVE CVE-2023-23598
CVE CVE-2023-23599
CVE CVE-2023-23601
CVE CVE-2023-23602
CVE CVE-2023-23603
CVE CVE-2023-23605
XREF IAVA:2022-A-0517-S
XREF IAVA:2023-A-0048-S
XREF RHSA:2023:0296
XREF CWE:77
XREF CWE:120
XREF CWE:185
XREF CWE:357
XREF CWE:450
XREF CWE:829
XREF CWE:1104
XREF CWE:1385
Plugin Information
Published: 2023/01/30, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-102.7.0-1.el7.centos
170854 (1) - CentOS 7 : xorg-x11-server (RHSA-2023:0046)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0046 advisory.

- A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. (CVE-2022-4283)

- A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where client and server use the same byte order.
(CVE-2022-46340)

- A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. (CVE-2022-46341)

- A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se (CVE-2022-46342)

- A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. (CVE-2022-46343)

- A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. (CVE-2022-46344)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.7 (CVSS2#E:U/RL:OF/RC:C)
References
Plugin Information
Published: 2023/01/30, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-21.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-21.el7_9
170859 (1) - CentOS 7 : sudo (RHSA-2023:0291)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0291 advisory.

- In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user- provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a
-- argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
(CVE-2023-22809)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected sudo and / or sudo-devel packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.6 (CVSS2#E:F/RL:OF/RC:C)
References
CVE CVE-2023-22809
XREF RHSA:2023:0291
Exploitable With
Metasploit (true)
Plugin Information
Published: 2023/01/30, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : sudo-1.8.23-10.el7
Should be : sudo-1.8.23-10.el7_9.3
170863 (1) - CentOS 7 : tigervnc (RHSA-2023:0045)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0045 advisory.

- A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. (CVE-2022-4283)

- A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where client and server use the same byte order.
(CVE-2022-46340)

- A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. (CVE-2022-46341)

- A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se (CVE-2022-46342)

- A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. (CVE-2022-46343)

- A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. (CVE-2022-46344)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.7 (CVSS2#E:U/RL:OF/RC:C)
References
Plugin Information
Published: 2023/01/30, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : tigervnc-license-1.8.0-21.el7
Should be : tigervnc-license-1.8.0-23.el7_9

Remote package installed : tigervnc-server-minimal-1.8.0-21.el7
Should be : tigervnc-server-minimal-1.8.0-23.el7_9
170864 (1) - CentOS 7 : sssd (RHSA-2023:0403)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0403 advisory.

- sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters (CVE-2022-4254)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.0 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2022-4254
XREF RHSA:2023:0403
XREF CWE:90
Plugin Information
Published: 2023/01/30, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : libipa_hbac-1.16.5-10.el7
Should be : libipa_hbac-1.16.5-10.el7_9.15

Remote package installed : libsss_autofs-1.16.5-10.el7
Should be : libsss_autofs-1.16.5-10.el7_9.15

Remote package installed : libsss_certmap-1.16.5-10.el7
Should be : libsss_certmap-1.16.5-10.el7_9.15

Remote package installed : libsss_idmap-1.16.5-10.el7
Should be : libsss_idmap-1.16.5-10.el7_9.15

Remote package installed : libsss_nss_idmap-1.16.5-10.el7
Should be : libsss_nss_idmap-1.16.5-10.el7_9.15

Remote package installed : libsss_sudo-1.16.5-10.el7
Should be : libsss_sudo-1.16.5-10.el7_9.15

Remote package installed : python-sssdconfig-1.16.5-10.el7
Should be : python-sssdconfig-1.16.5-10.el7_9.15

Remote package installed : sssd-1.16.5-10.el7
Should be : sssd-1.16.5-10.el7_9.15

Remote package installed : sssd-ad-1.16.5-10.el7
Should be : sssd-ad-1.16.5-10.el7_9.15

Remote package installed : sssd-client-1.16.5-10.el7
Should be : sssd-client-1.16.5-10.el7_9.15

Remote package installed : sssd-common-1.16.5-10.el7
Should be : sssd-common-1.16.5-10.el7_9.15

Remote package installed : sssd-common-pac-1.16.5-10.el7
Should be : sssd-common-pac-1.16.5-10.el7_9.15

Remote package installed : sssd-ipa-1.16.5-10.el7
Should be : sssd-ipa-1.16.5-10.el7_9.15

Remote package installed : sssd-krb5-1.16.5-10.el7
Should be : sssd-krb5-1.16.5-10.el7_9.15

Remote package installed : sssd-krb5-common-1.16.5-10.el7
Should be : sssd-krb5-common-1.16.5-10.el7_9.15

Remote package installed : sssd-ldap-1.16.5-10.el7
Should be : sssd-ldap-1.16.5-10.el7_9.15

Remote package installed : sssd-proxy-1.16.5-10.el7
Should be : sssd-proxy-1.16.5-10.el7_9.15
170866 (1) - CentOS 7 : libXpm (RHSA-2023:0377)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0377 advisory.

- libXpm: compression commands depend on $PATH (CVE-2022-4883)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected libXpm and / or libXpm-devel packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-4883
XREF RHSA:2023:0377
XREF CWE:426
Plugin Information
Published: 2023/01/30, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : libXpm-3.5.12-1.el7
Should be : libXpm-3.5.12-2.el7_9
170875 (1) - CentOS 7 : kernel (RHSA-2023:0399)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0399 advisory.

- hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)

- A flaw was found in the Linux kernel's driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
(CVE-2022-2964)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Low
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
1.9 (CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVSS v2.0 Temporal Score
1.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2021-26401
CVE CVE-2022-2964
XREF RHSA:2023:0399
XREF CWE:119
Plugin Information
Published: 2023/01/31, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.83.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.83.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.83.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.83.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.83.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.83.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.83.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.83.1.el7
171659 (1) - CentOS 7 : tigervnc and xorg-x11-server (RHSA-2023:0675)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0675 advisory.

- A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions. (CVE-2023-0494)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-0494
XREF RHSA:2023:0675
XREF CWE:416
Plugin Information
Published: 2023/02/20, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : tigervnc-license-1.8.0-21.el7
Should be : tigervnc-license-1.8.0-24.el7_9

Remote package installed : tigervnc-server-minimal-1.8.0-21.el7
Should be : tigervnc-server-minimal-1.8.0-24.el7_9

Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-22.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-22.el7_9
171793 (1) - CentOS 7 : firefox (RHSA-2023:0812)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0812 advisory.

- Mozilla: Content security policy leak in violation reports using iframes (CVE-2023-25728)

- Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code>
resulting in extensions being able to open them without user interaction via <code>ExpandedPrincipals</code>. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. (CVE-2023-25729)

- Mozilla: Screen hijack via browser fullscreen mode (CVE-2023-25730)

- When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. (CVE-2023-25732)

- Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. (CVE-2023-25735)

- An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
(CVE-2023-25737)

- Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</code>. This vulnerability affects Firefox < 110, Thunderbird <
102.8, and Firefox ESR < 102.8. (CVE-2023-25739)

- Mozilla: Web Crypto ImportKey crashes tab (CVE-2023-25742)

- Mozilla: Fullscreen notification not shown in Firefox Focus (CVE-2023-25743)

- Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8. (CVE-2023-25744)

- Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.8 and Firefox ESR < 102.8. (CVE-2023-25746)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-25728
CVE CVE-2023-25729
CVE CVE-2023-25730
CVE CVE-2023-25732
CVE CVE-2023-25735
CVE CVE-2023-25737
CVE CVE-2023-25739
CVE CVE-2023-25742
CVE CVE-2023-25743
CVE CVE-2023-25744
CVE CVE-2023-25746
XREF IAVA:2023-A-0081-S
XREF RHSA:2023:0812
XREF CWE:84
XREF CWE:119
XREF CWE:120
XREF CWE:173
XREF CWE:357
XREF CWE:416
XREF CWE:704
XREF CWE:787
XREF CWE:821
XREF CWE:1021
Plugin Information
Published: 2023/02/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-102.8.0-2.el7.centos
172356 (1) - CentOS 7 : samba (RHSA-2023:1090)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1090 advisory.

- Netlogon RPC Elevation of Privilege Vulnerability (CVE-2022-38023)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
7.6 (CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
6.3 (CVSS2#E:F/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2022-38023
XREF IAVA:2023-A-0004-S
XREF RHSA:2023:1090
XREF CWE:328
Plugin Information
Published: 2023/03/09, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : libsmbclient-4.10.16-5.el7
Should be : libsmbclient-4.10.16-24.el7_9

Remote package installed : libwbclient-4.10.16-5.el7
Should be : libwbclient-4.10.16-24.el7_9

Remote package installed : samba-4.10.16-5.el7
Should be : samba-4.10.16-24.el7_9

Remote package installed : samba-client-4.10.16-5.el7
Should be : samba-client-4.10.16-24.el7_9

Remote package installed : samba-client-libs-4.10.16-5.el7
Should be : samba-client-libs-4.10.16-24.el7_9

Remote package installed : samba-common-4.10.16-5.el7
Should be : samba-common-4.10.16-24.el7_9

Remote package installed : samba-common-libs-4.10.16-5.el7
Should be : samba-common-libs-4.10.16-24.el7_9

Remote package installed : samba-common-tools-4.10.16-5.el7
Should be : samba-common-tools-4.10.16-24.el7_9

Remote package installed : samba-libs-4.10.16-5.el7
Should be : samba-libs-4.10.16-24.el7_9
172361 (1) - CentOS 7 : kernel (RHSA-2023:1091)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1091 advisory.

- mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
(CVE-2022-42703)

- A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-4378)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2022-4378
CVE CVE-2022-42703
XREF RHSA:2023:1091
XREF CWE:120
XREF CWE:131
XREF CWE:416
XREF CWE:787
Plugin Information
Published: 2023/03/09, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.88.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.88.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.88.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.88.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.88.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.88.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.88.1.el7
173254 (1) - CentOS 7 : firefox (RHSA-2023:1333)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1333 advisory.

- Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. (CVE-2023-25751)

- When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. (CVE-2023-25752)

- While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type.
This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. (CVE-2023-28162)

- Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. (CVE-2023-28164)

- Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
(CVE-2023-28176)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-25751
CVE CVE-2023-25752
CVE CVE-2023-28162
CVE CVE-2023-28164
CVE CVE-2023-28176
XREF IAVA:2023-A-0132-S
XREF RHSA:2023:1333
XREF CWE:94
XREF CWE:120
XREF CWE:125
XREF CWE:704
XREF CWE:829
Plugin Information
Published: 2023/03/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-102.9.0-3.el7.centos
173255 (1) - CentOS 7 : openssl (RHSA-2023:1335)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1335 advisory.

- There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName.
X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network. (CVE-2023-0286)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.4 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H)
CVSS v3.0 Temporal Score
6.4 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.1 (CVSS2#AV:N/AC:H/Au:N/C:C/I:N/A:C)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-0286
XREF IAVA:2022-A-0518-S
XREF RHSA:2023:1335
XREF CWE:704
Plugin Information
Published: 2023/03/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : openssl-1.0.2k-19.el7
Should be : openssl-1.0.2k-26.el7_9

Remote package installed : openssl-libs-1.0.2k-19.el7
Should be : openssl-libs-1.0.2k-26.el7_9
173262 (1) - CentOS 7 : nss (RHSA-2023:1332)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1332 advisory.

- An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. (CVE-2023-0767)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-0767
XREF RHSA:2023:1332
XREF CWE:119
Plugin Information
Published: 2023/03/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : nss-3.44.0-7.el7_7
Should be : nss-3.79.0-5.el7_9

Remote package installed : nss-sysinit-3.44.0-7.el7_7
Should be : nss-sysinit-3.79.0-5.el7_9

Remote package installed : nss-tools-3.44.0-7.el7_7
Should be : nss-tools-3.79.0-5.el7_9
174679 (1) - CentOS 7 : firefox (RHSA-2023:1791)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1791 advisory.

- Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.10 and Firefox ESR < 102.10.
(CVE-2023-1945)

- There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. (CVE-2023-1999)

- A website could have obscured the fullscreen notification by using a combination of <code>window.open</code>, fullscreen requests, <code>window.name</code> assignments, and <code>setInterval</code> calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android <
112, and Thunderbird < 102.10. (CVE-2023-29533)

- Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird <
102.10. (CVE-2023-29535)

- An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker- controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android <
112, and Thunderbird < 102.10. (CVE-2023-29536)

- When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. (CVE-2023-29539)

- Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands. <br>*This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR <
102.10, Firefox for Android < 112, and Thunderbird < 102.10. (CVE-2023-29541)

- A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android <
112, and Thunderbird < 102.10. (CVE-2023-29548)

- Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. (CVE-2023-29550)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-1945
CVE CVE-2023-1999
CVE CVE-2023-29533
CVE CVE-2023-29535
CVE CVE-2023-29536
CVE CVE-2023-29539
CVE CVE-2023-29541
CVE CVE-2023-29548
CVE CVE-2023-29550
XREF IAVA:2023-A-0182-S
XREF RHSA:2023:1791
XREF CWE:119
XREF CWE:120
XREF CWE:159
XREF CWE:425
XREF CWE:434
XREF CWE:617
XREF CWE:682
Plugin Information
Published: 2023/04/25, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-102.10.0-1.el7.centos
178330 (1) - CentOS 7 : java-1.8.0-openjdk (CESA-2022:1487)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1487 advisory.

- OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426)

- OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434)

- OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443)

- OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476)

- OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-21426
CVE CVE-2022-21434
CVE CVE-2022-21443
CVE CVE-2022-21476
CVE CVE-2022-21496
XREF RHSA:2022:1487
XREF CWE:20
XREF CWE:191
XREF CWE:400
XREF CWE:470
XREF CWE:770
Plugin Information
Published: 2023/07/17, Modified: 2023/07/17
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.332.b09-1.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el7_9
178966 (1) - CentOS 7 : git (RHSA-2023:3263)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3263 advisory.

- Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists. (CVE-2023-25652)

- Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`. (CVE-2023-29007)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N)
CVSS v2.0 Temporal Score
6.1 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2023-25652
CVE CVE-2023-29007
XREF RHSA:2023:3263
Plugin Information
Published: 2023/07/28, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : git-1.8.3.1-23.el7_8
Should be : git-1.8.3.1-25.el7_9

Remote package installed : perl-Git-1.8.3.1-23.el7_8
Should be : perl-Git-1.8.3.1-25.el7_9
178967 (1) - CentOS 7 : emacs (RHSA-2023:3481)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3481 advisory.

- An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability.
In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed. (CVE-2022-48339)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-48339
XREF RHSA:2023:3481
XREF CWE:77
Plugin Information
Published: 2023/07/28, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : emacs-filesystem-24.3-23.el7
Should be : emacs-filesystem-24.3-23.el7_9.1
178968 (1) - CentOS 7 : python (RHSA-2023:3555)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3555 advisory.

- An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. (CVE-2023-24329)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVSS v3.0 Temporal Score
6.7 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N)
CVSS v2.0 Temporal Score
6.1 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-24329
XREF IAVA:2023-A-0118-S
XREF RHSA:2023:3555
XREF IAVA:2023-A-0283-S
XREF CWE:20
Plugin Information
Published: 2023/07/28, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : python-2.7.5-89.el7
Should be : python-2.7.5-93.el7_9

Remote package installed : python-libs-2.7.5-89.el7
Should be : python-libs-2.7.5-93.el7_9
178970 (1) - CentOS 7 : java-1.8.0-openjdk (RHSA-2023:1904)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1904 advisory.

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. (CVE-2023-21930)

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. (CVE-2023-21937)

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). (CVE-2023-21938)

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.
(CVE-2023-21939)

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. (CVE-2023-21954)

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. (CVE-2023-21967)

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. (CVE-2023-21968)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.4 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
CVSS v3.0 Temporal Score
6.4 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.1 (CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
Plugin Information
Published: 2023/07/28, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.372.b07-1.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el7_9
178971 (1) - CentOS 7 : libwebp (RHSA-2023:2077)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2077 advisory.

- There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. (CVE-2023-1999)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS v2.0 Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-1999
XREF RHSA:2023:2077
XREF CWE:415
Plugin Information
Published: 2023/07/28, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : libwebp-0.3.0-7.el7
Should be : libwebp-0.3.0-11.el7
178972 (1) - CentOS 7 : c-ares (RHSA-2023:3741)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3741 advisory.

- c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1. (CVE-2023-32067)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected c-ares and / or c-ares-devel packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS v2.0 Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-32067
XREF RHSA:2023:3741
XREF CWE:400
Plugin Information
Published: 2023/07/28, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : c-ares-1.10.0-3.el7
Should be : c-ares-1.10.0-3.el7_9.1
178973 (1) - CentOS 7 : python3 (RHSA-2023:3556)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3556 advisory.

- An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. (CVE-2023-24329)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVSS v3.0 Temporal Score
6.7 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N)
CVSS v2.0 Temporal Score
6.1 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-24329
XREF IAVA:2023-A-0118-S
XREF RHSA:2023:3556
XREF IAVA:2023-A-0283-S
XREF CWE:20
Plugin Information
Published: 2023/07/28, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : python3-3.6.8-17.el7
Should be : python3-3.6.8-19.el7_9

Remote package installed : python3-libs-3.6.8-17.el7
Should be : python3-libs-3.6.8-19.el7_9
179318 (1) - CentOS 7 : kernel (RHSA-2023:4151)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4151 advisory.

- A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.1 (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.2 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.5 (CVSS2#AV:A/AC:H/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
4.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-3564
XREF RHSA:2023:4151
XREF CWE:416
Plugin Information
Published: 2023/08/03, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.95.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.95.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.95.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.95.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.95.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.95.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.95.1.el7
179319 (1) - CentOS 7 : bind (RHSA-2023:4152)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4152 advisory.

- Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.
(CVE-2023-2828)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS v2.0 Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-2828
XREF RHSA:2023:4152
XREF IAVA:2023-A-0320-S
Plugin Information
Published: 2023/08/03, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : bind-export-libs-9.11.4-26.P2.el7
Should be : bind-export-libs-9.11.4-26.P2.el7_9.14

Remote package installed : bind-libs-9.11.4-26.P2.el7
Should be : bind-libs-9.11.4-26.P2.el7_9.14

Remote package installed : bind-libs-lite-9.11.4-26.P2.el7
Should be : bind-libs-lite-9.11.4-26.P2.el7_9.14

Remote package installed : bind-license-9.11.4-26.P2.el7
Should be : bind-license-9.11.4-26.P2.el7_9.14

Remote package installed : bind-utils-9.11.4-26.P2.el7
Should be : bind-utils-9.11.4-26.P2.el7_9.14
187226 (1) - CentOS 7 : firefox (RHSA-2023:7509)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7509 advisory.

- On some systemsdepending on the graphics settings and driversit was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. (CVE-2023-6204)

- It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. (CVE-2023-6205)

- The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox < 120, Firefox ESR <
115.5.0, and Thunderbird < 115.5. (CVE-2023-6206)

- Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. (CVE-2023-6207)

- When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. *This bug only affects Firefox on X11. Other systems are unaffected.* This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. (CVE-2023-6208)

- Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal /../ part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
(CVE-2023-6209)

- Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. (CVE-2023-6212)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-6204
CVE CVE-2023-6205
CVE CVE-2023-6206
CVE CVE-2023-6207
CVE CVE-2023-6208
CVE CVE-2023-6209
CVE CVE-2023-6212
XREF IAVA:2023-A-0654-S
XREF RHSA:2023:7509
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-115.5.0-1.el7_9
187229 (1) - CentOS 7 : libssh2 (RHSA-2023:5615)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5615 advisory.

- An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. (CVE-2020-22218)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected libssh2, libssh2-devel and / or libssh2-docs packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS v2.0 Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-22218
XREF RHSA:2023:5615
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : libssh2-1.8.0-4.el7
Should be : libssh2-1.8.0-4.el7_9.1
187237 (1) - CentOS 7 : firefox (RHSA-2023:5019)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5019 advisory.

- A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2. (CVE-2023-4051)

- A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.
(CVE-2023-4053)

- When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox <
117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
(CVE-2023-4573)

- When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. (CVE-2023-4574)

- When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. (CVE-2023-4575)

- When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. (CVE-2023-4577)

- When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
(CVE-2023-4578)

- Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. (CVE-2023-4580)

- Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox <
117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
(CVE-2023-4581)

- When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR <
115.2, and Thunderbird < 115.2. (CVE-2023-4583)

- Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox <
117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
(CVE-2023-4584)

- Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. (CVE-2023-4585)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-4051
CVE CVE-2023-4053
CVE CVE-2023-4573
CVE CVE-2023-4574
CVE CVE-2023-4575
CVE CVE-2023-4577
CVE CVE-2023-4578
CVE CVE-2023-4580
CVE CVE-2023-4581
CVE CVE-2023-4583
CVE CVE-2023-4584
CVE CVE-2023-4585
XREF IAVA:2023-A-0388-S
XREF IAVA:2023-A-0449-S
XREF RHSA:2023:5019
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-102.15.0-1.el7.centos
187243 (1) - CentOS 7 : open-vm-tools (RHSA-2023:7279)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7279 advisory.

- VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere- security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd- db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . (CVE-2023-34058)

- open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. (CVE-2023-34059)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-34058
CVE CVE-2023-34059
XREF RHSA:2023:7279
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : open-vm-tools-11.0.5-3.el7
Should be : open-vm-tools-11.0.5-3.el7_9.9

Remote package installed : open-vm-tools-desktop-11.0.5-3.el7
Should be : open-vm-tools-desktop-11.0.5-3.el7_9.9
187246 (1) - CentOS 7 : firefox (RHSA-2023:5197)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5197 advisory.

- Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) (CVE-2023-4863)

- Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. (CVE-2023-5129)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.4 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
8.7 (CVSS2#E:H/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-4863
CVE CVE-2023-5129
XREF CISA-KNOWN-EXPLOITED:2023/10/04
XREF IAVA:2023-A-0491-S
XREF RHSA:2023:5197
Plugin Information
Published: 2023/12/22, Modified: 2023/12/25
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-102.15.1-1.el7_9
187252 (1) - CentOS 7 : xorg-x11-server (RHSA-2023:6802)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6802 advisory.

- A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. (CVE-2023-5367)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-5367
XREF RHSA:2023:6802
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-24.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-24.el7_9
187253 (1) - CentOS 7 : firefox (RHSA-2023:4079)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4079 advisory.

- An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS.
This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. (CVE-2023-37201)

- Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. (CVE-2023-37202)

- A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
(CVE-2023-37207)

- When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code.
This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. (CVE-2023-37208)

- Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. (CVE-2023-37211)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-37201
CVE CVE-2023-37202
CVE CVE-2023-37207
CVE CVE-2023-37208
CVE CVE-2023-37211
XREF IAVA:2023-A-0328-S
XREF RHSA:2023:4079
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-102.13.0-2.el7.centos
187256 (1) - CentOS 7 : tigervnc and xorg-x11-server (RHSA-2023:1594)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1594 advisory.

- A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation.
If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
(CVE-2023-1393)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-1393
XREF RHSA:2023:1594
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : tigervnc-license-1.8.0-21.el7
Should be : tigervnc-license-1.8.0-25.el7_9

Remote package installed : tigervnc-server-minimal-1.8.0-21.el7
Should be : tigervnc-server-minimal-1.8.0-25.el7_9

Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-23.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-23.el7_9
187260 (1) - CentOS 7 : open-vm-tools (RHSA-2023:5217)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5217 advisory.

- A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware- vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr- public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd- db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . (CVE-2023-20900)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-20900
XREF RHSA:2023:5217
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : open-vm-tools-11.0.5-3.el7
Should be : open-vm-tools-11.0.5-3.el7_9.7

Remote package installed : open-vm-tools-desktop-11.0.5-3.el7
Should be : open-vm-tools-desktop-11.0.5-3.el7_9.7
187263 (1) - CentOS 7 : firefox (RHSA-2023:3137)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3137 advisory.

- In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. (CVE-2023-32205)

- An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. (CVE-2023-32206)

- A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird <
102.11. (CVE-2023-32207)

- A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox <
113, Firefox ESR < 102.11, and Thunderbird < 102.11. (CVE-2023-32211)

- An attacker could have positioned a <code>datalist</code> element to obscure the address bar. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. (CVE-2023-32212)

- When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. (CVE-2023-32213)

- Memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
(CVE-2023-32215)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-32205
CVE CVE-2023-32206
CVE CVE-2023-32207
CVE CVE-2023-32211
CVE CVE-2023-32212
CVE CVE-2023-32213
CVE CVE-2023-32215
XREF IAVA:2023-A-0242-S
XREF RHSA:2023:3137
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-102.11.0-2.el7.centos
187264 (1) - CentOS 7 : bind (RHSA-2023:5691)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5691 advisory.

- The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key;
only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1. (CVE-2023-3341)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS v2.0 Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-3341
XREF RHSA:2023:5691
XREF IAVA:2023-A-0500-S
Plugin Information
Published: 2023/12/22, Modified: 2024/02/16
Plugin Output

ipaddr (tcp/0)


Remote package installed : bind-export-libs-9.11.4-26.P2.el7
Should be : bind-export-libs-9.11.4-26.P2.el7_9.15

Remote package installed : bind-libs-9.11.4-26.P2.el7
Should be : bind-libs-9.11.4-26.P2.el7_9.15

Remote package installed : bind-libs-lite-9.11.4-26.P2.el7
Should be : bind-libs-lite-9.11.4-26.P2.el7_9.15

Remote package installed : bind-license-9.11.4-26.P2.el7
Should be : bind-license-9.11.4-26.P2.el7_9.15

Remote package installed : bind-utils-9.11.4-26.P2.el7
Should be : bind-utils-9.11.4-26.P2.el7_9.15
187267 (1) - CentOS 7 : kernel (RHSA-2023:5622)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5622 advisory.

- In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. (CVE-2023-32233)

- Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace (CVE-2023-35001)

- A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 04c55383fa5689357bcdd2c8036725a55ed632bc.
(CVE-2023-3609)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.9 (CVSS2#E:H/RL:OF/RC:C)
References
CVE CVE-2023-3609
CVE CVE-2023-32233
CVE CVE-2023-35001
XREF RHSA:2023:5622
Exploitable With
Core Impact (true)
Plugin Information
Published: 2023/12/22, Modified: 2024/03/04
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.102.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.102.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.102.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.102.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.102.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.102.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.102.1.el7
187416 (1) - CentOS 7 : firefox (RHSA-2024:0026)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0026 advisory.

- The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
(CVE-2023-6856)

- When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS).
Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox <
121. (CVE-2023-6857)

- Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling.
This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. (CVE-2023-6858)

- A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. (CVE-2023-6859)

- The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. (CVE-2023-6860)

- The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
(CVE-2023-6861)

- A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6. (CVE-2023-6862)

- The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. (CVE-2023-6863)

- Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. (CVE-2023-6864)

- `EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121. (CVE-2023-6865)

- The timing of a button click causing a popup to disappear was approximately the same length as the anti- clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121. (CVE-2023-6867)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-6856
CVE CVE-2023-6857
CVE CVE-2023-6858
CVE CVE-2023-6859
CVE CVE-2023-6860
CVE CVE-2023-6861
CVE CVE-2023-6862
CVE CVE-2023-6863
CVE CVE-2023-6864
CVE CVE-2023-6865
CVE CVE-2023-6867
XREF RHSA:2024:0026
XREF IAVA:2023-A-0702-S
Plugin Information
Published: 2024/01/02, Modified: 2024/01/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-115.6.0-1.el7.centos
187752 (1) - CentOS 7 : tigervnc (RHSA-2024:0006)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0006 advisory.

- A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. (CVE-2023-6377)

- A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. (CVE-2023-6478)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N)
CVSS v2.0 Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-6377
CVE CVE-2023-6478
XREF RHSA:2024:0006
Plugin Information
Published: 2024/01/09, Modified: 2024/01/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : tigervnc-license-1.8.0-21.el7
Should be : tigervnc-license-1.8.0-28.el7_9

Remote package installed : tigervnc-server-minimal-1.8.0-21.el7
Should be : tigervnc-server-minimal-1.8.0-28.el7_9
187758 (1) - CentOS 7 : tigervnc (RHSA-2023:7428)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7428 advisory.

- A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. (CVE-2023-5367)

- A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed. (CVE-2023-5380)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-5367
CVE CVE-2023-5380
XREF RHSA:2023:7428
Plugin Information
Published: 2024/01/09, Modified: 2024/01/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : tigervnc-license-1.8.0-21.el7
Should be : tigervnc-license-1.8.0-26.el7_9

Remote package installed : tigervnc-server-minimal-1.8.0-21.el7
Should be : tigervnc-server-minimal-1.8.0-26.el7_9
187760 (1) - CentOS 7 : gstreamer1-plugins-bad-free (RHSA-2024:0013)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0013 advisory.

- MXF demuxer use-after-free vulnerability [fedora-all] (CVE-2023-44446)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected gstreamer1-plugins-bad-free, gstreamer1-plugins-bad-free-devel and / or gstreamer1-plugins-bad-free- gtk packages.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-44446
XREF RHSA:2024:0013
Plugin Information
Published: 2024/01/09, Modified: 2024/01/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : gstreamer1-plugins-bad-free-1.10.4-3.el7
Should be : gstreamer1-plugins-bad-free-1.10.4-4.el7_9
187763 (1) - CentOS 7 : xorg-x11-server (RHSA-2024:0009)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0009 advisory.

- A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. (CVE-2023-6377)

- A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. (CVE-2023-6478)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N)
CVSS v2.0 Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-6377
CVE CVE-2023-6478
XREF RHSA:2024:0009
Plugin Information
Published: 2024/01/09, Modified: 2024/01/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : xorg-x11-server-common-1.20.4-10.el7
Should be : xorg-x11-server-common-1.20.4-25.el7_9

Remote package installed : xorg-x11-server-Xorg-1.20.4-10.el7
Should be : xorg-x11-server-Xorg-1.20.4-25.el7_9
187944 (1) - Trellix Agent < 5.8.1 Buffer Overflow Vulnerability (SB10416)
-
Synopsis
A security management agent installed on the remote host is affected by a buffer overflow vulnerability.
Description
The version of Trellix Agent, formerly McAfee Agent or McAfee Policy Orchestrator (ePO) Agent, installed on the remote host is prior to 5.8.1. It is, therefore, affected by a buffer overflow vulnerability due to not handling files in the /var/McAfeee/.msgbus folder correctly. A local attacker can exploit this vulnerability to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root.
This may also result in the disabling of event reporting to ePO.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Upgrade to McAfee Agent version 5.8.1 or later.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2024-0213
XREF IAVA:2024-A-0010
Plugin Information
Published: 2024/01/11, Modified: 2024/01/15
Plugin Output

ipaddr (tcp/0)


Path : /opt/McAfee/cma/
Installed version : 5.8.0.161
Fixed version : 5.8.1
189508 (1) - CentOS 7 : kernel (RHSA-2024:0346)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0346 advisory.

- An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. (CVE-2023-42753)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2023-42753
XREF RHSA:2024:0346
Plugin Information
Published: 2024/01/25, Modified: 2024/01/25
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.108.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.108.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.108.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.108.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.108.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.108.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.108.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.108.1.el7
189765 (1) - CentOS 7 : gstreamer-plugins-bad-free (RHSA-2024:0279)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0279 advisory.

- MXF demuxer use-after-free vulnerability [fedora-all] (CVE-2023-44446)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected gstreamer-plugins-bad-free, gstreamer-plugins-bad-free-devel and / or gstreamer-plugins-bad-free- devel-docs packages.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-44446
XREF RHSA:2024:0279
Plugin Information
Published: 2024/01/30, Modified: 2024/01/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : gstreamer-plugins-bad-free-0.10.23-23.el7
Should be : gstreamer-plugins-bad-free-0.10.23-24.el7_9
189767 (1) - CentOS 7 : java-1.8.0-openjdk (RHSA-2024:0223)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0223 advisory.

- Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data.
Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.
(CVE-2024-20918)

- A vulnerability that allows an attacker to execute arbitrary java code from the javascript engine even though the option --no-java was set. (CVE-2024-20918) (CVE-2024-20919, CVE-2024-20921, CVE-2024-20945)

- Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. (CVE-2024-20926)

- Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data.
Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). (CVE-2024-20952)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.4 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
CVSS v3.0 Temporal Score
6.4 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.1 (CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
Plugin Information
Published: 2024/01/30, Modified: 2024/01/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el7_9
189997 (1) - CentOS 7 : firefox (RHSA-2024:0600)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0600 advisory.

- An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
(CVE-2024-0741)

- It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. (CVE-2024-0742)

- A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. (CVE-2024-0746)

- When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. (CVE-2024-0747)

- A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird <
115.7. (CVE-2024-0749)

- A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. (CVE-2024-0750)

- A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. (CVE-2024-0751)

- In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. (CVE-2024-0753)

- Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. (CVE-2024-0755)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2024-0741
CVE CVE-2024-0742
CVE CVE-2024-0746
CVE CVE-2024-0747
CVE CVE-2024-0749
CVE CVE-2024-0750
CVE CVE-2024-0751
CVE CVE-2024-0753
CVE CVE-2024-0755
XREF RHSA:2024:0600
XREF IAVA:2024-A-0053-S
Plugin Information
Published: 2024/02/05, Modified: 2024/02/23
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-115.7.0-1.el7.centos
190992 (1) - CentOS 7 : firefox (RHSA-2024:0976)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0976 advisory.

- When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. (CVE-2024-1546)

- Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. (CVE-2024-1547)

- A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. (CVE-2024-1548)

- If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. (CVE-2024-1549)

- A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. (CVE-2024-1550)

- Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. (CVE-2024-1551)

- Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. (CVE-2024-1552)

- Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. (CVE-2024-1553)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.6 (CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.6 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2024-1546
CVE CVE-2024-1547
CVE CVE-2024-1548
CVE CVE-2024-1549
CVE CVE-2024-1550
CVE CVE-2024-1551
CVE CVE-2024-1552
CVE CVE-2024-1553
XREF RHSA:2024:0976
XREF IAVA:2024-A-0108-S
Plugin Information
Published: 2024/02/26, Modified: 2024/03/21
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-115.8.0-1.el7.centos
192540 (1) - CentOS 7 : firefox (RHSA-2024:1486)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1486 advisory.

- NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. (CVE-2023-5388)

- An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9. (CVE-2024-0743)

- Return registers were overwritten which could have allowed an attacker to execute arbitrary code. *Note:* This issue only affected Armv7-A systems. Other operating systems are unaffected. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. (CVE-2024-2607)

- `AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
(CVE-2024-2608)

- Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. (CVE-2024-2610)

- A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird <
115.9. (CVE-2024-2611)

- If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. (CVE-2024-2612)

- Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. (CVE-2024-2614)

- To harden ICU against exploitation, the behavior for out-of-memory conditions was changed to crash instead of attempt to continue. This vulnerability affects Firefox ESR < 115.9 and Thunderbird < 115.9.
(CVE-2024-2616)

- An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox < 124.0.1 and Firefox ESR <
115.9.1. (CVE-2024-29944)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected firefox package.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS v2.0 Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-5388
CVE CVE-2024-0743
CVE CVE-2024-2607
CVE CVE-2024-2608
CVE CVE-2024-2610
CVE CVE-2024-2611
CVE CVE-2024-2612
CVE CVE-2024-2614
CVE CVE-2024-2616
CVE CVE-2024-29944
XREF IAVA:2024-A-0053-S
XREF IAVA:2024-A-0174
XREF RHSA:2024:1486
Plugin Information
Published: 2024/03/25, Modified: 2024/03/25
Plugin Output

ipaddr (tcp/0)


Remote package installed : firefox-68.10.0-1.el7.centos
Should be : firefox-115.9.1-1.el7_9
51192 (9) - SSL Certificate Cannot Be Trusted
-
Synopsis
The SSL certificate for this service cannot be trusted.
Description
The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which the chain of trust can be broken, as stated below :

- First, the top of the certificate chain sent by the server might not be descended from a known public certificate authority. This can occur either when the top of the chain is an unrecognized, self-signed certificate, or when intermediate certificates are missing that would connect the top of the certificate chain to a known public certificate authority.

- Second, the certificate chain may contain a certificate that is not valid at the time of the scan. This can occur either when the scan occurs before one of the certificate's 'notBefore' dates, or after one of the certificate's 'notAfter' dates.

- Third, the certificate chain may contain a signature that either didn't match the certificate's information or could not be verified. Bad signatures can be fixed by getting the certificate with the bad signature to be re-signed by its issuer. Signatures that could not be verified are the result of the certificate's issuer using a signing algorithm that Nessus either does not support or does not recognize.

If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host.
See Also
Solution
Purchase or generate a proper SSL certificate for this service.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVSS v2.0 Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
Plugin Information
Published: 2010/12/15, Modified: 2020/04/27
Plugin Output

ipaddr (tcp/443/www)


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/3820/giop)


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/3920)


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/4848/www)


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/8181/www)


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/8686)


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/24848/www)


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : C=US/ST=California/L=Santa Clara/O=Oracle Corporation/OU=GlassFish/CN=localhost-instance
|-Issuer : C=US/ST=California/L=Santa Clara/O=Oracle Corporation/OU=GlassFish/CN=localhost-instance

ipaddr (tcp/28181/www)


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/28686)


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : C=US/ST=California/L=Santa Clara/O=Oracle Corporation/OU=GlassFish/CN=localhost-instance
|-Issuer : C=US/ST=California/L=Santa Clara/O=Oracle Corporation/OU=GlassFish/CN=localhost-instance
57582 (9) - SSL Self-Signed Certificate
-
Synopsis
The SSL certificate chain for this service ends in an unrecognized self-signed certificate.
Description
The X.509 certificate chain for this service is not signed by a recognized certificate authority. If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host.

Note that this plugin does not check for certificate chains that end in a certificate that is not self-signed, but is signed by an unrecognized certificate authority.
Solution
Purchase or generate a proper SSL certificate for this service.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVSS v2.0 Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
Plugin Information
Published: 2012/01/17, Modified: 2022/06/14
Plugin Output

ipaddr (tcp/443/www)


The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/3820/giop)


The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/3920)


The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/4848/www)


The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/8181/www)


The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/8686)


The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/24848/www)


The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :

|-Subject : C=US/ST=California/L=Santa Clara/O=Oracle Corporation/OU=GlassFish/CN=localhost-instance

ipaddr (tcp/28181/www)


The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA

ipaddr (tcp/28686)


The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :

|-Subject : C=US/ST=California/L=Santa Clara/O=Oracle Corporation/OU=GlassFish/CN=localhost-instance
104743 (8) - TLS Version 1.0 Protocol Detection
-
Synopsis
The remote service encrypts traffic using an older version of TLS.
Description
The remote service accepts connections encrypted using TLS 1.0. TLS 1.0 has a number of cryptographic design flaws. Modern implementations of TLS 1.0 mitigate these problems, but newer versions of TLS like 1.2 and 1.3 are designed against these flaws and should be used whenever possible.

As of March 31, 2020, Endpoints that aren’t enabled for TLS 1.2 and higher will no longer function properly with major web browsers and major vendors.

PCI DSS v3.2 requires that TLS 1.0 be disabled entirely by June 30, 2018, except for POS POI terminals (and the SSL/TLS termination points to which they connect) that can be verified as not being susceptible to any known exploits.
See Also
Solution
Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N)
CVSS v2.0 Base Score
6.1 (CVSS2#AV:N/AC:H/Au:N/C:C/I:P/A:N)
References
XREF CWE:327
Plugin Information
Published: 2017/11/22, Modified: 2023/04/19
Plugin Output

ipaddr (tcp/3820/giop)

TLSv1 is enabled and the server supports at least one cipher.

ipaddr (tcp/3920)

TLSv1 is enabled and the server supports at least one cipher.

ipaddr (tcp/4848/www)

TLSv1 is enabled and the server supports at least one cipher.

ipaddr (tcp/8181/www)

TLSv1 is enabled and the server supports at least one cipher.

ipaddr (tcp/8686)

TLSv1 is enabled and the server supports at least one cipher.

ipaddr (tcp/24848/www)

TLSv1 is enabled and the server supports at least one cipher.

ipaddr (tcp/28181/www)

TLSv1 is enabled and the server supports at least one cipher.

ipaddr (tcp/28686)

TLSv1 is enabled and the server supports at least one cipher.
157288 (8) - TLS Version 1.1 Protocol Deprecated
-
Synopsis
The remote service encrypts traffic using an older version of TLS.
Description
The remote service accepts connections encrypted using TLS 1.1. TLS 1.1 lacks support for current and recommended cipher suites. Ciphers that support encryption before MAC computation, and authenticated encryption modes such as GCM cannot be used with TLS 1.1

As of March 31, 2020, Endpoints that are not enabled for TLS 1.2 and higher will no longer function properly with major web browsers and major vendors.
See Also
Solution
Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N)
CVSS v2.0 Base Score
6.1 (CVSS2#AV:N/AC:H/Au:N/C:C/I:P/A:N)
References
XREF CWE:327
Plugin Information
Published: 2022/04/04, Modified: 2023/04/19
Plugin Output

ipaddr (tcp/3820/giop)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/3920)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/4848/www)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/8181/www)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/8686)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/24848/www)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/28181/www)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/28686)

TLSv1.1 is enabled and the server supports at least one cipher.
156183 (7) - Apache Log4j 2.x < 2.17.0 DoS
-
Synopsis
A package installed on the remote host is affected by a denial of service vulnerability.
Description
The version of Apache Log4j on the remote host is 2.x < 2.3.1 / 2.13.2 / 2.17.0. It is, therefore, affected by a denial of service vulnerability. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 did not protect from uncontrolled recursion from self-referential lookups. When the logging configuration uses a non-default Pattern Layout with a Context Lookup (for example, $${ctx:loginId}), attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup, resulting in a StackOverflowError that will terminate the process.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Upgrade to Apache Log4j version 2.3.1, 2.12.3, 2.17.0 or later, or apply the vendor mitigation.

Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.
Risk Factor
Medium
CVSS v3.0 Base Score
5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
5.7 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:H/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-45105
XREF IAVA:2021-A-0573
XREF IAVA:2021-A-0598
XREF IAVA:0001-A-0650
Plugin Information
Published: 2021/12/18, Modified: 2022/04/11
Plugin Output

ipaddr (tcp/0)


Path : /home/glassfish/backup/sfcf.war
Installed version : 2.8.2
Fixed version : 2.12.3 / 2.17.0

ipaddr (tcp/0)


Path : /home/glassfish/new/sfcf.war
Installed version : 2.8.2
Fixed version : 2.12.3 / 2.17.0

ipaddr (tcp/0)


Path : /home/user/sfcf.war
Installed version : 2.8.2
Fixed version : 2.12.3 / 2.17.0

ipaddr (tcp/0)


Path : /opt/glassfish5/glassfish/domains/domain1/applications/__internal/sfcf/sfcf.war
Installed version : 2.8.2
Fixed version : 2.12.3 / 2.17.0

ipaddr (tcp/0)


Path : /opt/glassfish5/glassfish/domains/domain1/applications/sfcf/WEB-INF/lib/log4j-core-2.8.2.jar
Installed version : 2.8.2
Fixed version : 2.12.3 / 2.17.0

ipaddr (tcp/0)


Path : /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/applications/sfcf/WEB-INF/lib/log4j-core-2.8.2.jar
Installed version : 2.8.2
Fixed version : 2.12.3 / 2.17.0

ipaddr (tcp/0)


Path : /sharedata/samba/sfcf.war
Installed version : 2.8.2
Fixed version : 2.12.3 / 2.17.0
45411 (2) - SSL Certificate with Wrong Hostname
-
Synopsis
The SSL certificate for this service is for a different host.
Description
The 'commonName' (CN) attribute of the SSL certificate presented for this service is for a different machine.
Solution
Purchase or generate a proper SSL certificate for this service.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
Plugin Information
Published: 2010/04/03, Modified: 2020/04/27
Plugin Output

ipaddr (tcp/24848/www)


The identities known by Nessus are :

127.0.0.1
192.168.100.151
192.168.100.152
192.168.100.41
192.168.101.41
::1
['ipv6': ::1]['scope': host]['scopeid': 0x10]['prefixlen': 128]
['ipv6': fd01:e2e2:0:e0c0::141]['scope': global]['scopeid': 0x0]['prefixlen': 64]
['ipv6': fd01:e2e2:0:e0c0::142]['scope': global]['scopeid': 0x0]['prefixlen': 64]
['ipv6': ipaddr]['scope': global]['scopeid': 0x0]['prefixlen': 64]
['ipv6': fd01:e2e2:0:e0c0:d6f5:efff:fe8c:84ac]['scope': global]['scopeid': 0x0]['prefixlen': 64]
['ipv6': fe80::311d:a8a9:5575:76f6]['scope': link]['scopeid': 0x20]['prefixlen': 64]
['ipv6': fe80::d6f5:efff:fe8c:84ac]['scope': link]['scopeid': 0x20]['prefixlen': 64]
['ipv6': fe80::d6f5:efff:fea8:831c]['scope': link]['scopeid': 0x20]['prefixlen': 64]
masked_hostname
fd01:e2e2:0:e0c0::141
fd01:e2e2:0:e0c0::142
ipaddr
fd01:e2e2:0:e0c0:d6f5:efff:fe8c:84ac
fe80::311d:a8a9:5575:76f6
fe80::d6f5:efff:fe8c:84ac
fe80::d6f5:efff:fea8:831c
ipaddr

The Common Name in the certificate is :

localhost-instance

ipaddr (tcp/28686)


The identities known by Nessus are :

127.0.0.1
192.168.100.151
192.168.100.152
192.168.100.41
192.168.101.41
::1
['ipv6': ::1]['scope': host]['scopeid': 0x10]['prefixlen': 128]
['ipv6': fd01:e2e2:0:e0c0::141]['scope': global]['scopeid': 0x0]['prefixlen': 64]
['ipv6': fd01:e2e2:0:e0c0::142]['scope': global]['scopeid': 0x0]['prefixlen': 64]
['ipv6': ipaddr]['scope': global]['scopeid': 0x0]['prefixlen': 64]
['ipv6': fd01:e2e2:0:e0c0:d6f5:efff:fe8c:84ac]['scope': global]['scopeid': 0x0]['prefixlen': 64]
['ipv6': fe80::311d:a8a9:5575:76f6]['scope': link]['scopeid': 0x20]['prefixlen': 64]
['ipv6': fe80::d6f5:efff:fe8c:84ac]['scope': link]['scopeid': 0x20]['prefixlen': 64]
['ipv6': fe80::d6f5:efff:fea8:831c]['scope': link]['scopeid': 0x20]['prefixlen': 64]
masked_hostname
fd01:e2e2:0:e0c0::141
fd01:e2e2:0:e0c0::142
ipaddr
fd01:e2e2:0:e0c0:d6f5:efff:fe8c:84ac
fe80::311d:a8a9:5575:76f6
fe80::d6f5:efff:fe8c:84ac
fe80::d6f5:efff:fea8:831c
ipaddr

The Common Name in the certificate is :

localhost-instance
156327 (2) - Apache Log4j 2.0 < 2.3.2 / 2.4 < 2.12.4 / 2.13 < 2.17.1 RCE
-
Synopsis
A package installed on the remote host is affected by a remote code execution vulnerability.
Description
The version of Apache Log4j on the remote host is 2.0 < 2.3.2, 2.4 < 2.12.4, or 2.13 < 2.17.1. It is, therefore, affected by a remote code execution vulnerability. Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Upgrade to Apache Log4j version 2.17.1, 2.12.4, or 2.3.2 or later, or apply the vendor mitigation.

Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.
Risk Factor
High
CVSS v3.0 Base Score
6.6 (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.1 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
8.5 (CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
7.0 (CVSS2#E:F/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-44832
XREF IAVA:2021-A-0573
XREF IAVA:0001-A-0650
Plugin Information
Published: 2021/12/28, Modified: 2023/11/22
Plugin Output

ipaddr (tcp/0)


Path : /opt/glassfish5/glassfish/domains/domain1/applications/sfcf/WEB-INF/lib/log4j-core-2.8.2.jar
Installed version : 2.8.2
Fixed version : 2.12.4

ipaddr (tcp/0)


Path : /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/applications/sfcf/WEB-INF/lib/log4j-core-2.8.2.jar
Installed version : 2.8.2
Fixed version : 2.12.4
57608 (1) - SMB Signing not required
-
Synopsis
Signing is not required on the remote SMB server.
Description
Signing is not required on the remote SMB server. An unauthenticated, remote attacker can exploit this to conduct man-in-the-middle attacks against the SMB server.
See Also
Solution
Enforce message signing in the host's configuration. On Windows, this is found in the policy setting 'Microsoft network server: Digitally sign communications (always)'. On Samba, the setting is called 'server signing'. See the 'see also' links for further details.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS v3.0 Temporal Score
4.6 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
Plugin Information
Published: 2012/01/19, Modified: 2022/10/05
Plugin Output

ipaddr (tcp/445/cifs)

142598 (1) - CentOS 7 : freetype (CESA-2020:4907)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4907 advisory.

- freetype: Heap-based buffer overflow due to integer truncation in Load_SBit_Png (CVE-2020-15999)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected freetype, freetype-demos and / or freetype-devel packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.2 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:H/RL:OF/RC:C)
References
CVE CVE-2020-15999
XREF RHSA:2020:4907
XREF CISA-KNOWN-EXPLOITED:2021/11/17
XREF CEA-ID:CEA-2020-0124
XREF CWE:122
XREF CWE:190
Plugin Information
Published: 2020/11/06, Modified: 2022/12/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : freetype-2.8-14.el7
Should be : freetype-2.8-14.el7_9.1


NOTE: The security advisory associated with this vulnerability has a
fixed package version that may only be available in the continuous
release (CR) repository for CentOS, until it is present in the next
point release of CentOS.

If an equal or higher package level does not exist in the baseline
repository for your major version of CentOS, then updates from the CR
repository will need to be applied in order to address the
vulnerability.
142601 (1) - CentOS 7 : java-1.8.0-openjdk (CESA-2020:4350)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4350 advisory.

- OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) (CVE-2020-14779)

- OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781)

- OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782)

- OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) (CVE-2020-14792)

- OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) (CVE-2020-14796)

- OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) (CVE-2020-14797)

- OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) (CVE-2020-14803)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVSS v3.0 Temporal Score
4.6 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS v2.0 Temporal Score
4.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-14779
CVE CVE-2020-14781
CVE CVE-2020-14782
CVE CVE-2020-14792
CVE CVE-2020-14796
CVE CVE-2020-14797
CVE CVE-2020-14803
XREF RHSA:2020:4350
XREF CEA-ID:CEA-2021-0004
XREF CWE:20
XREF CWE:190
XREF CWE:295
XREF CWE:319
XREF CWE:367
XREF CWE:770
Plugin Information
Published: 2020/11/06, Modified: 2022/12/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.272.b10-1.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.272.b10-1.el7_9


NOTE: The security advisory associated with this vulnerability has a
fixed package version that may only be available in the continuous
release (CR) repository for CentOS, until it is present in the next
point release of CentOS.

If an equal or higher package level does not exist in the baseline
repository for your major version of CentOS, then updates from the CR
repository will need to be applied in order to address the
vulnerability.
142604 (1) - CentOS 7 : spice and spice-gtk (CESA-2020:4187)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4187 advisory.

- spice: multiple buffer overflow vulnerabilities in QUIC decoding code (CVE-2020-14355)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.6 (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L)
CVSS v3.0 Temporal Score
5.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.5 (CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
4.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-14355
XREF RHSA:2020:4187
XREF CWE:119
Plugin Information
Published: 2020/11/06, Modified: 2020/11/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : spice-glib-0.35-5.el7
Should be : spice-glib-0.35-5.el7_9.1

Remote package installed : spice-gtk3-0.35-5.el7
Should be : spice-gtk3-0.35-5.el7_9.1

Remote package installed : spice-server-0.14.0-9.el7
Should be : spice-server-0.14.0-9.el7_9.1


NOTE: The security advisory associated with this vulnerability has a
fixed package version that may only be available in the continuous
release (CR) repository for CentOS, until it is present in the next
point release of CentOS.

If an equal or higher package level does not exist in the baseline
repository for your major version of CentOS, then updates from the CR
repository will need to be applied in order to address the
vulnerability.
142608 (1) - CentOS 7 : qemu-kvm (CESA-2020:4079)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4079 advisory.

- QEMU: usb: out-of-bounds r/w access issue while processing usb packets (CVE-2020-14364)

- QEMU: slirp: use-after-free in ip_reass() function in ip_input.c (CVE-2020-1983)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.0 (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L)
CVSS v3.0 Temporal Score
4.5 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
4.4 (CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
3.4 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2020-1983
CVE CVE-2020-14364
XREF RHSA:2020:4079
XREF CWE:125
XREF CWE:416
XREF CWE:787
Plugin Information
Published: 2020/11/06, Modified: 2024/02/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : qemu-img-1.5.3-175.el7
Should be : qemu-img-1.5.3-175.el7_9.1

Remote package installed : qemu-kvm-1.5.3-175.el7
Should be : qemu-kvm-1.5.3-175.el7_9.1

Remote package installed : qemu-kvm-common-1.5.3-175.el7
Should be : qemu-kvm-common-1.5.3-175.el7_9.1


NOTE: The security advisory associated with this vulnerability has a
fixed package version that may only be available in the continuous
release (CR) repository for CentOS, until it is present in the next
point release of CentOS.

If an equal or higher package level does not exist in the baseline
repository for your major version of CentOS, then updates from the CR
repository will need to be applied in order to address the
vulnerability.
143049 (1) - CentOS 7 : kernel (CESA-2020:5023)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5023 advisory.

- kernel: net-sysfs: *_queue_add_kobject refcount issue (CVE-2019-20811)

- kernel: kernel: buffer over write in vgacon_scroll (CVE-2020-14331)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
6.6 (CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
5.9 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2019-20811
CVE CVE-2020-14331
XREF RHSA:2020:5023
XREF CWE:460
XREF CWE:787
Plugin Information
Published: 2020/11/18, Modified: 2024/02/08
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.6.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.6.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.6.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.6.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.6.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.6.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.6.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.6.1.el7
143050 (1) - CentOS 7 : bind (CESA-2020:5011)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5011 advisory.

- bind: truncated TSIG response can lead to an assertion failure (CVE-2020-8622)

- bind: remotely triggerable assertion failure in pk11.c (CVE-2020-8623)

- bind: incorrect enforcement of update-policy rules of type subdomain (CVE-2020-8624)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
4.3 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)
CVSS v3.0 Temporal Score
3.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.0 (CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N)
CVSS v2.0 Temporal Score
3.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-8622
CVE CVE-2020-8623
CVE CVE-2020-8624
XREF RHSA:2020:5011
XREF CWE:400
Plugin Information
Published: 2020/11/18, Modified: 2020/11/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : bind-export-libs-9.11.4-26.P2.el7
Should be : bind-export-libs-9.11.4-26.P2.el7_9.2

Remote package installed : bind-libs-9.11.4-26.P2.el7
Should be : bind-libs-9.11.4-26.P2.el7_9.2

Remote package installed : bind-libs-lite-9.11.4-26.P2.el7
Should be : bind-libs-lite-9.11.4-26.P2.el7_9.2

Remote package installed : bind-license-9.11.4-26.P2.el7
Should be : bind-license-9.11.4-26.P2.el7_9.2

Remote package installed : bind-utils-9.11.4-26.P2.el7
Should be : bind-utils-9.11.4-26.P2.el7_9.2
143051 (1) - CentOS 7 : qt and qt5-qtbase (CESA-2020:5021)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:5021 advisory.

- qt: buffer over-read in read_xbm_body in gui/image/qxbmhandler.cpp (CVE-2020-17507)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVSS v3.0 Temporal Score
4.6 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-17507
XREF RHSA:2020:5021
XREF CWE:20
XREF CWE:125
Plugin Information
Published: 2020/11/18, Modified: 2020/11/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : qt5-qtbase-5.9.7-4.el7
Should be : qt5-qtbase-5.9.7-5.el7_9

Remote package installed : qt5-qtbase-common-5.9.7-4.el7
Should be : qt5-qtbase-common-5.9.7-5.el7_9

Remote package installed : qt5-qtbase-gui-5.9.7-4.el7
Should be : qt5-qtbase-gui-5.9.7-5.el7_9
143055 (1) - CentOS 7 : libvirt (CESA-2020:5040)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:5040 advisory.

- libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
6.7 (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
5.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-25637
XREF RHSA:2020:5040
XREF CWE:416
Plugin Information
Published: 2020/11/18, Modified: 2020/11/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : libvirt-bash-completion-4.5.0-36.el7
Should be : libvirt-bash-completion-4.5.0-36.el7_9.3

Remote package installed : libvirt-client-4.5.0-36.el7
Should be : libvirt-client-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-4.5.0-36.el7
Should be : libvirt-daemon-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-config-network-4.5.0-36.el7
Should be : libvirt-daemon-config-network-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-interface-4.5.0-36.el7
Should be : libvirt-daemon-driver-interface-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-network-4.5.0-36.el7
Should be : libvirt-daemon-driver-network-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-nodedev-4.5.0-36.el7
Should be : libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-nwfilter-4.5.0-36.el7
Should be : libvirt-daemon-driver-nwfilter-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-qemu-4.5.0-36.el7
Should be : libvirt-daemon-driver-qemu-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-secret-4.5.0-36.el7
Should be : libvirt-daemon-driver-secret-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-storage-4.5.0-36.el7
Should be : libvirt-daemon-driver-storage-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-storage-core-4.5.0-36.el7
Should be : libvirt-daemon-driver-storage-core-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-storage-disk-4.5.0-36.el7
Should be : libvirt-daemon-driver-storage-disk-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-storage-gluster-4.5.0-36.el7
Should be : libvirt-daemon-driver-storage-gluster-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7
Should be : libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-storage-logical-4.5.0-36.el7
Should be : libvirt-daemon-driver-storage-logical-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-storage-mpath-4.5.0-36.el7
Should be : libvirt-daemon-driver-storage-mpath-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-storage-rbd-4.5.0-36.el7
Should be : libvirt-daemon-driver-storage-rbd-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-driver-storage-scsi-4.5.0-36.el7
Should be : libvirt-daemon-driver-storage-scsi-4.5.0-36.el7_9.3

Remote package installed : libvirt-daemon-kvm-4.5.0-36.el7
Should be : libvirt-daemon-kvm-4.5.0-36.el7_9.3

Remote package installed : libvirt-libs-4.5.0-36.el7
Should be : libvirt-libs-4.5.0-36.el7_9.3
143056 (1) - CentOS 7 : tomcat (CESA-2020:5020)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:5020 advisory.

- tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling (CVE-2020-1935)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
4.8 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVSS v3.0 Temporal Score
4.2 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS v2.0 Temporal Score
4.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-1935
XREF RHSA:2020:5020
XREF CWE:444
Plugin Information
Published: 2020/11/18, Modified: 2020/11/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : tomcat-servlet-3.0-api-7.0.76-15.el7
Should be : tomcat-servlet-3.0-api-7.0.76-16.el7_9
143113 (1) - CentOS 7 : microcode_ctl (CESA-2020:5083)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:5083 advisory.

- hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)

- hw: Vector Register Leakage-Active (CVE-2020-8696)

- hw: Fast forward store predictor (CVE-2020-8698)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected microcode_ctl package.
Risk Factor
Low
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
4.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
2.1 (CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N)
CVSS v2.0 Temporal Score
1.6 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-8695
CVE CVE-2020-8696
CVE CVE-2020-8698
XREF RHSA:2020:5083
XREF CWE:200
XREF CWE:212
Plugin Information
Published: 2020/11/19, Modified: 2020/12/01
Plugin Output

ipaddr (tcp/0)


Remote package installed : microcode_ctl-2.1-73.el7
Should be : microcode_ctl-2.1-73.2.el7_9
144971 (1) - CentOS 7 : openssl (CESA-2020:5566)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:5566 advisory.

- openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
5.2 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.2 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-1971
XREF RHSA:2020:5566
XREF CEA-ID:CEA-2021-0025
XREF CEA-ID:CEA-2021-0004
XREF CWE:476
Plugin Information
Published: 2021/01/14, Modified: 2022/12/07
Plugin Output

ipaddr (tcp/0)


Remote package installed : openssl-1.0.2k-19.el7
Should be : openssl-1.0.2k-21.el7_9

Remote package installed : openssl-libs-1.0.2k-19.el7
Should be : openssl-libs-1.0.2k-21.el7_9
144973 (1) - CentOS 7 : samba (CESA-2020:5439)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5439 advisory.

- samba: Missing handle permissions check in SMB1/2/3 ChangeNotify (CVE-2020-14318)

- samba: Unprivileged user can crash winbind (CVE-2020-14323)

- samba: Netlogon elevation of privilege vulnerability (Zerologon) (CVE-2020-1472)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.3 (CVSS:3.0/E:H/RL:O/RC:C)
CVSS v2.0 Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
8.1 (CVSS2#E:H/RL:OF/RC:C)
References
CVE CVE-2020-1472
CVE CVE-2020-14318
CVE CVE-2020-14323
XREF RHSA:2020:5439
XREF CISA-KNOWN-EXPLOITED:2020/09/21
XREF CISA-NCAS:AA22-011A
XREF CEA-ID:CEA-2021-0025
XREF CEA-ID:CEA-2021-0008
XREF CEA-ID:CEA-2020-0129
XREF CEA-ID:CEA-2020-0121
XREF CEA-ID:CEA-2020-0101
XREF CEA-ID:CEA-2023-0016
XREF CWE:170
XREF CWE:266
XREF CWE:287
Plugin Information
Published: 2021/01/14, Modified: 2024/01/30
Plugin Output

ipaddr (tcp/0)


Remote package installed : libsmbclient-4.10.16-5.el7
Should be : libsmbclient-4.10.16-9.el7_9

Remote package installed : libwbclient-4.10.16-5.el7
Should be : libwbclient-4.10.16-9.el7_9

Remote package installed : samba-4.10.16-5.el7
Should be : samba-4.10.16-9.el7_9

Remote package installed : samba-client-4.10.16-5.el7
Should be : samba-client-4.10.16-9.el7_9

Remote package installed : samba-client-libs-4.10.16-5.el7
Should be : samba-client-libs-4.10.16-9.el7_9

Remote package installed : samba-common-4.10.16-5.el7
Should be : samba-common-4.10.16-9.el7_9

Remote package installed : samba-common-libs-4.10.16-5.el7
Should be : samba-common-libs-4.10.16-9.el7_9

Remote package installed : samba-common-tools-4.10.16-5.el7
Should be : samba-common-tools-4.10.16-9.el7_9

Remote package installed : samba-libs-4.10.16-5.el7
Should be : samba-libs-4.10.16-9.el7_9
146098 (1) - CentOS 7 : qemu-kvm (CESA-2021:0347)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:0347 advisory.

- QEMU: loader: OOB access while loading registered ROM may lead to code execution (CVE-2020-13765)

- QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.6 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVSS v3.0 Temporal Score
4.9 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-13765
CVE CVE-2020-16092
XREF RHSA:2021:0347
XREF CWE:617
XREF CWE:787
Plugin Information
Published: 2021/02/03, Modified: 2021/02/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : qemu-img-1.5.3-175.el7
Should be : qemu-img-1.5.3-175.el7_9.3

Remote package installed : qemu-kvm-1.5.3-175.el7
Should be : qemu-kvm-1.5.3-175.el7_9.3

Remote package installed : qemu-kvm-common-1.5.3-175.el7
Should be : qemu-kvm-common-1.5.3-175.el7_9.3
149206 (1) - CentOS 7 : java-1.8.0-openjdk (CESA-2021:1298)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1298 advisory.

- OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906) (CVE-2021-2163)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Low
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N)
CVSS v3.0 Temporal Score
4.9 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
2.6 (CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N)
CVSS v2.0 Temporal Score
2.1 (CVSS2#E:F/RL:OF/RC:C)
References
CVE CVE-2021-2163
XREF RHSA:2021:1298
XREF CEA-ID:CEA-2021-0025
XREF CWE:327
Plugin Information
Published: 2021/04/30, Modified: 2024/01/02
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9
150767 (1) - CentOS 7 : samba (CESA-2021:2313)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2313 advisory.

- samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token (CVE-2021-20254)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.8 (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N)
CVSS v3.0 Temporal Score
5.9 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.9 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N)
CVSS v2.0 Temporal Score
3.6 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-20254
XREF IAVA:2021-A-0208-S
XREF RHSA:2021:2313
XREF CWE:125
Plugin Information
Published: 2021/06/14, Modified: 2022/01/26
Plugin Output

ipaddr (tcp/0)


Remote package installed : libsmbclient-4.10.16-5.el7
Should be : libsmbclient-4.10.16-15.el7_9

Remote package installed : libwbclient-4.10.16-5.el7
Should be : libwbclient-4.10.16-15.el7_9

Remote package installed : samba-4.10.16-5.el7
Should be : samba-4.10.16-15.el7_9

Remote package installed : samba-client-4.10.16-5.el7
Should be : samba-client-4.10.16-15.el7_9

Remote package installed : samba-client-libs-4.10.16-5.el7
Should be : samba-client-libs-4.10.16-15.el7_9

Remote package installed : samba-common-4.10.16-5.el7
Should be : samba-common-4.10.16-15.el7_9

Remote package installed : samba-common-libs-4.10.16-5.el7
Should be : samba-common-libs-4.10.16-15.el7_9

Remote package installed : samba-common-tools-4.10.16-5.el7
Should be : samba-common-tools-4.10.16-15.el7_9

Remote package installed : samba-libs-4.10.16-5.el7
Should be : samba-libs-4.10.16-15.el7_9
152973 (1) - CentOS 7 : bind (CESA-2021:3325)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:3325 advisory.

- bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly (CVE-2021-25214)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
5.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.0 (CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.0 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-25214
XREF IAVA:2021-A-0206-S
XREF RHSA:2021:3325
XREF CWE:617
Plugin Information
Published: 2021/09/02, Modified: 2021/11/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : bind-export-libs-9.11.4-26.P2.el7
Should be : bind-export-libs-9.11.4-26.P2.el7_9.7

Remote package installed : bind-libs-9.11.4-26.P2.el7
Should be : bind-libs-9.11.4-26.P2.el7_9.7

Remote package installed : bind-libs-lite-9.11.4-26.P2.el7
Should be : bind-libs-lite-9.11.4-26.P2.el7_9.7

Remote package installed : bind-license-9.11.4-26.P2.el7
Should be : bind-license-9.11.4-26.P2.el7_9.7

Remote package installed : bind-utils-9.11.4-26.P2.el7
Should be : bind-utils-9.11.4-26.P2.el7_9.7
155546 (1) - CentOS 7 : java-1.8.0-openjdk (CESA-2021:3889)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3889 advisory.

- OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210) (CVE-2021-35550)

- OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167) (CVE-2021-35556)

- OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580) (CVE-2021-35559)

- OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097) (CVE-2021-35561)

- OpenJDK: Certificates with end dates too far in the future can corrupt keystore (Keytool, 8266137) (CVE-2021-35564)

- OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967) (CVE-2021-35565)

- OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation (Libraries, 8266689) (CVE-2021-35567)

- OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729) (CVE-2021-35578)

- OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735) (CVE-2021-35586)

- OpenJDK: Incomplete validation of inner class references in ClassFileParser (Hotspot, 8268071) (CVE-2021-35588)

- OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618) (CVE-2021-35603)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
6.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.9 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
7.1 (CVSS2#AV:N/AC:M/Au:N/C:C/I:N/A:N)
CVSS v2.0 Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-35550
CVE CVE-2021-35556
CVE CVE-2021-35559
CVE CVE-2021-35561
CVE CVE-2021-35564
CVE CVE-2021-35565
CVE CVE-2021-35567
CVE CVE-2021-35578
CVE CVE-2021-35586
CVE CVE-2021-35588
CVE CVE-2021-35603
XREF IAVA:2021-A-0481-S
XREF RHSA:2021:3889
XREF CWE:20
XREF CWE:203
XREF CWE:327
XREF CWE:476
XREF CWE:770
XREF CWE:835
XREF CWE:863
Plugin Information
Published: 2021/11/17, Modified: 2022/05/06
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9
155821 (1) - CentOS 7 : krb5 (CESA-2021:4788)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4788 advisory.

- krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field (CVE-2021-37750)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
5.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.0 (CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVSS v2.0 Temporal Score
3.0 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-37750
XREF IAVB:2021-B-0054-S
XREF RHSA:2021:4788
XREF CWE:476
Plugin Information
Published: 2021/12/03, Modified: 2022/07/04
Plugin Output

ipaddr (tcp/0)


Remote package installed : krb5-libs-1.15.1-50.el7
Should be : krb5-libs-1.15.1-51.el7_9

Remote package installed : krb5-workstation-1.15.1-50.el7
Should be : krb5-workstation-1.15.1-51.el7_9

Remote package installed : libkadm5-1.15.1-50.el7
Should be : libkadm5-1.15.1-51.el7_9
156820 (1) - CentOS 7 : kernel (CESA-2022:0063)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:0063 advisory.

- kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)

- kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations (CVE-2020-36322)

- kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.7 (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
5.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS v2.0 Temporal Score
3.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-25704
CVE CVE-2020-36322
CVE CVE-2021-42739
XREF RHSA:2022:0063
XREF CWE:119
XREF CWE:400
XREF CWE:459
Plugin Information
Published: 2022/01/19, Modified: 2022/01/19
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.53.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.53.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.53.1.el7

Remote package installed : kernel-headers-3.10.0-1160.el7
Should be : kernel-headers-3.10.0-1160.53.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.53.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.53.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.53.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.53.1.el7
170860 (1) - CentOS 7 : bind (RHSA-2023:0402)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0402 advisory.

- BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->
9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.
The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)

- By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
(CVE-2022-2795)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.8 (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N)
CVSS v3.0 Temporal Score
5.9 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.0 (CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N)
CVSS v2.0 Temporal Score
3.0 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2021-25220
CVE CVE-2022-2795
XREF IAVA:2022-A-0387-S
XREF IAVA:2022-A-0122-S
XREF RHSA:2023:0402
XREF CWE:20
XREF CWE:400
XREF CWE:444
Plugin Information
Published: 2023/01/30, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : bind-export-libs-9.11.4-26.P2.el7
Should be : bind-export-libs-9.11.4-26.P2.el7_9.13

Remote package installed : bind-libs-9.11.4-26.P2.el7
Should be : bind-libs-9.11.4-26.P2.el7_9.13

Remote package installed : bind-libs-lite-9.11.4-26.P2.el7
Should be : bind-libs-lite-9.11.4-26.P2.el7_9.13

Remote package installed : bind-license-9.11.4-26.P2.el7
Should be : bind-license-9.11.4-26.P2.el7_9.13

Remote package installed : bind-utils-9.11.4-26.P2.el7
Should be : bind-utils-9.11.4-26.P2.el7_9.13
170862 (1) - CentOS 7 : java-1.8.0-openjdk (RHSA-2023:0203)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0203 advisory.

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf;
Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data.
Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). (CVE-2023-21830)

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). (CVE-2023-21843)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS v3.0 Temporal Score
4.6 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-21830
CVE CVE-2023-21843
XREF RHSA:2023:0203
XREF CWE:502
XREF CWE:646
Plugin Information
Published: 2023/01/30, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9
178965 (1) - CentOS 7 : apr-util (RHSA-2023:3145)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3145 advisory.

- Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions. (CVE-2022-25147)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)
CVSS v3.0 Temporal Score
5.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P)
CVSS v2.0 Temporal Score
4.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-25147
XREF RHSA:2023:3145
XREF CWE:190
Plugin Information
Published: 2023/07/28, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : apr-util-1.5.2-6.el7
Should be : apr-util-1.5.2-6.el7_9.1
187220 (1) - CentOS 7 : python3 (RHSA-2023:6823)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6823 advisory.

- An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as not connected and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.) (CVE-2023-40217)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVSS v3.0 Temporal Score
4.6 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-40217
XREF IAVA:2023-A-0442
XREF RHSA:2023:6823
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : python3-3.6.8-17.el7
Should be : python3-3.6.8-21.el7_9

Remote package installed : python3-libs-3.6.8-17.el7
Should be : python3-libs-3.6.8-21.el7_9
187239 (1) - CentOS 7 : python (RHSA-2023:6885)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6885 advisory.

- An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as not connected and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.) (CVE-2023-40217)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVSS v3.0 Temporal Score
4.6 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2023-40217
XREF IAVA:2023-A-0442
XREF RHSA:2023:6885
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : python-2.7.5-89.el7
Should be : python-2.7.5-94.el7_9

Remote package installed : python-libs-2.7.5-89.el7
Should be : python-libs-2.7.5-94.el7_9
187242 (1) - CentOS 7 : cups (RHSA-2023:4766)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4766 advisory.

- An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents. (CVE-2023-32360)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
4.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.6 (CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N)
CVSS v2.0 Temporal Score
3.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-32360
XREF RHSA:2023:4766
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : cups-1.6.3-51.el7
Should be : cups-1.6.3-52.el7_9

Remote package installed : cups-client-1.6.3-51.el7
Should be : cups-client-1.6.3-52.el7_9

Remote package installed : cups-filesystem-1.6.3-51.el7
Should be : cups-filesystem-1.6.3-52.el7_9

Remote package installed : cups-libs-1.6.3-51.el7
Should be : cups-libs-1.6.3-52.el7_9
187245 (1) - CentOS 7 : kernel (RHSA-2023:1987)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1987 advisory.

- drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.7 (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
5.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.5 (CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C)
CVSS v2.0 Temporal Score
4.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2022-43750
XREF RHSA:2023:1987
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : bpftool-3.10.0-1160.el7
Should be : bpftool-3.10.0-1160.90.1.el7

Remote package installed : kernel-3.10.0-1160.el7
Should be : kernel-3.10.0-1160.90.1.el7

Remote package installed : kernel-devel-3.10.0-1160.el7
Should be : kernel-devel-3.10.0-1160.90.1.el7

Remote package installed : kernel-tools-3.10.0-1160.el7
Should be : kernel-tools-3.10.0-1160.90.1.el7

Remote package installed : kernel-tools-libs-3.10.0-1160.el7
Should be : kernel-tools-libs-3.10.0-1160.90.1.el7

Remote package installed : perf-3.10.0-1160.el7
Should be : perf-3.10.0-1160.90.1.el7

Remote package installed : python-perf-3.10.0-1160.el7
Should be : python-perf-3.10.0-1160.90.1.el7
187251 (1) - CentOS 7 : linux-firmware (RHSA-2023:7513)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7513 advisory.

- A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. (CVE-2023-20569)

- An issue in Zen 2 CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. (CVE-2023-20593)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
4.6 (CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N)
CVSS v2.0 Temporal Score
3.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2023-20569
CVE CVE-2023-20593
XREF RHSA:2023:7513
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : iwl100-firmware-39.31.5.1-79.el7
Should be : iwl100-firmware-39.31.5.1-81.el7_9

Remote package installed : iwl1000-firmware-39.31.5.1-79.el7
Should be : iwl1000-firmware-39.31.5.1-81.el7_9

Remote package installed : iwl105-firmware-18.168.6.1-79.el7
Should be : iwl105-firmware-18.168.6.1-81.el7_9

Remote package installed : iwl135-firmware-18.168.6.1-79.el7
Should be : iwl135-firmware-18.168.6.1-81.el7_9

Remote package installed : iwl2000-firmware-18.168.6.1-79.el7
Should be : iwl2000-firmware-18.168.6.1-81.el7_9

Remote package installed : iwl2030-firmware-18.168.6.1-79.el7
Should be : iwl2030-firmware-18.168.6.1-81.el7_9

Remote package installed : iwl3160-firmware-25.30.13.0-79.el7
Should be : iwl3160-firmware-25.30.13.0-81.el7_9

Remote package installed : iwl3945-firmware-15.32.2.9-79.el7
Should be : iwl3945-firmware-15.32.2.9-81.el7_9

Remote package installed : iwl4965-firmware-228.61.2.24-79.el7
Should be : iwl4965-firmware-228.61.2.24-81.el7_9

Remote package installed : iwl5000-firmware-8.83.5.1_1-79.el7
Should be : iwl5000-firmware-8.83.5.1_1-81.el7_9

Remote package installed : iwl5150-firmware-8.24.2.2-79.el7
Should be : iwl5150-firmware-8.24.2.2-81.el7_9

Remote package installed : iwl6000-firmware-9.221.4.1-79.el7
Should be : iwl6000-firmware-9.221.4.1-81.el7_9

Remote package installed : iwl6000g2a-firmware-18.168.6.1-79.el7
Should be : iwl6000g2a-firmware-18.168.6.1-81.el7_9

Remote package installed : iwl6000g2b-firmware-18.168.6.1-79.el7
Should be : iwl6000g2b-firmware-18.168.6.1-81.el7_9

Remote package installed : iwl6050-firmware-41.28.5.1-79.el7
Should be : iwl6050-firmware-41.28.5.1-81.el7_9

Remote package installed : iwl7260-firmware-25.30.13.0-79.el7
Should be : iwl7260-firmware-25.30.13.0-81.el7_9

Remote package installed : linux-firmware-20200421-79.git78c0348.el7
Should be : linux-firmware-20200421-81.git78c0348.el7_9
187254 (1) - CentOS 7 : java-1.8.0-openjdk (RHSA-2023:5761)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5761 advisory.

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.
Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. (CVE-2023-22067)

- Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition:
20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.
Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note:
This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). (CVE-2023-22081)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS v3.0 Temporal Score
4.6 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS v2.0 Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-22067
CVE CVE-2023-22081
XREF RHSA:2023:5761
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.392.b08-2.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.392.b08-2.el7_9
187315 (1) - SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)
-
Synopsis
The remote SSH server is vulnerable to a mitm prefix truncation attack.
Description
The remote SSH server is vulnerable to a man-in-the-middle prefix truncation weakness known as Terrapin. This can allow a remote, man-in-the-middle attacker to bypass integrity checks and downgrade the connection's security.

Note that this plugin only checks for remote SSH servers that support either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC and do not support the strict key exchange countermeasures. It does not check for vulnerable software versions.
See Also
Solution
Contact the vendor for an update with the strict key exchange countermeasures or disable the affected algorithms.
Risk Factor
Medium
CVSS v3.0 Base Score
5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVSS v3.0 Temporal Score
5.3 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS v2.0 Base Score
5.4 (CVSS2#AV:N/AC:H/Au:N/C:N/I:C/A:N)
CVSS v2.0 Temporal Score
4.2 (CVSS2#E:POC/RL:OF/RC:C)
References
Plugin Information
Published: 2023/12/27, Modified: 2024/01/29
Plugin Output

ipaddr (tcp/22/ssh)

Supports following ChaCha20-Poly1305 Client to Server algorithm : chacha20-poly1305@openssh.com
Supports following CBC Client to Server algorithm : aes192-cbc
Supports following CBC Client to Server algorithm : aes256-cbc
Supports following CBC Client to Server algorithm : blowfish-cbc
Supports following CBC Client to Server algorithm : cast128-cbc
Supports following CBC Client to Server algorithm : 3des-cbc
Supports following CBC Client to Server algorithm : aes128-cbc
Supports following Encrypt-then-MAC Client to Server algorithm : umac-64-etm@openssh.com
Supports following Encrypt-then-MAC Client to Server algorithm : umac-128-etm@openssh.com
Supports following Encrypt-then-MAC Client to Server algorithm : hmac-sha2-256-etm@openssh.com
Supports following Encrypt-then-MAC Client to Server algorithm : hmac-sha2-512-etm@openssh.com
Supports following Encrypt-then-MAC Client to Server algorithm : hmac-sha1-etm@openssh.com
Supports following ChaCha20-Poly1305 Server to Client algorithm : chacha20-poly1305@openssh.com
Supports following CBC Server to Client algorithm : aes192-cbc
Supports following CBC Server to Client algorithm : aes256-cbc
Supports following CBC Server to Client algorithm : blowfish-cbc
Supports following CBC Server to Client algorithm : cast128-cbc
Supports following CBC Server to Client algorithm : 3des-cbc
Supports following CBC Server to Client algorithm : aes128-cbc
Supports following Encrypt-then-MAC Server to Client algorithm : umac-64-etm@openssh.com
Supports following Encrypt-then-MAC Server to Client algorithm : umac-128-etm@openssh.com
Supports following Encrypt-then-MAC Server to Client algorithm : hmac-sha2-256-etm@openssh.com
Supports following Encrypt-then-MAC Server to Client algorithm : hmac-sha2-512-etm@openssh.com
Supports following Encrypt-then-MAC Server to Client algorithm : hmac-sha1-etm@openssh.com
190366 (1) - CentOS 7 : linux-firmware (RHSA-2024:0753)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0753 advisory.

- Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity. (CVE-2023-20592)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)
CVSS v3.0 Temporal Score
5.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
6.8 (CVSS2#AV:N/AC:L/Au:S/C:N/I:C/A:N)
CVSS v2.0 Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-20592
XREF RHSA:2024:0753
Plugin Information
Published: 2024/02/09, Modified: 2024/02/09
Plugin Output

ipaddr (tcp/0)


Remote package installed : iwl100-firmware-39.31.5.1-79.el7
Should be : iwl100-firmware-39.31.5.1-82.el7

Remote package installed : iwl1000-firmware-39.31.5.1-79.el7
Should be : iwl1000-firmware-39.31.5.1-82.el7

Remote package installed : iwl105-firmware-18.168.6.1-79.el7
Should be : iwl105-firmware-18.168.6.1-82.el6

Remote package installed : iwl135-firmware-18.168.6.1-79.el7
Should be : iwl135-firmware-18.168.6.1-82.el6

Remote package installed : iwl2000-firmware-18.168.6.1-79.el7
Should be : iwl2000-firmware-18.168.6.1-82.el6

Remote package installed : iwl2030-firmware-18.168.6.1-79.el7
Should be : iwl2030-firmware-18.168.6.1-82.el6

Remote package installed : iwl3160-firmware-25.30.13.0-79.el7
Should be : iwl3160-firmware-25.30.13.0-82.el6

Remote package installed : iwl3945-firmware-15.32.2.9-79.el7
Should be : iwl3945-firmware-15.32.2.9-82.el6

Remote package installed : iwl4965-firmware-228.61.2.24-79.el7
Should be : iwl4965-firmware-228.61.2.24-82.el6

Remote package installed : iwl5000-firmware-8.83.5.1_1-79.el7
Should be : iwl5000-firmware-8.83.5.1_1-82.el7

Remote package installed : iwl5150-firmware-8.24.2.2-79.el7
Should be : iwl5150-firmware-8.24.2.2-82.el6

Remote package installed : iwl6000-firmware-9.221.4.1-79.el7
Should be : iwl6000-firmware-9.221.4.1-82.el6

Remote package installed : iwl6000g2a-firmware-18.168.6.1-79.el7
Should be : iwl6000g2a-firmware-18.168.6.1-82.el6

Remote package installed : iwl6000g2b-firmware-18.168.6.1-79.el7
Should be : iwl6000g2b-firmware-18.168.6.1-82.el6

Remote package installed : iwl6050-firmware-41.28.5.1-79.el7
Should be : iwl6050-firmware-41.28.5.1-82.el6

Remote package installed : iwl7260-firmware-25.30.13.0-79.el7
Should be : iwl7260-firmware-25.30.13.0-82.el6
83875 (8) - SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)
-
Synopsis
The remote host allows SSL/TLS connections with one or more Diffie-Hellman moduli less than or equal to 1024 bits.
Description
The remote host allows SSL/TLS connections with one or more Diffie-Hellman moduli less than or equal to 1024 bits. Through cryptanalysis, a third party may be able to find the shared secret in a short amount of time (depending on modulus size and attacker resources). This may allow an attacker to recover the plaintext or potentially violate the integrity of connections.
See Also
Solution
Reconfigure the service to use a unique Diffie-Hellman moduli of 2048 bits or greater.
Risk Factor
Low
CVSS v3.0 Base Score
3.7 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS v3.0 Temporal Score
3.2 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
2.6 (CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N)
CVSS v2.0 Temporal Score
1.9 (CVSS2#E:U/RL:OF/RC:C)
References
BID 74733
CVE CVE-2015-4000
XREF CEA-ID:CEA-2021-0004
Plugin Information
Published: 2015/05/28, Modified: 2022/12/05
Plugin Output

ipaddr (tcp/3820/giop)


Vulnerable connection combinations :

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

ipaddr (tcp/3920)


Vulnerable connection combinations :

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

ipaddr (tcp/4848/www)


Vulnerable connection combinations :

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

ipaddr (tcp/8181/www)


Vulnerable connection combinations :

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

ipaddr (tcp/8686)


Vulnerable connection combinations :

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

ipaddr (tcp/24848/www)


Vulnerable connection combinations :

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

ipaddr (tcp/28181/www)


Vulnerable connection combinations :

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

ipaddr (tcp/28686)


Vulnerable connection combinations :

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)
33851 (1) - Network daemons not managed by the package system
-
Synopsis
Some daemon processes on the remote host are associated with programs that have been installed manually.
Description
Some daemon processes on the remote host are associated with programs that have been installed manually.

System administration best practice dictates that an operating system's native package management tools be used to manage software installation, updates, and removal whenever possible.
Solution
Use packages supplied by the operating system vendor whenever possible.

And make sure that manual software installation agrees with your organization's acceptable use and security policies.
Risk Factor
None
Plugin Information
Published: 2008/08/08, Modified: 2024/03/06
Plugin Output

ipaddr (tcp/0)


The following running daemons are not managed by RPM :

/usr/local/newscp/mac/McnMon/bin/McnMon
/usr/local/newscp/mac/StartMon/bin/StartMon
70658 (1) - SSH Server CBC Mode Ciphers Enabled
-
Synopsis
The SSH server is configured to use Cipher Block Chaining.
Description
The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext.

Note that this plugin only checks for the options of the SSH server and does not check for vulnerable software versions.
Solution
Contact the vendor or consult product documentation to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption.
Risk Factor
Low
CVSS v3.0 Base Score
3.7 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVSS v2.0 Base Score
2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVSS v2.0 Temporal Score
1.9 (CVSS2#E:U/RL:OF/RC:C)
References
BID 32319
CVE CVE-2008-5161
XREF CERT:958563
XREF CWE:200
Plugin Information
Published: 2013/10/28, Modified: 2023/10/27
Plugin Output

ipaddr (tcp/22/ssh)


The following client-to-server Cipher Block Chaining (CBC) algorithms
are supported :

3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
blowfish-cbc
cast128-cbc

The following server-to-client Cipher Block Chaining (CBC) algorithms
are supported :

3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
blowfish-cbc
cast128-cbc
145439 (1) - CentOS 7 : dnsmasq (CESA-2021:0153)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:0153 advisory.

- dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)

- dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)

- dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected dnsmasq and / or dnsmasq-utils packages.
Risk Factor
Medium
CVSS v3.0 Base Score
3.7 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS v3.0 Temporal Score
3.2 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS v2.0 Temporal Score
3.2 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-25684
CVE CVE-2020-25685
CVE CVE-2020-25686
XREF RHSA:2021:0153
XREF CEA-ID:CEA-2021-0003
XREF CWE:358
Plugin Information
Published: 2021/01/26, Modified: 2022/12/05
Plugin Output

ipaddr (tcp/0)


Remote package installed : dnsmasq-2.76-16.el7
Should be : dnsmasq-2.76-16.el7_9.1
150769 (1) - CentOS 7 : qemu-kvm (CESA-2021:2322)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2322 advisory.

- QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Low
CVSS v3.0 Base Score
3.9 (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L)
CVSS v3.0 Temporal Score
3.4 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
3.3 (CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P)
CVSS v2.0 Temporal Score
2.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2020-29443
XREF RHSA:2021:2322
XREF CWE:125
Plugin Information
Published: 2021/06/14, Modified: 2021/06/14
Plugin Output

ipaddr (tcp/0)


Remote package installed : qemu-img-1.5.3-175.el7
Should be : qemu-img-1.5.3-175.el7_9.4

Remote package installed : qemu-kvm-1.5.3-175.el7
Should be : qemu-kvm-1.5.3-175.el7_9.4

Remote package installed : qemu-kvm-common-1.5.3-175.el7
Should be : qemu-kvm-common-1.5.3-175.el7_9.4
153953 (1) - SSH Weak Key Exchange Algorithms Enabled
-
Synopsis
The remote SSH server is configured to allow weak key exchange algorithms.
Description
The remote SSH server is configured to allow key exchange algorithms which are considered weak.

This is based on the IETF draft document Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH) RFC9142. Section 4 lists guidance on key exchange algorithms that SHOULD NOT and MUST NOT be enabled. This includes:

diffie-hellman-group-exchange-sha1

diffie-hellman-group1-sha1

gss-gex-sha1-*

gss-group1-sha1-*

gss-group14-sha1-*

rsa1024-sha1

Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software versions.
See Also
Solution
Contact the vendor or consult product documentation to disable the weak algorithms.
Risk Factor
Low
CVSS v3.0 Base Score
3.7 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVSS v2.0 Base Score
2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
Plugin Information
Published: 2021/10/13, Modified: 2024/03/22
Plugin Output

ipaddr (tcp/22/ssh)


The following weak key exchange algorithms are enabled :

diffie-hellman-group-exchange-sha1
diffie-hellman-group1-sha1
166552 (1) - CentOS 7 : java-1.8.0-openjdk (CESA-2022:7002)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7002 advisory.

- OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619)

- OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624)

- OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626)

- OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Low
CVSS v3.0 Base Score
3.7 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS v3.0 Temporal Score
3.5 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
2.6 (CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N)
CVSS v2.0 Temporal Score
2.1 (CVSS2#E:F/RL:OF/RC:C)
References
CVE CVE-2022-21619
CVE CVE-2022-21624
CVE CVE-2022-21626
CVE CVE-2022-21628
XREF RHSA:2022:7002
XREF CWE:192
XREF CWE:330
XREF CWE:400
XREF CWE:770
Plugin Information
Published: 2022/10/26, Modified: 2023/10/06
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9
178969 (1) - CentOS 7 : open-vm-tools (RHSA-2023:3944)
-
Synopsis
The remote CentOS Linux host is missing a security update.
Description
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3944 advisory.

- A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. (CVE-2023-20867)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Low
CVSS v3.0 Base Score
3.9 (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N)
CVSS v3.0 Temporal Score
3.6 (CVSS:3.0/E:F/RL:O/RC:C)
CVSS v2.0 Base Score
2.3 (CVSS2#AV:L/AC:H/Au:M/C:P/I:P/A:N)
CVSS v2.0 Temporal Score
1.9 (CVSS2#E:F/RL:OF/RC:C)
References
CVE CVE-2023-20867
XREF CISA-KNOWN-EXPLOITED:2023/07/14
XREF RHSA:2023:3944
XREF CWE:287
Plugin Information
Published: 2023/07/28, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : open-vm-tools-11.0.5-3.el7
Should be : open-vm-tools-11.0.5-3.el7_9.6

Remote package installed : open-vm-tools-desktop-11.0.5-3.el7
Should be : open-vm-tools-desktop-11.0.5-3.el7_9.6
187268 (1) - CentOS 7 : java-1.8.0-openjdk (RHSA-2023:4166)
-
Synopsis
The remote CentOS Linux host is missing one or more security updates.
Description
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4166 advisory.

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. (CVE-2023-22045)

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. (CVE-2023-22049)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
See Also
Solution
Update the affected packages.
Risk Factor
Low
CVSS v3.0 Base Score
3.7 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS v3.0 Temporal Score
3.2 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS v2.0 Base Score
2.6 (CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N)
CVSS v2.0 Temporal Score
1.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2023-22045
CVE CVE-2023-22049
XREF RHSA:2023:4166
Plugin Information
Published: 2023/12/22, Modified: 2023/12/22
Plugin Output

ipaddr (tcp/0)


Remote package installed : java-1.8.0-openjdk-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-1.8.0.382.b05-1.el7_9

Remote package installed : java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7
Should be : java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el7_9
14272 (50) - Netstat Portscanner (SSH)
-
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.

See the section 'plugins options' about configuring this plugin.

Note: If the scan policy has WMI Netstat enabled, this plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2004/08/15, Modified: 2024/03/29
Plugin Output

ipaddr (tcp/22/ssh)

Port 22/tcp was found to be open

ipaddr (tcp/111/rpc-portmapper)

Port 111/tcp was found to be open

ipaddr (udp/111/rpc-portmapper)

Port 111/udp was found to be open

ipaddr (udp/123)

Port 123/udp was found to be open

ipaddr (tcp/139/smb)

Port 139/tcp was found to be open

ipaddr (tcp/443/www)

Port 443/tcp was found to be open

ipaddr (tcp/445/cifs)

Port 445/tcp was found to be open

ipaddr (udp/854)

Port 854/udp was found to be open

ipaddr (tcp/3700/giop)

Port 3700/tcp was found to be open

ipaddr (tcp/3820/giop)

Port 3820/tcp was found to be open

ipaddr (tcp/3920)

Port 3920/tcp was found to be open

ipaddr (tcp/4848/www)

Port 4848/tcp was found to be open

ipaddr (tcp/5432/postgresql)

Port 5432/tcp was found to be open

ipaddr (tcp/7676/ftp)

Port 7676/tcp was found to be open

ipaddr (tcp/7776)

Port 7776/tcp was found to be open

ipaddr (tcp/8080/www)

Port 8080/tcp was found to be open

ipaddr (tcp/8081)

Port 8081/tcp was found to be open

ipaddr (udp/8082)

Port 8082/udp was found to be open

ipaddr (tcp/8181/www)

Port 8181/tcp was found to be open

ipaddr (tcp/8686)

Port 8686/tcp was found to be open

ipaddr (tcp/9108)

Port 9108/tcp was found to be open

ipaddr (tcp/9168)

Port 9168/tcp was found to be open

ipaddr (udp/15161)

Port 15161/udp was found to be open

ipaddr (tcp/18081/www)

Port 18081/tcp was found to be open

ipaddr (tcp/24848/www)

Port 24848/tcp was found to be open

ipaddr (tcp/27676/ftp)

Port 27676/tcp was found to be open

ipaddr (tcp/27776)

Port 27776/tcp was found to be open

ipaddr (tcp/28080/www)

Port 28080/tcp was found to be open

ipaddr (tcp/28181/www)

Port 28181/tcp was found to be open

ipaddr (tcp/28686)

Port 28686/tcp was found to be open

ipaddr (tcp/29001)

Port 29001/tcp was found to be open

ipaddr (tcp/29002)

Port 29002/tcp was found to be open

ipaddr (tcp/29003/www)

Port 29003/tcp was found to be open

ipaddr (udp/29003)

Port 29003/udp was found to be open

ipaddr (tcp/29004)

Port 29004/tcp was found to be open

ipaddr (udp/29006)

Port 29006/udp was found to be open

ipaddr (tcp/29008)

Port 29008/tcp was found to be open

ipaddr (tcp/29031)

Port 29031/tcp was found to be open

ipaddr (tcp/29051)

Port 29051/tcp was found to be open

ipaddr (tcp/29071)

Port 29071/tcp was found to be open

ipaddr (tcp/33456)

Port 33456/tcp was found to be open

ipaddr (tcp/33845)

Port 33845/tcp was found to be open

ipaddr (tcp/35256)

Port 35256/tcp was found to be open

ipaddr (tcp/36171)

Port 36171/tcp was found to be open

ipaddr (tcp/37664)

Port 37664/tcp was found to be open

ipaddr (tcp/38478)

Port 38478/tcp was found to be open

ipaddr (tcp/42648)

Port 42648/tcp was found to be open

ipaddr (tcp/42898)

Port 42898/tcp was found to be open

ipaddr (tcp/51003)

Port 51003/tcp was found to be open

ipaddr (tcp/51004)

Port 51004/tcp was found to be open
25221 (36) - Remote listeners enumeration (Linux / AIX)
-
Synopsis
Using the supplied credentials, it was possible to identify the process listening on the remote port.
Description
By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.

Note that the method used by this plugin only works for hosts running Linux or AIX.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2007/05/16, Modified: 2023/11/27
Plugin Output

ipaddr (tcp/443/www)


Process ID : 7345
Executable : /usr/sbin/httpd
Command line : /usr/sbin/httpd -DFOREGROUND

ipaddr (tcp/3700/giop)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/3820/giop)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/3920)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/4848/www)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/7676/ftp)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/7776)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/8080/www)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/8081)


Process ID : 1956
Executable : /opt/McAfee/agent/bin/macmnsvc
Command line : /opt/McAfee/agent/bin/macmnsvc self_start

ipaddr (udp/8082)


Process ID : 1956
Executable : /opt/McAfee/agent/bin/macmnsvc
Command line : /opt/McAfee/agent/bin/macmnsvc self_start

ipaddr (tcp/8181/www)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/8686)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/9108)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/9168)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (udp/15161)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/18081/www)


Process ID : 21554
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : java -DENV_DIR=/var/opt/scs/sfcu/env -DEND_FILE_DIR=/var/opt/scs/sfcu/env/endfile -DMNUV_CODE=g010100000 -DSRH_TIME=20240321161303198 -jar /var/opt/scs/sfcu/jar/sfcu.jar execution_time=2024-03-22_16:13:03.222

ipaddr (tcp/24848/www)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/27676/ftp)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/27776)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/28080/www)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/28181/www)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/28686)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/29001)


Process ID : 19314
Executable : /opt/nec/clusterpro/bin/clprc
Command line : clprc

ipaddr (tcp/29002)


Process ID : 3734
Executable : /opt/nec/clusterpro/bin/clptrnsv
Command line : clptrnsv

ipaddr (tcp/29003/www)


Process ID : 4073
Executable : /opt/nec/clusterpro/webmgr/bin/clpwebmc
Command line : clpwebmc -start

ipaddr (udp/29003)


Process ID : 4159
Executable : /opt/nec/clusterpro/alert/bin/clpaltd
Command line : clpaltd

ipaddr (tcp/29004)


Process ID : 19200
Executable : /opt/nec/clusterpro/mirror/kernel26/bin/clpmdagent
Command line : clpmdagent

ipaddr (tcp/29008)


Process ID : 3933
Executable : /opt/nec/clusterpro/bin/clpibsv
Command line : clpibsv

ipaddr (tcp/33456)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/33845)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/35256)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/36171)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/37664)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/38478)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/42648)


Process ID : 5265
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

ipaddr (tcp/42898)


Process ID : 4191
Executable : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Command line : /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain
22964 (23) - Service Detection
-
Synopsis
The remote service could be identified.
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2007/08/19, Modified: 2024/03/26
Plugin Output

ipaddr (tcp/22/ssh)

An SSH server is running on this port.

ipaddr (tcp/443/www)

A TLSv1.2 server answered on this port.

ipaddr (tcp/443/www)

A web server is running on this port through TLSv1.2.

ipaddr (tcp/3700/giop)

A GIOP-enabled service is running on this port.

ipaddr (tcp/3820/giop)

A GIOP-enabled service is running on this port through TLSv1.

ipaddr (tcp/3820/giop)

A TLSv1 server answered on this port.

ipaddr (tcp/3920)

A TLSv1.2 server answered on this port.

ipaddr (tcp/4848/www)

A TLSv1 server answered on this port.

ipaddr (tcp/4848/www)

A web server is running on this port through TLSv1.

ipaddr (tcp/8080/www)

A web server is running on this port.

ipaddr (tcp/8181/www)

A TLSv1 server answered on this port.

ipaddr (tcp/8181/www)

A web server is running on this port through TLSv1.

ipaddr (tcp/8686)

A TLSv1 server answered on this port.

ipaddr (tcp/18081/www)

A web server is running on this port.

ipaddr (tcp/24848/www)

A TLSv1 server answered on this port.

ipaddr (tcp/24848/www)

A web server is running on this port through TLSv1.

ipaddr (tcp/28080/www)

A web server is running on this port.

ipaddr (tcp/28181/www)

A TLSv1 server answered on this port.

ipaddr (tcp/28181/www)

A web server is running on this port through TLSv1.

ipaddr (tcp/28686)

A TLSv1 server answered on this port.

ipaddr (tcp/29003/www)

A web server is running on this port.

ipaddr (tcp/29004)

The service closed the connection without sending any data.
It might be protected by some sort of TCP wrapper.

ipaddr (tcp/51004)

The service closed the connection without sending any data.
It might be protected by some sort of TCP wrapper.
10863 (9) - SSL Certificate Information
-
Synopsis
This plugin displays the SSL certificate.
Description
This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2008/05/19, Modified: 2021/02/03
Plugin Output

ipaddr (tcp/443/www)

Subject Name:

Country: JP
State/Province: HYOGO
Locality: Amagasaki
Organization: Melco
Organization Unit: EMW4
Common Name: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp
Email Address: emw4@melco.co.jp

Issuer Name:

Domain Component: jp
Domain Component: go
Domain Component: mods
Domain Component: gsdf
Domain Component: EMSOCCS
Domain Component: gcc
Common Name: gcc-AD-SERVER-1-CA

Serial Number: 00 E5 BE E1 12 AB 59 BC 00

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Jul 28 01:01:43 2023 GMT
Not Valid After: Dec 13 01:01:43 2050 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 D0 A7 F6 98 72 0B 9D 76 18 2E AA 6D D4 10 E1 3B BF 0B 35
CD DA 04 90 8B 1B 6A 3D 99 A8 5E 97 29 77 56 10 EC 38 22 5E
EB F9 B4 65 69 42 14 7A D0 99 66 47 13 BC 07 A6 71 3E 96 9F
82 29 72 68 7C E1 F7 94 80 BE E9 D5 F7 96 07 02 0D D3 30 AD
5D 47 3C D5 C2 C9 E6 5E 7C CC 7B 43 B2 4D F3 F8 24 7F B4 84
B4 97 B6 D4 38 21 B0 70 AA 21 5F 32 40 D9 DD 5F 4B 79 B3 23
51 16 32 B5 F5 CD D9 80 CF 13 CE 70 E1 E3 5E 96 E0 C9 10 3D
09 8B FE A2 6F 88 CF 82 1B C5 AF 49 D3 B1 60 F8 99 A8 B8 47
7C C9 62 A3 A9 9F BA ED 9E 88 5F C0 E9 9D 75 18 36 F2 29 54
F0 A7 51 D6 38 2A 5E 6B 67 5C FB 51 8F 11 68 7B 59 C6 06 24
99 BD 41 F7 BC 62 0E F4 53 36 3E 6E 9A 02 4D E6 9E D3 AB 92
71 51 DE FF 1D CF 57 9C E4 91 50 AF 56 B8 7F 6C D3 EE 8E 9E
BD 1F DA 15 07 79 3D 54 E0 25 0A 52 1A 47 C3 3B BB
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 5F 77 FA 62 A5 CD 48 CB FC 0B 2E CB 8A B9 29 4A 96 7D 84
6E 85 99 DA 08 D3 62 F6 6F 11 36 40 DA 3E 68 04 E8 16 28 A6
03 75 7A D2 2D 78 62 EA BE 2F D0 9B A7 C8 8C D6 4E B7 85 8D
99 1D 40 7D E4 53 63 93 25 DC 5C 77 EB 31 D2 C7 8F AB B1 3F
D2 02 C6 E3 46 BF DB B4 DC FD D5 03 CA F5 9A 77 16 BE 58 62
00 3C 31 9A 03 21 86 9E 4A FC F9 0C 5E 73 AF 9C 25 62 B9 A3
3A B8 5D AF BE C6 30 22 85 F0 22 50 D6 32 8D 28 AF 59 4F 6C
5E 13 73 04 28 0C F7 BF B3 05 A6 5D C6 14 8C FC 6D EF A6 8D
00 8D 16 A6 D2 8C 8A 99 38 95 C1 75 53 8A CA 5A 79 0E 99 85
18 A4 FB 42 A8 CE 2A 5D 8C 11 2D F8 B5 D5 C2 05 FC A5 64 FF
94 D5 7C 7C ED 98 93 45 D7 DC 46 95 5A 43 A3 57 9E E5 0D 27
9B 28 DD 81 DE F5 70 C2 69 33 53 75 88 CF 3E 55 05 69 50 B1
F2 DB 4E 69 95 ED B8 96 1D E1 5B 12 45 78 D4 EA E4

Extension: Subject Alternative Name (2.5.29.17)
Critical: 0
DNS: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp


Fingerprints :

SHA-256 Fingerprint: 8C E3 23 A7 37 5B 1F B9 CA CA C1 39 77 50 2C FC 98 7E 7B 00
90 40 C4 90 80 A3 A7 01 AE 22 27 32
SHA-1 Fingerprint: 7C C3 5D DE 1B A8 E6 D2 F6 C1 49 E6 C0 5F C9 BF 19 18 70 84
MD5 Fingerprint: C1 7A 16 E5 36 87 A8 D2 40 00 10 67 25 88 6D 4E


PEM certificate :

-----BEGIN CERTIFICATE-----
MIIEATCCAumgAwIBAgIJAOW+4RKrWbwAMA0GCSqGSIb3DQEBCwUAMIGfMRIwEAYKCZImiZPyLGQBGRYCanAxEjAQBgoJkiaJk/IsZAEZFgJnbzEUMBIGCgmSJomT8ixkARkWBG1vZHMxFDASBgoJkiaJk/IsZAEZFgRnc2RmMRcwFQYKCZImiZPyLGQBGRYHRU1TT0NDUzETMBEGCgmSJomT8ixkARkWA2djYzEbMBkGA1UEAxMSZ2NjLUFELVNFUlZFUi0xLUNBMCAXDTIzMDcyODAxMDE0M1oYDzIwNTAxMjEzMDEwMTQzWjCBpDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBUhZT0dPMRIwEAYDVQQHDAlBbWFnYXNha2kxDjAMBgNVBAoMBU1lbGNvMQ0wCwYDVQQLDARFTVc0MTEwLwYDVQQDDChjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMR8wHQYJKoZIhvcNAQkBFhBlbXc0QG1lbGNvLmNvLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kf2mHILnXYYLqpt1BDhO78LNc3aBJCLG2o9mahelyl3VhDsOCJe6/m0ZWlCFHrQmWZHE7wHpnE+lp+CKXJofOH3lIC+6dX3lgcCDdMwrV1HPNXCyeZefMx7Q7JN8/gkf7SEtJe21DghsHCqIV8yQNndX0t5syNRFjK19c3ZgM8TznDh416W4MkQPQmL/qJviM+CG8WvSdOxYPiZqLhHfMlio6mfuu2eiF/A6Z11GDbyKVTwp1HWOCpea2dc+1GPEWh7WcYGJJm9Qfe8Yg70UzY+bpoCTeae06uScVHe/x3PV5zkkVCvVrh/bNPujp69H9oVB3k9VOAlClIaR8M7uwIDAQABozcwNTAzBgNVHREELDAqgihjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMA0GCSqGSIb3DQEBCwUAA4IBAQBfd/pipc1Iy/wLLsuKuSlKln2EboWZ2gjTYvZvETZA2j5oBOgWKKYDdXrSLXhi6r4v0JunyIzWTreFjZkdQH3kU2OTJdxcd+sx0sePq7E/0gLG40a/27Tc/dUDyvWadxa+WGIAPDGaAyGGnkr8+Qxec6+cJWK5ozq4Xa++xjAihfAiUNYyjSivWU9sXhNzBCgM97+zBaZdxhSM/G3vpo0AjRam0oyKmTiVwXVTispaeQ6ZhRik+0KozipdjBEt+LXVwgX8pWT/lNV8fO2Yk0XX3EaVWkOjV57lDSebKN2B3vVwwmkzU3WIzz5VBWlQsfLbTmmV7biWHeFbEkV41Ork
-----END CERTIFICATE-----

ipaddr (tcp/3820/giop)

Subject Name:

Country: JP
State/Province: HYOGO
Locality: Amagasaki
Organization: Melco
Organization Unit: EMW4
Common Name: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp
Email Address: emw4@melco.co.jp

Issuer Name:

Domain Component: jp
Domain Component: go
Domain Component: mods
Domain Component: gsdf
Domain Component: EMSOCCS
Domain Component: gcc
Common Name: gcc-AD-SERVER-1-CA

Serial Number: 00 E5 BE E1 12 AB 59 BC 00

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Jul 28 01:01:43 2023 GMT
Not Valid After: Dec 13 01:01:43 2050 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 D0 A7 F6 98 72 0B 9D 76 18 2E AA 6D D4 10 E1 3B BF 0B 35
CD DA 04 90 8B 1B 6A 3D 99 A8 5E 97 29 77 56 10 EC 38 22 5E
EB F9 B4 65 69 42 14 7A D0 99 66 47 13 BC 07 A6 71 3E 96 9F
82 29 72 68 7C E1 F7 94 80 BE E9 D5 F7 96 07 02 0D D3 30 AD
5D 47 3C D5 C2 C9 E6 5E 7C CC 7B 43 B2 4D F3 F8 24 7F B4 84
B4 97 B6 D4 38 21 B0 70 AA 21 5F 32 40 D9 DD 5F 4B 79 B3 23
51 16 32 B5 F5 CD D9 80 CF 13 CE 70 E1 E3 5E 96 E0 C9 10 3D
09 8B FE A2 6F 88 CF 82 1B C5 AF 49 D3 B1 60 F8 99 A8 B8 47
7C C9 62 A3 A9 9F BA ED 9E 88 5F C0 E9 9D 75 18 36 F2 29 54
F0 A7 51 D6 38 2A 5E 6B 67 5C FB 51 8F 11 68 7B 59 C6 06 24
99 BD 41 F7 BC 62 0E F4 53 36 3E 6E 9A 02 4D E6 9E D3 AB 92
71 51 DE FF 1D CF 57 9C E4 91 50 AF 56 B8 7F 6C D3 EE 8E 9E
BD 1F DA 15 07 79 3D 54 E0 25 0A 52 1A 47 C3 3B BB
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 5F 77 FA 62 A5 CD 48 CB FC 0B 2E CB 8A B9 29 4A 96 7D 84
6E 85 99 DA 08 D3 62 F6 6F 11 36 40 DA 3E 68 04 E8 16 28 A6
03 75 7A D2 2D 78 62 EA BE 2F D0 9B A7 C8 8C D6 4E B7 85 8D
99 1D 40 7D E4 53 63 93 25 DC 5C 77 EB 31 D2 C7 8F AB B1 3F
D2 02 C6 E3 46 BF DB B4 DC FD D5 03 CA F5 9A 77 16 BE 58 62
00 3C 31 9A 03 21 86 9E 4A FC F9 0C 5E 73 AF 9C 25 62 B9 A3
3A B8 5D AF BE C6 30 22 85 F0 22 50 D6 32 8D 28 AF 59 4F 6C
5E 13 73 04 28 0C F7 BF B3 05 A6 5D C6 14 8C FC 6D EF A6 8D
00 8D 16 A6 D2 8C 8A 99 38 95 C1 75 53 8A CA 5A 79 0E 99 85
18 A4 FB 42 A8 CE 2A 5D 8C 11 2D F8 B5 D5 C2 05 FC A5 64 FF
94 D5 7C 7C ED 98 93 45 D7 DC 46 95 5A 43 A3 57 9E E5 0D 27
9B 28 DD 81 DE F5 70 C2 69 33 53 75 88 CF 3E 55 05 69 50 B1
F2 DB 4E 69 95 ED B8 96 1D E1 5B 12 45 78 D4 EA E4

Extension: Subject Alternative Name (2.5.29.17)
Critical: 0
DNS: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp


Fingerprints :

SHA-256 Fingerprint: 8C E3 23 A7 37 5B 1F B9 CA CA C1 39 77 50 2C FC 98 7E 7B 00
90 40 C4 90 80 A3 A7 01 AE 22 27 32
SHA-1 Fingerprint: 7C C3 5D DE 1B A8 E6 D2 F6 C1 49 E6 C0 5F C9 BF 19 18 70 84
MD5 Fingerprint: C1 7A 16 E5 36 87 A8 D2 40 00 10 67 25 88 6D 4E


PEM certificate :

-----BEGIN CERTIFICATE-----
MIIEATCCAumgAwIBAgIJAOW+4RKrWbwAMA0GCSqGSIb3DQEBCwUAMIGfMRIwEAYKCZImiZPyLGQBGRYCanAxEjAQBgoJkiaJk/IsZAEZFgJnbzEUMBIGCgmSJomT8ixkARkWBG1vZHMxFDASBgoJkiaJk/IsZAEZFgRnc2RmMRcwFQYKCZImiZPyLGQBGRYHRU1TT0NDUzETMBEGCgmSJomT8ixkARkWA2djYzEbMBkGA1UEAxMSZ2NjLUFELVNFUlZFUi0xLUNBMCAXDTIzMDcyODAxMDE0M1oYDzIwNTAxMjEzMDEwMTQzWjCBpDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBUhZT0dPMRIwEAYDVQQHDAlBbWFnYXNha2kxDjAMBgNVBAoMBU1lbGNvMQ0wCwYDVQQLDARFTVc0MTEwLwYDVQQDDChjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMR8wHQYJKoZIhvcNAQkBFhBlbXc0QG1lbGNvLmNvLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kf2mHILnXYYLqpt1BDhO78LNc3aBJCLG2o9mahelyl3VhDsOCJe6/m0ZWlCFHrQmWZHE7wHpnE+lp+CKXJofOH3lIC+6dX3lgcCDdMwrV1HPNXCyeZefMx7Q7JN8/gkf7SEtJe21DghsHCqIV8yQNndX0t5syNRFjK19c3ZgM8TznDh416W4MkQPQmL/qJviM+CG8WvSdOxYPiZqLhHfMlio6mfuu2eiF/A6Z11GDbyKVTwp1HWOCpea2dc+1GPEWh7WcYGJJm9Qfe8Yg70UzY+bpoCTeae06uScVHe/x3PV5zkkVCvVrh/bNPujp69H9oVB3k9VOAlClIaR8M7uwIDAQABozcwNTAzBgNVHREELDAqgihjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMA0GCSqGSIb3DQEBCwUAA4IBAQBfd/pipc1Iy/wLLsuKuSlKln2EboWZ2gjTYvZvETZA2j5oBOgWKKYDdXrSLXhi6r4v0JunyIzWTreFjZkdQH3kU2OTJdxcd+sx0sePq7E/0gLG40a/27Tc/dUDyvWadxa+WGIAPDGaAyGGnkr8+Qxec6+cJWK5ozq4Xa++xjAihfAiUNYyjSivWU9sXhNzBCgM97+zBaZdxhSM/G3vpo0AjRam0oyKmTiVwXVTispaeQ6ZhRik+0KozipdjBEt+LXVwgX8pWT/lNV8fO2Yk0XX3EaVWkOjV57lDSebKN2B3vVwwmkzU3WIzz5VBWlQsfLbTmmV7biWHeFbEkV41Ork
-----END CERTIFICATE-----

ipaddr (tcp/3920)

Subject Name:

Country: JP
State/Province: HYOGO
Locality: Amagasaki
Organization: Melco
Organization Unit: EMW4
Common Name: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp
Email Address: emw4@melco.co.jp

Issuer Name:

Domain Component: jp
Domain Component: go
Domain Component: mods
Domain Component: gsdf
Domain Component: EMSOCCS
Domain Component: gcc
Common Name: gcc-AD-SERVER-1-CA

Serial Number: 00 E5 BE E1 12 AB 59 BC 00

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Jul 28 01:01:43 2023 GMT
Not Valid After: Dec 13 01:01:43 2050 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 D0 A7 F6 98 72 0B 9D 76 18 2E AA 6D D4 10 E1 3B BF 0B 35
CD DA 04 90 8B 1B 6A 3D 99 A8 5E 97 29 77 56 10 EC 38 22 5E
EB F9 B4 65 69 42 14 7A D0 99 66 47 13 BC 07 A6 71 3E 96 9F
82 29 72 68 7C E1 F7 94 80 BE E9 D5 F7 96 07 02 0D D3 30 AD
5D 47 3C D5 C2 C9 E6 5E 7C CC 7B 43 B2 4D F3 F8 24 7F B4 84
B4 97 B6 D4 38 21 B0 70 AA 21 5F 32 40 D9 DD 5F 4B 79 B3 23
51 16 32 B5 F5 CD D9 80 CF 13 CE 70 E1 E3 5E 96 E0 C9 10 3D
09 8B FE A2 6F 88 CF 82 1B C5 AF 49 D3 B1 60 F8 99 A8 B8 47
7C C9 62 A3 A9 9F BA ED 9E 88 5F C0 E9 9D 75 18 36 F2 29 54
F0 A7 51 D6 38 2A 5E 6B 67 5C FB 51 8F 11 68 7B 59 C6 06 24
99 BD 41 F7 BC 62 0E F4 53 36 3E 6E 9A 02 4D E6 9E D3 AB 92
71 51 DE FF 1D CF 57 9C E4 91 50 AF 56 B8 7F 6C D3 EE 8E 9E
BD 1F DA 15 07 79 3D 54 E0 25 0A 52 1A 47 C3 3B BB
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 5F 77 FA 62 A5 CD 48 CB FC 0B 2E CB 8A B9 29 4A 96 7D 84
6E 85 99 DA 08 D3 62 F6 6F 11 36 40 DA 3E 68 04 E8 16 28 A6
03 75 7A D2 2D 78 62 EA BE 2F D0 9B A7 C8 8C D6 4E B7 85 8D
99 1D 40 7D E4 53 63 93 25 DC 5C 77 EB 31 D2 C7 8F AB B1 3F
D2 02 C6 E3 46 BF DB B4 DC FD D5 03 CA F5 9A 77 16 BE 58 62
00 3C 31 9A 03 21 86 9E 4A FC F9 0C 5E 73 AF 9C 25 62 B9 A3
3A B8 5D AF BE C6 30 22 85 F0 22 50 D6 32 8D 28 AF 59 4F 6C
5E 13 73 04 28 0C F7 BF B3 05 A6 5D C6 14 8C FC 6D EF A6 8D
00 8D 16 A6 D2 8C 8A 99 38 95 C1 75 53 8A CA 5A 79 0E 99 85
18 A4 FB 42 A8 CE 2A 5D 8C 11 2D F8 B5 D5 C2 05 FC A5 64 FF
94 D5 7C 7C ED 98 93 45 D7 DC 46 95 5A 43 A3 57 9E E5 0D 27
9B 28 DD 81 DE F5 70 C2 69 33 53 75 88 CF 3E 55 05 69 50 B1
F2 DB 4E 69 95 ED B8 96 1D E1 5B 12 45 78 D4 EA E4

Extension: Subject Alternative Name (2.5.29.17)
Critical: 0
DNS: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp


Fingerprints :

SHA-256 Fingerprint: 8C E3 23 A7 37 5B 1F B9 CA CA C1 39 77 50 2C FC 98 7E 7B 00
90 40 C4 90 80 A3 A7 01 AE 22 27 32
SHA-1 Fingerprint: 7C C3 5D DE 1B A8 E6 D2 F6 C1 49 E6 C0 5F C9 BF 19 18 70 84
MD5 Fingerprint: C1 7A 16 E5 36 87 A8 D2 40 00 10 67 25 88 6D 4E


PEM certificate :

-----BEGIN CERTIFICATE-----
MIIEATCCAumgAwIBAgIJAOW+4RKrWbwAMA0GCSqGSIb3DQEBCwUAMIGfMRIwEAYKCZImiZPyLGQBGRYCanAxEjAQBgoJkiaJk/IsZAEZFgJnbzEUMBIGCgmSJomT8ixkARkWBG1vZHMxFDASBgoJkiaJk/IsZAEZFgRnc2RmMRcwFQYKCZImiZPyLGQBGRYHRU1TT0NDUzETMBEGCgmSJomT8ixkARkWA2djYzEbMBkGA1UEAxMSZ2NjLUFELVNFUlZFUi0xLUNBMCAXDTIzMDcyODAxMDE0M1oYDzIwNTAxMjEzMDEwMTQzWjCBpDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBUhZT0dPMRIwEAYDVQQHDAlBbWFnYXNha2kxDjAMBgNVBAoMBU1lbGNvMQ0wCwYDVQQLDARFTVc0MTEwLwYDVQQDDChjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMR8wHQYJKoZIhvcNAQkBFhBlbXc0QG1lbGNvLmNvLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kf2mHILnXYYLqpt1BDhO78LNc3aBJCLG2o9mahelyl3VhDsOCJe6/m0ZWlCFHrQmWZHE7wHpnE+lp+CKXJofOH3lIC+6dX3lgcCDdMwrV1HPNXCyeZefMx7Q7JN8/gkf7SEtJe21DghsHCqIV8yQNndX0t5syNRFjK19c3ZgM8TznDh416W4MkQPQmL/qJviM+CG8WvSdOxYPiZqLhHfMlio6mfuu2eiF/A6Z11GDbyKVTwp1HWOCpea2dc+1GPEWh7WcYGJJm9Qfe8Yg70UzY+bpoCTeae06uScVHe/x3PV5zkkVCvVrh/bNPujp69H9oVB3k9VOAlClIaR8M7uwIDAQABozcwNTAzBgNVHREELDAqgihjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMA0GCSqGSIb3DQEBCwUAA4IBAQBfd/pipc1Iy/wLLsuKuSlKln2EboWZ2gjTYvZvETZA2j5oBOgWKKYDdXrSLXhi6r4v0JunyIzWTreFjZkdQH3kU2OTJdxcd+sx0sePq7E/0gLG40a/27Tc/dUDyvWadxa+WGIAPDGaAyGGnkr8+Qxec6+cJWK5ozq4Xa++xjAihfAiUNYyjSivWU9sXhNzBCgM97+zBaZdxhSM/G3vpo0AjRam0oyKmTiVwXVTispaeQ6ZhRik+0KozipdjBEt+LXVwgX8pWT/lNV8fO2Yk0XX3EaVWkOjV57lDSebKN2B3vVwwmkzU3WIzz5VBWlQsfLbTmmV7biWHeFbEkV41Ork
-----END CERTIFICATE-----

ipaddr (tcp/4848/www)

Subject Name:

Country: JP
State/Province: HYOGO
Locality: Amagasaki
Organization: Melco
Organization Unit: EMW4
Common Name: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp
Email Address: emw4@melco.co.jp

Issuer Name:

Domain Component: jp
Domain Component: go
Domain Component: mods
Domain Component: gsdf
Domain Component: EMSOCCS
Domain Component: gcc
Common Name: gcc-AD-SERVER-1-CA

Serial Number: 00 E5 BE E1 12 AB 59 BC 00

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Jul 28 01:01:43 2023 GMT
Not Valid After: Dec 13 01:01:43 2050 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 D0 A7 F6 98 72 0B 9D 76 18 2E AA 6D D4 10 E1 3B BF 0B 35
CD DA 04 90 8B 1B 6A 3D 99 A8 5E 97 29 77 56 10 EC 38 22 5E
EB F9 B4 65 69 42 14 7A D0 99 66 47 13 BC 07 A6 71 3E 96 9F
82 29 72 68 7C E1 F7 94 80 BE E9 D5 F7 96 07 02 0D D3 30 AD
5D 47 3C D5 C2 C9 E6 5E 7C CC 7B 43 B2 4D F3 F8 24 7F B4 84
B4 97 B6 D4 38 21 B0 70 AA 21 5F 32 40 D9 DD 5F 4B 79 B3 23
51 16 32 B5 F5 CD D9 80 CF 13 CE 70 E1 E3 5E 96 E0 C9 10 3D
09 8B FE A2 6F 88 CF 82 1B C5 AF 49 D3 B1 60 F8 99 A8 B8 47
7C C9 62 A3 A9 9F BA ED 9E 88 5F C0 E9 9D 75 18 36 F2 29 54
F0 A7 51 D6 38 2A 5E 6B 67 5C FB 51 8F 11 68 7B 59 C6 06 24
99 BD 41 F7 BC 62 0E F4 53 36 3E 6E 9A 02 4D E6 9E D3 AB 92
71 51 DE FF 1D CF 57 9C E4 91 50 AF 56 B8 7F 6C D3 EE 8E 9E
BD 1F DA 15 07 79 3D 54 E0 25 0A 52 1A 47 C3 3B BB
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 5F 77 FA 62 A5 CD 48 CB FC 0B 2E CB 8A B9 29 4A 96 7D 84
6E 85 99 DA 08 D3 62 F6 6F 11 36 40 DA 3E 68 04 E8 16 28 A6
03 75 7A D2 2D 78 62 EA BE 2F D0 9B A7 C8 8C D6 4E B7 85 8D
99 1D 40 7D E4 53 63 93 25 DC 5C 77 EB 31 D2 C7 8F AB B1 3F
D2 02 C6 E3 46 BF DB B4 DC FD D5 03 CA F5 9A 77 16 BE 58 62
00 3C 31 9A 03 21 86 9E 4A FC F9 0C 5E 73 AF 9C 25 62 B9 A3
3A B8 5D AF BE C6 30 22 85 F0 22 50 D6 32 8D 28 AF 59 4F 6C
5E 13 73 04 28 0C F7 BF B3 05 A6 5D C6 14 8C FC 6D EF A6 8D
00 8D 16 A6 D2 8C 8A 99 38 95 C1 75 53 8A CA 5A 79 0E 99 85
18 A4 FB 42 A8 CE 2A 5D 8C 11 2D F8 B5 D5 C2 05 FC A5 64 FF
94 D5 7C 7C ED 98 93 45 D7 DC 46 95 5A 43 A3 57 9E E5 0D 27
9B 28 DD 81 DE F5 70 C2 69 33 53 75 88 CF 3E 55 05 69 50 B1
F2 DB 4E 69 95 ED B8 96 1D E1 5B 12 45 78 D4 EA E4

Extension: Subject Alternative Name (2.5.29.17)
Critical: 0
DNS: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp


Fingerprints :

SHA-256 Fingerprint: 8C E3 23 A7 37 5B 1F B9 CA CA C1 39 77 50 2C FC 98 7E 7B 00
90 40 C4 90 80 A3 A7 01 AE 22 27 32
SHA-1 Fingerprint: 7C C3 5D DE 1B A8 E6 D2 F6 C1 49 E6 C0 5F C9 BF 19 18 70 84
MD5 Fingerprint: C1 7A 16 E5 36 87 A8 D2 40 00 10 67 25 88 6D 4E


PEM certificate :

-----BEGIN CERTIFICATE-----
MIIEATCCAumgAwIBAgIJAOW+4RKrWbwAMA0GCSqGSIb3DQEBCwUAMIGfMRIwEAYKCZImiZPyLGQBGRYCanAxEjAQBgoJkiaJk/IsZAEZFgJnbzEUMBIGCgmSJomT8ixkARkWBG1vZHMxFDASBgoJkiaJk/IsZAEZFgRnc2RmMRcwFQYKCZImiZPyLGQBGRYHRU1TT0NDUzETMBEGCgmSJomT8ixkARkWA2djYzEbMBkGA1UEAxMSZ2NjLUFELVNFUlZFUi0xLUNBMCAXDTIzMDcyODAxMDE0M1oYDzIwNTAxMjEzMDEwMTQzWjCBpDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBUhZT0dPMRIwEAYDVQQHDAlBbWFnYXNha2kxDjAMBgNVBAoMBU1lbGNvMQ0wCwYDVQQLDARFTVc0MTEwLwYDVQQDDChjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMR8wHQYJKoZIhvcNAQkBFhBlbXc0QG1lbGNvLmNvLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kf2mHILnXYYLqpt1BDhO78LNc3aBJCLG2o9mahelyl3VhDsOCJe6/m0ZWlCFHrQmWZHE7wHpnE+lp+CKXJofOH3lIC+6dX3lgcCDdMwrV1HPNXCyeZefMx7Q7JN8/gkf7SEtJe21DghsHCqIV8yQNndX0t5syNRFjK19c3ZgM8TznDh416W4MkQPQmL/qJviM+CG8WvSdOxYPiZqLhHfMlio6mfuu2eiF/A6Z11GDbyKVTwp1HWOCpea2dc+1GPEWh7WcYGJJm9Qfe8Yg70UzY+bpoCTeae06uScVHe/x3PV5zkkVCvVrh/bNPujp69H9oVB3k9VOAlClIaR8M7uwIDAQABozcwNTAzBgNVHREELDAqgihjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMA0GCSqGSIb3DQEBCwUAA4IBAQBfd/pipc1Iy/wLLsuKuSlKln2EboWZ2gjTYvZvETZA2j5oBOgWKKYDdXrSLXhi6r4v0JunyIzWTreFjZkdQH3kU2OTJdxcd+sx0sePq7E/0gLG40a/27Tc/dUDyvWadxa+WGIAPDGaAyGGnkr8+Qxec6+cJWK5ozq4Xa++xjAihfAiUNYyjSivWU9sXhNzBCgM97+zBaZdxhSM/G3vpo0AjRam0oyKmTiVwXVTispaeQ6ZhRik+0KozipdjBEt+LXVwgX8pWT/lNV8fO2Yk0XX3EaVWkOjV57lDSebKN2B3vVwwmkzU3WIzz5VBWlQsfLbTmmV7biWHeFbEkV41Ork
-----END CERTIFICATE-----

ipaddr (tcp/8181/www)

Subject Name:

Country: JP
State/Province: HYOGO
Locality: Amagasaki
Organization: Melco
Organization Unit: EMW4
Common Name: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp
Email Address: emw4@melco.co.jp

Issuer Name:

Domain Component: jp
Domain Component: go
Domain Component: mods
Domain Component: gsdf
Domain Component: EMSOCCS
Domain Component: gcc
Common Name: gcc-AD-SERVER-1-CA

Serial Number: 00 E5 BE E1 12 AB 59 BC 00

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Jul 28 01:01:43 2023 GMT
Not Valid After: Dec 13 01:01:43 2050 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 D0 A7 F6 98 72 0B 9D 76 18 2E AA 6D D4 10 E1 3B BF 0B 35
CD DA 04 90 8B 1B 6A 3D 99 A8 5E 97 29 77 56 10 EC 38 22 5E
EB F9 B4 65 69 42 14 7A D0 99 66 47 13 BC 07 A6 71 3E 96 9F
82 29 72 68 7C E1 F7 94 80 BE E9 D5 F7 96 07 02 0D D3 30 AD
5D 47 3C D5 C2 C9 E6 5E 7C CC 7B 43 B2 4D F3 F8 24 7F B4 84
B4 97 B6 D4 38 21 B0 70 AA 21 5F 32 40 D9 DD 5F 4B 79 B3 23
51 16 32 B5 F5 CD D9 80 CF 13 CE 70 E1 E3 5E 96 E0 C9 10 3D
09 8B FE A2 6F 88 CF 82 1B C5 AF 49 D3 B1 60 F8 99 A8 B8 47
7C C9 62 A3 A9 9F BA ED 9E 88 5F C0 E9 9D 75 18 36 F2 29 54
F0 A7 51 D6 38 2A 5E 6B 67 5C FB 51 8F 11 68 7B 59 C6 06 24
99 BD 41 F7 BC 62 0E F4 53 36 3E 6E 9A 02 4D E6 9E D3 AB 92
71 51 DE FF 1D CF 57 9C E4 91 50 AF 56 B8 7F 6C D3 EE 8E 9E
BD 1F DA 15 07 79 3D 54 E0 25 0A 52 1A 47 C3 3B BB
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 5F 77 FA 62 A5 CD 48 CB FC 0B 2E CB 8A B9 29 4A 96 7D 84
6E 85 99 DA 08 D3 62 F6 6F 11 36 40 DA 3E 68 04 E8 16 28 A6
03 75 7A D2 2D 78 62 EA BE 2F D0 9B A7 C8 8C D6 4E B7 85 8D
99 1D 40 7D E4 53 63 93 25 DC 5C 77 EB 31 D2 C7 8F AB B1 3F
D2 02 C6 E3 46 BF DB B4 DC FD D5 03 CA F5 9A 77 16 BE 58 62
00 3C 31 9A 03 21 86 9E 4A FC F9 0C 5E 73 AF 9C 25 62 B9 A3
3A B8 5D AF BE C6 30 22 85 F0 22 50 D6 32 8D 28 AF 59 4F 6C
5E 13 73 04 28 0C F7 BF B3 05 A6 5D C6 14 8C FC 6D EF A6 8D
00 8D 16 A6 D2 8C 8A 99 38 95 C1 75 53 8A CA 5A 79 0E 99 85
18 A4 FB 42 A8 CE 2A 5D 8C 11 2D F8 B5 D5 C2 05 FC A5 64 FF
94 D5 7C 7C ED 98 93 45 D7 DC 46 95 5A 43 A3 57 9E E5 0D 27
9B 28 DD 81 DE F5 70 C2 69 33 53 75 88 CF 3E 55 05 69 50 B1
F2 DB 4E 69 95 ED B8 96 1D E1 5B 12 45 78 D4 EA E4

Extension: Subject Alternative Name (2.5.29.17)
Critical: 0
DNS: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp


Fingerprints :

SHA-256 Fingerprint: 8C E3 23 A7 37 5B 1F B9 CA CA C1 39 77 50 2C FC 98 7E 7B 00
90 40 C4 90 80 A3 A7 01 AE 22 27 32
SHA-1 Fingerprint: 7C C3 5D DE 1B A8 E6 D2 F6 C1 49 E6 C0 5F C9 BF 19 18 70 84
MD5 Fingerprint: C1 7A 16 E5 36 87 A8 D2 40 00 10 67 25 88 6D 4E


PEM certificate :

-----BEGIN CERTIFICATE-----
MIIEATCCAumgAwIBAgIJAOW+4RKrWbwAMA0GCSqGSIb3DQEBCwUAMIGfMRIwEAYKCZImiZPyLGQBGRYCanAxEjAQBgoJkiaJk/IsZAEZFgJnbzEUMBIGCgmSJomT8ixkARkWBG1vZHMxFDASBgoJkiaJk/IsZAEZFgRnc2RmMRcwFQYKCZImiZPyLGQBGRYHRU1TT0NDUzETMBEGCgmSJomT8ixkARkWA2djYzEbMBkGA1UEAxMSZ2NjLUFELVNFUlZFUi0xLUNBMCAXDTIzMDcyODAxMDE0M1oYDzIwNTAxMjEzMDEwMTQzWjCBpDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBUhZT0dPMRIwEAYDVQQHDAlBbWFnYXNha2kxDjAMBgNVBAoMBU1lbGNvMQ0wCwYDVQQLDARFTVc0MTEwLwYDVQQDDChjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMR8wHQYJKoZIhvcNAQkBFhBlbXc0QG1lbGNvLmNvLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kf2mHILnXYYLqpt1BDhO78LNc3aBJCLG2o9mahelyl3VhDsOCJe6/m0ZWlCFHrQmWZHE7wHpnE+lp+CKXJofOH3lIC+6dX3lgcCDdMwrV1HPNXCyeZefMx7Q7JN8/gkf7SEtJe21DghsHCqIV8yQNndX0t5syNRFjK19c3ZgM8TznDh416W4MkQPQmL/qJviM+CG8WvSdOxYPiZqLhHfMlio6mfuu2eiF/A6Z11GDbyKVTwp1HWOCpea2dc+1GPEWh7WcYGJJm9Qfe8Yg70UzY+bpoCTeae06uScVHe/x3PV5zkkVCvVrh/bNPujp69H9oVB3k9VOAlClIaR8M7uwIDAQABozcwNTAzBgNVHREELDAqgihjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMA0GCSqGSIb3DQEBCwUAA4IBAQBfd/pipc1Iy/wLLsuKuSlKln2EboWZ2gjTYvZvETZA2j5oBOgWKKYDdXrSLXhi6r4v0JunyIzWTreFjZkdQH3kU2OTJdxcd+sx0sePq7E/0gLG40a/27Tc/dUDyvWadxa+WGIAPDGaAyGGnkr8+Qxec6+cJWK5ozq4Xa++xjAihfAiUNYyjSivWU9sXhNzBCgM97+zBaZdxhSM/G3vpo0AjRam0oyKmTiVwXVTispaeQ6ZhRik+0KozipdjBEt+LXVwgX8pWT/lNV8fO2Yk0XX3EaVWkOjV57lDSebKN2B3vVwwmkzU3WIzz5VBWlQsfLbTmmV7biWHeFbEkV41Ork
-----END CERTIFICATE-----

ipaddr (tcp/8686)

Subject Name:

Country: JP
State/Province: HYOGO
Locality: Amagasaki
Organization: Melco
Organization Unit: EMW4
Common Name: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp
Email Address: emw4@melco.co.jp

Issuer Name:

Domain Component: jp
Domain Component: go
Domain Component: mods
Domain Component: gsdf
Domain Component: EMSOCCS
Domain Component: gcc
Common Name: gcc-AD-SERVER-1-CA

Serial Number: 00 E5 BE E1 12 AB 59 BC 00

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Jul 28 01:01:43 2023 GMT
Not Valid After: Dec 13 01:01:43 2050 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 D0 A7 F6 98 72 0B 9D 76 18 2E AA 6D D4 10 E1 3B BF 0B 35
CD DA 04 90 8B 1B 6A 3D 99 A8 5E 97 29 77 56 10 EC 38 22 5E
EB F9 B4 65 69 42 14 7A D0 99 66 47 13 BC 07 A6 71 3E 96 9F
82 29 72 68 7C E1 F7 94 80 BE E9 D5 F7 96 07 02 0D D3 30 AD
5D 47 3C D5 C2 C9 E6 5E 7C CC 7B 43 B2 4D F3 F8 24 7F B4 84
B4 97 B6 D4 38 21 B0 70 AA 21 5F 32 40 D9 DD 5F 4B 79 B3 23
51 16 32 B5 F5 CD D9 80 CF 13 CE 70 E1 E3 5E 96 E0 C9 10 3D
09 8B FE A2 6F 88 CF 82 1B C5 AF 49 D3 B1 60 F8 99 A8 B8 47
7C C9 62 A3 A9 9F BA ED 9E 88 5F C0 E9 9D 75 18 36 F2 29 54
F0 A7 51 D6 38 2A 5E 6B 67 5C FB 51 8F 11 68 7B 59 C6 06 24
99 BD 41 F7 BC 62 0E F4 53 36 3E 6E 9A 02 4D E6 9E D3 AB 92
71 51 DE FF 1D CF 57 9C E4 91 50 AF 56 B8 7F 6C D3 EE 8E 9E
BD 1F DA 15 07 79 3D 54 E0 25 0A 52 1A 47 C3 3B BB
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 5F 77 FA 62 A5 CD 48 CB FC 0B 2E CB 8A B9 29 4A 96 7D 84
6E 85 99 DA 08 D3 62 F6 6F 11 36 40 DA 3E 68 04 E8 16 28 A6
03 75 7A D2 2D 78 62 EA BE 2F D0 9B A7 C8 8C D6 4E B7 85 8D
99 1D 40 7D E4 53 63 93 25 DC 5C 77 EB 31 D2 C7 8F AB B1 3F
D2 02 C6 E3 46 BF DB B4 DC FD D5 03 CA F5 9A 77 16 BE 58 62
00 3C 31 9A 03 21 86 9E 4A FC F9 0C 5E 73 AF 9C 25 62 B9 A3
3A B8 5D AF BE C6 30 22 85 F0 22 50 D6 32 8D 28 AF 59 4F 6C
5E 13 73 04 28 0C F7 BF B3 05 A6 5D C6 14 8C FC 6D EF A6 8D
00 8D 16 A6 D2 8C 8A 99 38 95 C1 75 53 8A CA 5A 79 0E 99 85
18 A4 FB 42 A8 CE 2A 5D 8C 11 2D F8 B5 D5 C2 05 FC A5 64 FF
94 D5 7C 7C ED 98 93 45 D7 DC 46 95 5A 43 A3 57 9E E5 0D 27
9B 28 DD 81 DE F5 70 C2 69 33 53 75 88 CF 3E 55 05 69 50 B1
F2 DB 4E 69 95 ED B8 96 1D E1 5B 12 45 78 D4 EA E4

Extension: Subject Alternative Name (2.5.29.17)
Critical: 0
DNS: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp


Fingerprints :

SHA-256 Fingerprint: 8C E3 23 A7 37 5B 1F B9 CA CA C1 39 77 50 2C FC 98 7E 7B 00
90 40 C4 90 80 A3 A7 01 AE 22 27 32
SHA-1 Fingerprint: 7C C3 5D DE 1B A8 E6 D2 F6 C1 49 E6 C0 5F C9 BF 19 18 70 84
MD5 Fingerprint: C1 7A 16 E5 36 87 A8 D2 40 00 10 67 25 88 6D 4E


PEM certificate :

-----BEGIN CERTIFICATE-----
MIIEATCCAumgAwIBAgIJAOW+4RKrWbwAMA0GCSqGSIb3DQEBCwUAMIGfMRIwEAYKCZImiZPyLGQBGRYCanAxEjAQBgoJkiaJk/IsZAEZFgJnbzEUMBIGCgmSJomT8ixkARkWBG1vZHMxFDASBgoJkiaJk/IsZAEZFgRnc2RmMRcwFQYKCZImiZPyLGQBGRYHRU1TT0NDUzETMBEGCgmSJomT8ixkARkWA2djYzEbMBkGA1UEAxMSZ2NjLUFELVNFUlZFUi0xLUNBMCAXDTIzMDcyODAxMDE0M1oYDzIwNTAxMjEzMDEwMTQzWjCBpDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBUhZT0dPMRIwEAYDVQQHDAlBbWFnYXNha2kxDjAMBgNVBAoMBU1lbGNvMQ0wCwYDVQQLDARFTVc0MTEwLwYDVQQDDChjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMR8wHQYJKoZIhvcNAQkBFhBlbXc0QG1lbGNvLmNvLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kf2mHILnXYYLqpt1BDhO78LNc3aBJCLG2o9mahelyl3VhDsOCJe6/m0ZWlCFHrQmWZHE7wHpnE+lp+CKXJofOH3lIC+6dX3lgcCDdMwrV1HPNXCyeZefMx7Q7JN8/gkf7SEtJe21DghsHCqIV8yQNndX0t5syNRFjK19c3ZgM8TznDh416W4MkQPQmL/qJviM+CG8WvSdOxYPiZqLhHfMlio6mfuu2eiF/A6Z11GDbyKVTwp1HWOCpea2dc+1GPEWh7WcYGJJm9Qfe8Yg70UzY+bpoCTeae06uScVHe/x3PV5zkkVCvVrh/bNPujp69H9oVB3k9VOAlClIaR8M7uwIDAQABozcwNTAzBgNVHREELDAqgihjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMA0GCSqGSIb3DQEBCwUAA4IBAQBfd/pipc1Iy/wLLsuKuSlKln2EboWZ2gjTYvZvETZA2j5oBOgWKKYDdXrSLXhi6r4v0JunyIzWTreFjZkdQH3kU2OTJdxcd+sx0sePq7E/0gLG40a/27Tc/dUDyvWadxa+WGIAPDGaAyGGnkr8+Qxec6+cJWK5ozq4Xa++xjAihfAiUNYyjSivWU9sXhNzBCgM97+zBaZdxhSM/G3vpo0AjRam0oyKmTiVwXVTispaeQ6ZhRik+0KozipdjBEt+LXVwgX8pWT/lNV8fO2Yk0XX3EaVWkOjV57lDSebKN2B3vVwwmkzU3WIzz5VBWlQsfLbTmmV7biWHeFbEkV41Ork
-----END CERTIFICATE-----

ipaddr (tcp/24848/www)

Subject Name:

Country: US
State/Province: California
Locality: Santa Clara
Organization: Oracle Corporation
Organization Unit: GlassFish
Common Name: localhost-instance

Issuer Name:

Country: US
State/Province: California
Locality: Santa Clara
Organization: Oracle Corporation
Organization Unit: GlassFish
Common Name: localhost-instance

Serial Number: 70 E2 79 85

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Jan 28 18:58:22 2019 GMT
Not Valid After: Jan 25 18:58:22 2029 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 89 DF FA BA 0E 22 1F 1D 4A 02 7C 63 99 08 5E 46 F7 95 35
31 53 33 61 B4 2C 4E 1F 95 1E 46 9F 74 C3 EB D7 05 BD 02 9D
53 6D 79 75 FA 1C 95 C6 59 DE 4E 44 69 91 9F E5 83 71 A6 38
6A 5A 10 3B C3 FC 84 B8 A7 EA 3B 02 D0 D5 E6 0A 55 FC A3 B2
B4 54 C5 C1 31 25 00 2E 66 A8 5B 0A 87 35 B4 BF 97 18 0A 1C
D4 A2 A9 1B 60 E2 81 C3 DD A2 88 11 7C 74 D0 F4 B2 07 8B DA
BA C6 20 14 66 A9 D0 26 F4 F4 36 B4 02 55 47 DC 45 79 F5 AF
F4 38 3A F0 9F CA B7 B4 1E 5A 9C 36 06 60 F0 EC 0E 2C B8 06
76 F9 9E 77 2D 71 ED 2C A9 1D E7 1C 99 50 85 19 0E 1E DA 35
E4 F9 65 DA 41 3E 22 62 BA 48 47 BC 6E 5F 48 AD 7D 68 86 A4
D0 CD 01 65 CD 88 90 B0 A1 45 68 55 C3 27 3D 46 C7 57 24 A2
26 B6 A1 7A 67 B6 01 3D 2D 85 A8 9C A4 EC 61 88 BC E5 B0 22
12 37 CD 52 01 30 D0 5C F5 77 E5 2C 4D 0A 56 C3 A5
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 01 34 B3 44 92 5A F7 CC 10 94 1D 0D DA C3 E8 0B 6A 6C 77
D3 7C 51 62 6D AC 53 DF 52 8F 46 27 49 EF 50 B5 89 7C C8 DA
2B BE E3 29 0C 95 15 21 B2 4C 88 A3 B6 54 65 EC E7 FA 0E 39
DF C6 39 33 1F F0 4D 3B 7A 73 00 61 5F 64 A0 D9 4C 02 A4 E2
D2 8D 34 7F 5A B7 98 FD FB AE 45 77 7C F1 2D 8F 9F 0C B3 F0
1A C4 19 4F 90 EA C2 B8 41 7B EA 9E 92 6D A7 6D 6D 4B AD 4C
E7 9F B3 61 71 CD 0D 5F 23 A1 97 A4 4B D7 BE AA C0 B7 BA C9
66 9B B8 47 34 D7 8F 45 70 74 16 1F AD 32 07 6B 05 EB 58 59
57 E8 5E 19 27 AD 00 14 D8 C6 E3 B0 5B FC ED 9C CF 1B AE 6A
14 1C CF F3 0A 12 05 07 02 6B F4 34 44 DE A5 15 6E 3D 61 8A
4A 84 3E AB D9 02 55 48 2A 7C 67 5C 7E BD A7 3C 9D 9A EA 40
45 E5 10 51 BC 78 DB D1 30 C3 15 A8 15 00 E9 72 74 A0 C8 19
4C C8 D1 45 AE 6B 48 7A A0 F4 93 4A 64 CE 5F C1 7E

Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: D4 29 F4 BD 1D D6 82 AC A4 89 04 26 64 8D B1 72 45 67 77 04


Fingerprints :

SHA-256 Fingerprint: 32 06 FE 12 EE 0A 64 15 05 B1 FA E7 1A 36 AE FA 3C 96 EB 29
52 0C F1 A4 AD DA 40 B6 C2 13 E3 7D
SHA-1 Fingerprint: 83 57 DA DC 05 8A 53 39 85 4F B5 AA 84 2D 19 CC 45 C8 B8 FC
MD5 Fingerprint: EB F6 7C 5B 8B 50 55 AC CD 0E 74 7B 73 FB 5D 4A


PEM certificate :

-----BEGIN CERTIFICATE-----
MIIDrTCCApWgAwIBAgIEcOJ5hTANBgkqhkiG9w0BAQsFADCBhjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFDASBgNVBAcTC1NhbnRhIENsYXJhMRswGQYDVQQKExJPcmFjbGUgQ29ycG9yYXRpb24xEjAQBgNVBAsTCUdsYXNzRmlzaDEbMBkGA1UEAxMSbG9jYWxob3N0LWluc3RhbmNlMB4XDTE5MDEyODE4NTgyMloXDTI5MDEyNTE4NTgyMlowgYYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQHEwtTYW50YSBDbGFyYTEbMBkGA1UEChMST3JhY2xlIENvcnBvcmF0aW9uMRIwEAYDVQQLEwlHbGFzc0Zpc2gxGzAZBgNVBAMTEmxvY2FsaG9zdC1pbnN0YW5jZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAInf+roOIh8dSgJ8Y5kIXkb3lTUxUzNhtCxOH5UeRp90w+vXBb0CnVNteXX6HJXGWd5ORGmRn+WDcaY4aloQO8P8hLin6jsC0NXmClX8o7K0VMXBMSUALmaoWwqHNbS/lxgKHNSiqRtg4oHD3aKIEXx00PSyB4vausYgFGap0Cb09Da0AlVH3EV59a/0ODrwn8q3tB5anDYGYPDsDiy4Bnb5nnctce0sqR3nHJlQhRkOHto15Pll2kE+ImK6SEe8bl9IrX1ohqTQzQFlzYiQsKFFaFXDJz1Gx1ckoia2oXpntgE9LYWonKTsYYi85bAiEjfNUgEw0Fz1d+UsTQpWw6UCAwEAAaMhMB8wHQYDVR0OBBYEFNQp9L0d1oKspIkEJmSNsXJFZ3cEMA0GCSqGSIb3DQEBCwUAA4IBAQABNLNEklr3zBCUHQ3aw+gLamx303xRYm2sU99Sj0YnSe9QtYl8yNorvuMpDJUVIbJMiKO2VGXs5/oOOd/GOTMf8E07enMAYV9koNlMAqTi0o00f1q3mP37rkV3fPEtj58Ms/AaxBlPkOrCuEF76p6SbadtbUutTOefs2FxzQ1fI6GXpEvXvqrAt7rJZpu4RzTXj0VwdBYfrTIHawXrWFlX6F4ZJ60AFNjG47Bb/O2czxuuahQcz/MKEgUHAmv0NETepRVuPWGKSoQ+q9kCVUgqfGdcfr2nPJ2a6kBF5RBRvHjb0TDDFagVAOlydKDIGUzI0UWua0h6oPSTSmTOX8F+
-----END CERTIFICATE-----

ipaddr (tcp/28181/www)

Subject Name:

Country: JP
State/Province: HYOGO
Locality: Amagasaki
Organization: Melco
Organization Unit: EMW4
Common Name: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp
Email Address: emw4@melco.co.jp

Issuer Name:

Domain Component: jp
Domain Component: go
Domain Component: mods
Domain Component: gsdf
Domain Component: EMSOCCS
Domain Component: gcc
Common Name: gcc-AD-SERVER-1-CA

Serial Number: 00 E5 BE E1 12 AB 59 BC 00

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Jul 28 01:01:43 2023 GMT
Not Valid After: Dec 13 01:01:43 2050 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 D0 A7 F6 98 72 0B 9D 76 18 2E AA 6D D4 10 E1 3B BF 0B 35
CD DA 04 90 8B 1B 6A 3D 99 A8 5E 97 29 77 56 10 EC 38 22 5E
EB F9 B4 65 69 42 14 7A D0 99 66 47 13 BC 07 A6 71 3E 96 9F
82 29 72 68 7C E1 F7 94 80 BE E9 D5 F7 96 07 02 0D D3 30 AD
5D 47 3C D5 C2 C9 E6 5E 7C CC 7B 43 B2 4D F3 F8 24 7F B4 84
B4 97 B6 D4 38 21 B0 70 AA 21 5F 32 40 D9 DD 5F 4B 79 B3 23
51 16 32 B5 F5 CD D9 80 CF 13 CE 70 E1 E3 5E 96 E0 C9 10 3D
09 8B FE A2 6F 88 CF 82 1B C5 AF 49 D3 B1 60 F8 99 A8 B8 47
7C C9 62 A3 A9 9F BA ED 9E 88 5F C0 E9 9D 75 18 36 F2 29 54
F0 A7 51 D6 38 2A 5E 6B 67 5C FB 51 8F 11 68 7B 59 C6 06 24
99 BD 41 F7 BC 62 0E F4 53 36 3E 6E 9A 02 4D E6 9E D3 AB 92
71 51 DE FF 1D CF 57 9C E4 91 50 AF 56 B8 7F 6C D3 EE 8E 9E
BD 1F DA 15 07 79 3D 54 E0 25 0A 52 1A 47 C3 3B BB
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 5F 77 FA 62 A5 CD 48 CB FC 0B 2E CB 8A B9 29 4A 96 7D 84
6E 85 99 DA 08 D3 62 F6 6F 11 36 40 DA 3E 68 04 E8 16 28 A6
03 75 7A D2 2D 78 62 EA BE 2F D0 9B A7 C8 8C D6 4E B7 85 8D
99 1D 40 7D E4 53 63 93 25 DC 5C 77 EB 31 D2 C7 8F AB B1 3F
D2 02 C6 E3 46 BF DB B4 DC FD D5 03 CA F5 9A 77 16 BE 58 62
00 3C 31 9A 03 21 86 9E 4A FC F9 0C 5E 73 AF 9C 25 62 B9 A3
3A B8 5D AF BE C6 30 22 85 F0 22 50 D6 32 8D 28 AF 59 4F 6C
5E 13 73 04 28 0C F7 BF B3 05 A6 5D C6 14 8C FC 6D EF A6 8D
00 8D 16 A6 D2 8C 8A 99 38 95 C1 75 53 8A CA 5A 79 0E 99 85
18 A4 FB 42 A8 CE 2A 5D 8C 11 2D F8 B5 D5 C2 05 FC A5 64 FF
94 D5 7C 7C ED 98 93 45 D7 DC 46 95 5A 43 A3 57 9E E5 0D 27
9B 28 DD 81 DE F5 70 C2 69 33 53 75 88 CF 3E 55 05 69 50 B1
F2 DB 4E 69 95 ED B8 96 1D E1 5B 12 45 78 D4 EA E4

Extension: Subject Alternative Name (2.5.29.17)
Critical: 0
DNS: cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp


Fingerprints :

SHA-256 Fingerprint: 8C E3 23 A7 37 5B 1F B9 CA CA C1 39 77 50 2C FC 98 7E 7B 00
90 40 C4 90 80 A3 A7 01 AE 22 27 32
SHA-1 Fingerprint: 7C C3 5D DE 1B A8 E6 D2 F6 C1 49 E6 C0 5F C9 BF 19 18 70 84
MD5 Fingerprint: C1 7A 16 E5 36 87 A8 D2 40 00 10 67 25 88 6D 4E


PEM certificate :

-----BEGIN CERTIFICATE-----
MIIEATCCAumgAwIBAgIJAOW+4RKrWbwAMA0GCSqGSIb3DQEBCwUAMIGfMRIwEAYKCZImiZPyLGQBGRYCanAxEjAQBgoJkiaJk/IsZAEZFgJnbzEUMBIGCgmSJomT8ixkARkWBG1vZHMxFDASBgoJkiaJk/IsZAEZFgRnc2RmMRcwFQYKCZImiZPyLGQBGRYHRU1TT0NDUzETMBEGCgmSJomT8ixkARkWA2djYzEbMBkGA1UEAxMSZ2NjLUFELVNFUlZFUi0xLUNBMCAXDTIzMDcyODAxMDE0M1oYDzIwNTAxMjEzMDEwMTQzWjCBpDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBUhZT0dPMRIwEAYDVQQHDAlBbWFnYXNha2kxDjAMBgNVBAoMBU1lbGNvMQ0wCwYDVQQLDARFTVc0MTEwLwYDVQQDDChjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMR8wHQYJKoZIhvcNAQkBFhBlbXc0QG1lbGNvLmNvLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kf2mHILnXYYLqpt1BDhO78LNc3aBJCLG2o9mahelyl3VhDsOCJe6/m0ZWlCFHrQmWZHE7wHpnE+lp+CKXJofOH3lIC+6dX3lgcCDdMwrV1HPNXCyeZefMx7Q7JN8/gkf7SEtJe21DghsHCqIV8yQNndX0t5syNRFjK19c3ZgM8TznDh416W4MkQPQmL/qJviM+CG8WvSdOxYPiZqLhHfMlio6mfuu2eiF/A6Z11GDbyKVTwp1HWOCpea2dc+1GPEWh7WcYGJJm9Qfe8Yg70UzY+bpoCTeae06uScVHe/x3PV5zkkVCvVrh/bNPujp69H9oVB3k9VOAlClIaR8M7uwIDAQABozcwNTAzBgNVHREELDAqgihjbGQtY29ubi1hcHAuZ2NjLmVtc29jY3MuZ3NkZi5tb2RzLmdvLmpwMA0GCSqGSIb3DQEBCwUAA4IBAQBfd/pipc1Iy/wLLsuKuSlKln2EboWZ2gjTYvZvETZA2j5oBOgWKKYDdXrSLXhi6r4v0JunyIzWTreFjZkdQH3kU2OTJdxcd+sx0sePq7E/0gLG40a/27Tc/dUDyvWadxa+WGIAPDGaAyGGnkr8+Qxec6+cJWK5ozq4Xa++xjAihfAiUNYyjSivWU9sXhNzBCgM97+zBaZdxhSM/G3vpo0AjRam0oyKmTiVwXVTispaeQ6ZhRik+0KozipdjBEt+LXVwgX8pWT/lNV8fO2Yk0XX3EaVWkOjV57lDSebKN2B3vVwwmkzU3WIzz5VBWlQsfLbTmmV7biWHeFbEkV41Ork
-----END CERTIFICATE-----

ipaddr (tcp/28686)

Subject Name:

Country: US
State/Province: California
Locality: Santa Clara
Organization: Oracle Corporation
Organization Unit: GlassFish
Common Name: localhost-instance

Issuer Name:

Country: US
State/Province: California
Locality: Santa Clara
Organization: Oracle Corporation
Organization Unit: GlassFish
Common Name: localhost-instance

Serial Number: 70 E2 79 85

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Jan 28 18:58:22 2019 GMT
Not Valid After: Jan 25 18:58:22 2029 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 89 DF FA BA 0E 22 1F 1D 4A 02 7C 63 99 08 5E 46 F7 95 35
31 53 33 61 B4 2C 4E 1F 95 1E 46 9F 74 C3 EB D7 05 BD 02 9D
53 6D 79 75 FA 1C 95 C6 59 DE 4E 44 69 91 9F E5 83 71 A6 38
6A 5A 10 3B C3 FC 84 B8 A7 EA 3B 02 D0 D5 E6 0A 55 FC A3 B2
B4 54 C5 C1 31 25 00 2E 66 A8 5B 0A 87 35 B4 BF 97 18 0A 1C
D4 A2 A9 1B 60 E2 81 C3 DD A2 88 11 7C 74 D0 F4 B2 07 8B DA
BA C6 20 14 66 A9 D0 26 F4 F4 36 B4 02 55 47 DC 45 79 F5 AF
F4 38 3A F0 9F CA B7 B4 1E 5A 9C 36 06 60 F0 EC 0E 2C B8 06
76 F9 9E 77 2D 71 ED 2C A9 1D E7 1C 99 50 85 19 0E 1E DA 35
E4 F9 65 DA 41 3E 22 62 BA 48 47 BC 6E 5F 48 AD 7D 68 86 A4
D0 CD 01 65 CD 88 90 B0 A1 45 68 55 C3 27 3D 46 C7 57 24 A2
26 B6 A1 7A 67 B6 01 3D 2D 85 A8 9C A4 EC 61 88 BC E5 B0 22
12 37 CD 52 01 30 D0 5C F5 77 E5 2C 4D 0A 56 C3 A5
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 01 34 B3 44 92 5A F7 CC 10 94 1D 0D DA C3 E8 0B 6A 6C 77
D3 7C 51 62 6D AC 53 DF 52 8F 46 27 49 EF 50 B5 89 7C C8 DA
2B BE E3 29 0C 95 15 21 B2 4C 88 A3 B6 54 65 EC E7 FA 0E 39
DF C6 39 33 1F F0 4D 3B 7A 73 00 61 5F 64 A0 D9 4C 02 A4 E2
D2 8D 34 7F 5A B7 98 FD FB AE 45 77 7C F1 2D 8F 9F 0C B3 F0
1A C4 19 4F 90 EA C2 B8 41 7B EA 9E 92 6D A7 6D 6D 4B AD 4C
E7 9F B3 61 71 CD 0D 5F 23 A1 97 A4 4B D7 BE AA C0 B7 BA C9
66 9B B8 47 34 D7 8F 45 70 74 16 1F AD 32 07 6B 05 EB 58 59
57 E8 5E 19 27 AD 00 14 D8 C6 E3 B0 5B FC ED 9C CF 1B AE 6A
14 1C CF F3 0A 12 05 07 02 6B F4 34 44 DE A5 15 6E 3D 61 8A
4A 84 3E AB D9 02 55 48 2A 7C 67 5C 7E BD A7 3C 9D 9A EA 40
45 E5 10 51 BC 78 DB D1 30 C3 15 A8 15 00 E9 72 74 A0 C8 19
4C C8 D1 45 AE 6B 48 7A A0 F4 93 4A 64 CE 5F C1 7E

Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: D4 29 F4 BD 1D D6 82 AC A4 89 04 26 64 8D B1 72 45 67 77 04


Fingerprints :

SHA-256 Fingerprint: 32 06 FE 12 EE 0A 64 15 05 B1 FA E7 1A 36 AE FA 3C 96 EB 29
52 0C F1 A4 AD DA 40 B6 C2 13 E3 7D
SHA-1 Fingerprint: 83 57 DA DC 05 8A 53 39 85 4F B5 AA 84 2D 19 CC 45 C8 B8 FC
MD5 Fingerprint: EB F6 7C 5B 8B 50 55 AC CD 0E 74 7B 73 FB 5D 4A


PEM certificate :

-----BEGIN CERTIFICATE-----
MIIDrTCCApWgAwIBAgIEcOJ5hTANBgkqhkiG9w0BAQsFADCBhjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFDASBgNVBAcTC1NhbnRhIENsYXJhMRswGQYDVQQKExJPcmFjbGUgQ29ycG9yYXRpb24xEjAQBgNVBAsTCUdsYXNzRmlzaDEbMBkGA1UEAxMSbG9jYWxob3N0LWluc3RhbmNlMB4XDTE5MDEyODE4NTgyMloXDTI5MDEyNTE4NTgyMlowgYYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQHEwtTYW50YSBDbGFyYTEbMBkGA1UEChMST3JhY2xlIENvcnBvcmF0aW9uMRIwEAYDVQQLEwlHbGFzc0Zpc2gxGzAZBgNVBAMTEmxvY2FsaG9zdC1pbnN0YW5jZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAInf+roOIh8dSgJ8Y5kIXkb3lTUxUzNhtCxOH5UeRp90w+vXBb0CnVNteXX6HJXGWd5ORGmRn+WDcaY4aloQO8P8hLin6jsC0NXmClX8o7K0VMXBMSUALmaoWwqHNbS/lxgKHNSiqRtg4oHD3aKIEXx00PSyB4vausYgFGap0Cb09Da0AlVH3EV59a/0ODrwn8q3tB5anDYGYPDsDiy4Bnb5nnctce0sqR3nHJlQhRkOHto15Pll2kE+ImK6SEe8bl9IrX1ohqTQzQFlzYiQsKFFaFXDJz1Gx1ckoia2oXpntgE9LYWonKTsYYi85bAiEjfNUgEw0Fz1d+UsTQpWw6UCAwEAAaMhMB8wHQYDVR0OBBYEFNQp9L0d1oKspIkEJmSNsXJFZ3cEMA0GCSqGSIb3DQEBCwUAA4IBAQABNLNEklr3zBCUHQ3aw+gLamx303xRYm2sU99Sj0YnSe9QtYl8yNorvuMpDJUVIbJMiKO2VGXs5/oOOd/GOTMf8E07enMAYV9koNlMAqTi0o00f1q3mP37rkV3fPEtj58Ms/AaxBlPkOrCuEF76p6SbadtbUutTOefs2FxzQ1fI6GXpEvXvqrAt7rJZpu4RzTXj0VwdBYfrTIHawXrWFlX6F4ZJ60AFNjG47Bb/O2czxuuahQcz/MKEgUHAmv0NETepRVuPWGKSoQ+q9kCVUgqfGdcfr2nPJ2a6kBF5RBRvHjb0TDDFagVAOlydKDIGUzI0UWua0h6oPSTSmTOX8F+
-----END CERTIFICATE-----
21643 (9) - SSL Cipher Suites Supported
-
Synopsis
The remote service encrypts communications using SSL.
Description
This plugin detects which SSL ciphers are supported by the remote service for encrypting communications.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2006/06/05, Modified: 2023/07/10
Plugin Output

ipaddr (tcp/443/www)


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EDH-RSA-DES-CBC3-SHA 0x00, 0x16 DH RSA 3DES-CBC(168) SHA1
ECDHE-RSA-DES-CBC3-SHA 0xC0, 0x12 ECDH RSA 3DES-CBC(168) SHA1
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
DHE-RSA-CAMELLIA128-SHA 0x00, 0x45 DH RSA Camellia-CBC(128) SHA1
DHE-RSA-CAMELLIA256-SHA 0x00, 0x88 DH RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/3820/giop)


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256


SSL Version : TLSv11
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1


SSL Version : TLSv1
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/3920)


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256


SSL Version : TLSv11
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1


SSL Version : TLSv1
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/4848/www)


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256


SSL Version : TLSv11
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1


SSL Version : TLSv1
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/8181/www)


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256


SSL Version : TLSv11
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1


SSL Version : TLSv1
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/8686)


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256


SSL Version : TLSv11
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1


SSL Version : TLSv1
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/24848/www)


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256


SSL Version : TLSv11
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1


SSL Version : TLSv1
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/28181/www)


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256


SSL Version : TLSv11
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1


SSL Version : TLSv1
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/28686)


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256


SSL Version : TLSv11
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1


SSL Version : TLSv1
High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
24260 (9) - HyperText Transfer Protocol (HTTP) Information
-
Synopsis
Some information about the remote HTTP configuration can be extracted.
Description
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive is enabled, etc...

This test is informational only and does not denote any security problem.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2007/01/30, Modified: 2024/02/26
Plugin Output

ipaddr (tcp/443/www)


Response Code : HTTP/1.1 400 Bad Request

Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Date: Tue, 23 Apr 2024 03:50:27 GMT
Server: Apache/2.4.57 (CentOS Linux) OpenSSL/1.0.2k-fips mod_auth_gssapi/1.5.1
Content-Length: 226
Connection: close
Content-Type: text/html; charset=iso-8859-1

Response Body :

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
</body></html>

ipaddr (tcp/4848/www)


Response Code : HTTP/1.1 500 Internal Server Error

Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Server: GlassFish Server Open Source Edition 5.1.0
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition 5.1.0 Java/Oracle Corporation/1.8)
Content-Type: text/html;charset=ISO-8859-1
Connection: close
Content-Length: 1084

Response Body :

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>GlassFish v4 - Error report</title><style type="text/css"><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P{font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 500 - </h1><hr/><p><b>type</b> Status report</p><p><b>message</b></p><p><b>description</b>The server encountered an internal error that prevented it from fulfilling this request.</p><hr/><h3>GlassFish Server Open Source Edition 5.1.0 </h3></body></html>

ipaddr (tcp/8080/www)


Response Code : HTTP/1.1 200 OK

Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: Yes
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Server: GlassFish Server Open Source Edition 5.1.0
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition 5.1.0 Java/Oracle Corporation/1.8)
Connection: close
Content-Length: 0

Response Body :

ipaddr (tcp/8181/www)


Response Code : HTTP/1.1 200 OK

Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Server: GlassFish Server Open Source Edition 5.1.0
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition 5.1.0 Java/Oracle Corporation/1.8)
Connection: close
Content-Length: 0

Response Body :

ipaddr (tcp/18081/www)


Response Code : HTTP/1.1 400

Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Transfer-Encoding: chunked
Date: Tue, 23 Apr 2024 03:50:26 GMT
Connection: close

Response Body :

ipaddr (tcp/24848/www)


Response Code : HTTP/1.1 500 Internal Server Error

Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Server: GlassFish Server Open Source Edition 5.1.0
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition 5.1.0 Java/Oracle Corporation/1.8)
Content-Type: text/html;charset=ISO-8859-1
Connection: close
Content-Length: 1084

Response Body :

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>GlassFish v4 - Error report</title><style type="text/css"><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P{font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 500 - </h1><hr/><p><b>type</b> Status report</p><p><b>message</b></p><p><b>description</b>The server encountered an internal error that prevented it from fulfilling this request.</p><hr/><h3>GlassFish Server Open Source Edition 5.1.0 </h3></body></html>

ipaddr (tcp/28080/www)


Response Code : HTTP/1.1 200 OK

Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: Yes
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Server: GlassFish Server Open Source Edition 5.1.0
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition 5.1.0 Java/Oracle Corporation/1.8)
Connection: close
Content-Length: 0

Response Body :

ipaddr (tcp/28181/www)


Response Code : HTTP/1.1 200 OK

Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Server: GlassFish Server Open Source Edition 5.1.0
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition 5.1.0 Java/Oracle Corporation/1.8)
Connection: close
Content-Length: 0

Response Body :

ipaddr (tcp/29003/www)


Response Code : HTTP/1.1 200 OK

Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Server: ClusterWebmanager
Date: Tue, 23 Apr 2024 03:50:27 GMT
Content-type: text/html
Content-length: 1742
Last-Modified: Wed, 31 May 2023 22:14:28 GMT
Expires: Tue, 23 Apr 2024 03:50:27 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-ancestors 'none'
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Connection: Close
X-Frame-Options: DENY

Response Body :

<!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>Cluster WebUI</title>
<base href="/">
<link rel="icon" type="image/png" href="data:image/png;base64,iVBORw0KGgo=">
<meta name="viewport" content="width=device-width, initial-scale=1">
<script>
var global = global || window;
var Buffer = global.Buffer;
</script>
<style>@charset "UTF-8";html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}@media print{*,:after,:before{color:#000!important;text-shadow:none!important;background:transparent!important;box-shadow:none!important}}*,:after,:before{box-sizing:border-box}html{font-size:10px;-webkit-tap-highlight-color:rgba(0,0,0,0)}body{font-family:Helvetica Neue,Helvetica,Arial,sans-serif;font-size:14px;line-height:1.42857143;color:#333;background-color:#fff}html{background-color:#f0f0f0}@media print{html{background-color:#fff}}body{font-family:Meiryo,メイリオ,Lucida Grande,Hiragino Kaku Gothic ProN,ヒラギノ角ゴ ProN W3,sans-serif;height:auto;min-height:100%;position:relative;background-color:inherit;margin:0}</style><link rel="stylesheet" href="styles.f787d798e4521eee69ab.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.f787d798e4521eee69ab.css"></noscript></head>

<body ng-app="">
<clp-app-root></clp-app-root>
<script src="runtime.2ae22ab0deb03d93a91f.jss" defer></script><script src="polyfills-es5.fc398ddff6ee7871768a.jss" nomodule defer></script><script src="polyfills.c2ebbc3f9252561842f9.jss" defer></script><script src="scripts.63f73535aef40b37c1b2.jss" defer></script><script src="main.6750d781a6492d073d43.jss" defer></script>

</body></html>
45410 (9) - SSL Certificate 'commonName' Mismatch
-
Synopsis
The 'commonName' (CN) attribute in the SSL certificate does not match the hostname.
Description
The service running on the remote host presents an SSL certificate for which the 'commonName' (CN) attribute does not match the hostname on which the service listens.
Solution
If the machine has several names, make sure that users connect to the service through the DNS hostname that matches the common name in the certificate.
Risk Factor
None
Plugin Information
Published: 2010/04/03, Modified: 2021/03/09
Plugin Output

ipaddr (tcp/443/www)


The host name known by Nessus is :

masked_hostname

The Common Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

The Subject Alternate Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

ipaddr (tcp/3820/giop)


The host name known by Nessus is :

masked_hostname

The Common Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

The Subject Alternate Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

ipaddr (tcp/3920)


The host name known by Nessus is :

masked_hostname

The Common Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

The Subject Alternate Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

ipaddr (tcp/4848/www)


The host name known by Nessus is :

masked_hostname

The Common Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

The Subject Alternate Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

ipaddr (tcp/8181/www)


The host name known by Nessus is :

masked_hostname

The Common Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

The Subject Alternate Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

ipaddr (tcp/8686)


The host name known by Nessus is :

masked_hostname

The Common Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

The Subject Alternate Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

ipaddr (tcp/24848/www)


The host name known by Nessus is :

masked_hostname

The Common Name in the certificate is :

localhost-instance

ipaddr (tcp/28181/www)


The host name known by Nessus is :

masked_hostname

The Common Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

The Subject Alternate Name in the certificate is :

cld-conn-app.gcc.emsoccs.gsdf.mods.go.jp

ipaddr (tcp/28686)


The host name known by Nessus is :

masked_hostname

The Common Name in the certificate is :

localhost-instance
56984 (9) - SSL / TLS Versions Supported
-
Synopsis
The remote service encrypts communications.
Description
This plugin detects which SSL and TLS versions are supported by the remote service for encrypting communications.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2011/12/01, Modified: 2023/07/10
Plugin Output

ipaddr (tcp/443/www)


This port supports TLSv1.2.

ipaddr (tcp/3820/giop)


This port supports TLSv1.0/TLSv1.1/TLSv1.2.

ipaddr (tcp/3920)


This port supports TLSv1.0/TLSv1.1/TLSv1.2.

ipaddr (tcp/4848/www)


This port supports TLSv1.0/TLSv1.1/TLSv1.2.

ipaddr (tcp/8181/www)


This port supports TLSv1.0/TLSv1.1/TLSv1.2.

ipaddr (tcp/8686)


This port supports TLSv1.0/TLSv1.1/TLSv1.2.

ipaddr (tcp/24848/www)


This port supports TLSv1.0/TLSv1.1/TLSv1.2.

ipaddr (tcp/28181/www)


This port supports TLSv1.0/TLSv1.1/TLSv1.2.

ipaddr (tcp/28686)


This port supports TLSv1.0/TLSv1.1/TLSv1.2.
57041 (9) - SSL Perfect Forward Secrecy Cipher Suites Supported
-
Synopsis
The remote service supports the use of SSL Perfect Forward Secrecy ciphers, which maintain confidentiality even if the key is stolen.
Description
The remote host supports the use of SSL ciphers that offer Perfect Forward Secrecy (PFS) encryption. These cipher suites ensure that recorded SSL traffic cannot be broken at a future date if the server's private key is compromised.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2011/12/07, Modified: 2021/03/09
Plugin Output

ipaddr (tcp/443/www)


Here is the list of SSL PFS ciphers supported by the remote server :

Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EDH-RSA-DES-CBC3-SHA 0x00, 0x16 DH RSA 3DES-CBC(168) SHA1
ECDHE-RSA-DES-CBC3-SHA 0xC0, 0x12 ECDH RSA 3DES-CBC(168) SHA1

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
DHE-RSA-CAMELLIA128-SHA 0x00, 0x45 DH RSA Camellia-CBC(128) SHA1
DHE-RSA-CAMELLIA256-SHA 0x00, 0x88 DH RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/3820/giop)


Here is the list of SSL PFS ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/3920)


Here is the list of SSL PFS ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/4848/www)


Here is the list of SSL PFS ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/8181/www)


Here is the list of SSL PFS ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/8686)


Here is the list of SSL PFS ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/24848/www)


Here is the list of SSL PFS ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/28181/www)


Here is the list of SSL PFS ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/28686)


Here is the list of SSL PFS ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
70544 (9) - SSL Cipher Block Chaining Cipher Suites Supported
-
Synopsis
The remote service supports the use of SSL Cipher Block Chaining ciphers, which combine previous blocks with subsequent ones.
Description
The remote host supports the use of SSL ciphers that operate in Cipher Block Chaining (CBC) mode. These cipher suites offer additional security over Electronic Codebook (ECB) mode, but have the potential to leak information if used improperly.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2013/10/22, Modified: 2021/02/03
Plugin Output

ipaddr (tcp/443/www)


Here is the list of SSL CBC ciphers supported by the remote server :

Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EDH-RSA-DES-CBC3-SHA 0x00, 0x16 DH RSA 3DES-CBC(168) SHA1
ECDHE-RSA-DES-CBC3-SHA 0xC0, 0x12 ECDH RSA 3DES-CBC(168) SHA1
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
DHE-RSA-CAMELLIA128-SHA 0x00, 0x45 DH RSA Camellia-CBC(128) SHA1
DHE-RSA-CAMELLIA256-SHA 0x00, 0x88 DH RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/3820/giop)


Here is the list of SSL CBC ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/3920)


Here is the list of SSL CBC ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/4848/www)


Here is the list of SSL CBC ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/8181/www)


Here is the list of SSL CBC ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/8686)


Here is the list of SSL CBC ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/24848/www)


Here is the list of SSL CBC ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/28181/www)


Here is the list of SSL CBC ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/28686)


Here is the list of SSL CBC ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
136318 (9) - TLS Version 1.2 Protocol Detection
-
Synopsis
The remote service encrypts traffic using a version of TLS.
Description
The remote service accepts connections encrypted using TLS 1.2.
See Also
Solution
N/A
Risk Factor
None
Plugin Information
Published: 2020/05/04, Modified: 2020/05/04
Plugin Output

ipaddr (tcp/443/www)

TLSv1.2 is enabled and the server supports at least one cipher.

ipaddr (tcp/3820/giop)

TLSv1.2 is enabled and the server supports at least one cipher.

ipaddr (tcp/3920)

TLSv1.2 is enabled and the server supports at least one cipher.

ipaddr (tcp/4848/www)

TLSv1.2 is enabled and the server supports at least one cipher.

ipaddr (tcp/8181/www)

TLSv1.2 is enabled and the server supports at least one cipher.

ipaddr (tcp/8686)

TLSv1.2 is enabled and the server supports at least one cipher.

ipaddr (tcp/24848/www)

TLSv1.2 is enabled and the server supports at least one cipher.

ipaddr (tcp/28181/www)

TLSv1.2 is enabled and the server supports at least one cipher.

ipaddr (tcp/28686)

TLSv1.2 is enabled and the server supports at least one cipher.
156899 (9) - SSL/TLS Recommended Cipher Suites
-
Synopsis
The remote host advertises discouraged SSL/TLS ciphers.
Description
The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable support for the following cipher suites:

TLSv1.3:
- 0x13,0x01 TLS13_AES_128_GCM_SHA256
- 0x13,0x02 TLS13_AES_256_GCM_SHA384
- 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256

TLSv1.2:
- 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256
- 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256
- 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384
- 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384
- 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305
- 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305

This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with nearly every client released in the last five (or more) years.
See Also
Solution
Only enable support for recommened cipher suites.
Risk Factor
None
Plugin Information
Published: 2022/01/20, Modified: 2024/02/12
Plugin Output

ipaddr (tcp/443/www)

The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:


Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EDH-RSA-DES-CBC3-SHA 0x00, 0x16 DH RSA 3DES-CBC(168) SHA1
ECDHE-RSA-DES-CBC3-SHA 0xC0, 0x12 ECDH RSA 3DES-CBC(168) SHA1
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1

High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
DHE-RSA-CAMELLIA128-SHA 0x00, 0x45 DH RSA Camellia-CBC(128) SHA1
DHE-RSA-CAMELLIA256-SHA 0x00, 0x88 DH RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/3820/giop)

The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:


High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/3920)

The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:


High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/4848/www)

The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:


High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/8181/www)

The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:


High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/8686)

The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:


High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/24848/www)

The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:


High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/28181/www)

The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:


High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}

ipaddr (tcp/28686)

The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:


High Strength Ciphers (>= 112-bit key)

Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
10107 (8) - HTTP Server Type and Version
-
Synopsis
A web server is running on the remote host.
Description
This plugin attempts to determine the type and the version of the remote web server.
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0931
Plugin Information
Published: 2000/01/04, Modified: 2020/10/30
Plugin Output

ipaddr (tcp/443/www)

The remote web server type is :

Apache/2.4.57 (CentOS Linux) OpenSSL/1.0.2k-fips mod_auth_gssapi/1.5.1

ipaddr (tcp/4848/www)

The remote web server type is :

GlassFish Server Open Source Edition 5.1.0

ipaddr (tcp/8080/www)

The remote web server type is :

GlassFish Server Open Source Edition 5.1.0

ipaddr (tcp/8181/www)

The remote web server type is :

GlassFish Server Open Source Edition 5.1.0

ipaddr (tcp/24848/www)

The remote web server type is :

GlassFish Server Open Source Edition 5.1.0

ipaddr (tcp/28080/www)

The remote web server type is :

GlassFish Server Open Source Edition 5.1.0

ipaddr (tcp/28181/www)

The remote web server type is :

GlassFish Server Open Source Edition 5.1.0

ipaddr (tcp/29003/www)

The remote web server type is :

ClusterWebmanager
121010 (8) - TLS Version 1.1 Protocol Detection
-
Synopsis
The remote service encrypts traffic using an older version of TLS.
Description
The remote service accepts connections encrypted using TLS 1.1.
TLS 1.1 lacks support for current and recommended cipher suites.
Ciphers that support encryption before MAC computation, and authenticated encryption modes such as GCM cannot be used with TLS 1.1

As of March 31, 2020, Endpoints that are not enabled for TLS 1.2 and higher will no longer function properly with major web browsers and major vendors.
See Also
Solution
Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.
Risk Factor
None
References
XREF CWE:327
Plugin Information
Published: 2019/01/08, Modified: 2023/04/19
Plugin Output

ipaddr (tcp/3820/giop)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/3920)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/4848/www)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/8181/www)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/8686)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/24848/www)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/28181/www)

TLSv1.1 is enabled and the server supports at least one cipher.

ipaddr (tcp/28686)

TLSv1.1 is enabled and the server supports at least one cipher.
94761 (7) - SSL Root Certification Authority Certificate Information
-
Synopsis
A root Certification Authority certificate was found at the top of the certificate chain.
Description
The remote service uses an SSL certificate chain that contains a self-signed root Certification Authority certificate at the top of the chain.
See Also
Solution
Ensure that use of this root Certification Authority certificate complies with your organization's acceptable use and security policies.
Risk Factor
None
Plugin Information
Published: 2016/11/14, Modified: 2018/11/15
Plugin Output

ipaddr (tcp/443/www)


The following root Certification Authority certificate was found :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Valid From : Jul 21 09:34:44 2023 GMT
|-Valid To : Jul 21 09:44:43 2053 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption

ipaddr (tcp/3820/giop)


The following root Certification Authority certificate was found :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Valid From : Jul 21 09:34:44 2023 GMT
|-Valid To : Jul 21 09:44:43 2053 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption

ipaddr (tcp/3920)


The following root Certification Authority certificate was found :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Valid From : Jul 21 09:34:44 2023 GMT
|-Valid To : Jul 21 09:44:43 2053 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption

ipaddr (tcp/4848/www)


The following root Certification Authority certificate was found :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Valid From : Jul 21 09:34:44 2023 GMT
|-Valid To : Jul 21 09:44:43 2053 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption

ipaddr (tcp/8181/www)


The following root Certification Authority certificate was found :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Valid From : Jul 21 09:34:44 2023 GMT
|-Valid To : Jul 21 09:44:43 2053 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption

ipaddr (tcp/8686)


The following root Certification Authority certificate was found :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Valid From : Jul 21 09:34:44 2023 GMT
|-Valid To : Jul 21 09:44:43 2053 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption

ipaddr (tcp/28181/www)


The following root Certification Authority certificate was found :

|-Subject : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Issuer : DC=jp/DC=go/DC=mods/DC=gsdf/DC=EMSOCCS/DC=gcc/CN=gcc-AD-SERVER-1-CA
|-Valid From : Jul 21 09:34:44 2023 GMT
|-Valid To : Jul 21 09:44:43 2053 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption
55930 (6) - Oracle GlassFish HTTP Server Version
-
Synopsis
It was possible to obtain the version number of the remote Oracle GlassFish HTTP server.
Description
The remote host is running an Oracle GlassFish HTTP Server, a Java EE application server. It was possible to read the version number from the HTTP response headers.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2011/08/16, Modified: 2022/10/12
Plugin Output

ipaddr (tcp/4848/www)


URL : https://ipaddr:4848/
Version : 5.1.0

ipaddr (tcp/8080/www)


URL : http://ipaddr:8080/
Version : 5.1.0

ipaddr (tcp/8181/www)


URL : https://ipaddr:8181/
Version : 5.1.0

ipaddr (tcp/24848/www)


URL : https://ipaddr:24848/
Version : 5.1.0

ipaddr (tcp/28080/www)


URL : http://ipaddr:28080/
Version : 5.1.0

ipaddr (tcp/28181/www)


URL : https://ipaddr:28181/
Version : 5.1.0
84502 (5) - HSTS Missing From HTTPS Server
-
Synopsis
The remote web server is not enforcing HSTS.
Description
The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.
See Also
Solution
Configure the remote web server to use HSTS.
Risk Factor
None
Plugin Information
Published: 2015/07/02, Modified: 2021/05/19
Plugin Output

ipaddr (tcp/443/www)


The remote HTTPS server does not send the HTTP
"Strict-Transport-Security" header.

ipaddr (tcp/4848/www)


The remote HTTPS server does not send the HTTP
"Strict-Transport-Security" header.

ipaddr (tcp/8181/www)


The remote HTTPS server does not send the HTTP
"Strict-Transport-Security" header.

ipaddr (tcp/24848/www)


The remote HTTPS server does not send the HTTP
"Strict-Transport-Security" header.

ipaddr (tcp/28181/www)


The remote HTTPS server does not send the HTTP
"Strict-Transport-Security" header.
91815 (5) - Web Application Sitemap
-
Synopsis
The remote web server hosts linkable content that can be crawled by Nessus.
Description
The remote web server contains linkable content that can be used to gather information about a target.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2016/06/24, Modified: 2016/06/24
Plugin Output

ipaddr (tcp/8080/www)


The following sitemap was created from crawling linkable content on the target host :

- http://ipaddr:8080/

Attached is a copy of the sitemap file.

ipaddr (tcp/8181/www)


The following sitemap was created from crawling linkable content on the target host :

- https://ipaddr:8181/

Attached is a copy of the sitemap file.

ipaddr (tcp/28080/www)


The following sitemap was created from crawling linkable content on the target host :

- http://ipaddr:28080/

Attached is a copy of the sitemap file.

ipaddr (tcp/28181/www)


The following sitemap was created from crawling linkable content on the target host :

- https://ipaddr:28181/

Attached is a copy of the sitemap file.

ipaddr (tcp/29003/www)


The following sitemap was created from crawling linkable content on the target host :

- http://ipaddr:29003/
- http://ipaddr:29003/styles.f787d798e4521eee69ab.css

Attached is a copy of the sitemap file.
10386 (4) - Web Server No 404 Error Code Check
-
Synopsis
The remote web server does not return 404 error codes.
Description
The remote web server is configured such that it does not return '404 Not Found' error codes when a nonexistent file is requested, perhaps returning instead a site map, search page or authentication page.

Nessus has enabled some counter measures for this. However, they might be insufficient. If a great number of security holes are produced for this port, they might not all be accurate.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2000/04/28, Modified: 2022/06/17
Plugin Output

ipaddr (tcp/8080/www)


Unfortunately, Nessus has been unable to find a way to recognize this
page so some CGI-related checks have been disabled.

ipaddr (tcp/8181/www)


Unfortunately, Nessus has been unable to find a way to recognize this
page so some CGI-related checks have been disabled.

ipaddr (tcp/28080/www)


Unfortunately, Nessus has been unable to find a way to recognize this
page so some CGI-related checks have been disabled.

ipaddr (tcp/28181/www)


Unfortunately, Nessus has been unable to find a way to recognize this
page so some CGI-related checks have been disabled.
14773 (3) - Service Detection: 3 ASCII Digit Code Responses
-
Synopsis
This plugin performs service detection.
Description
This plugin is a complement of find_service1.nasl. It attempts to identify services that return 3 ASCII digits codes (ie: FTP, SMTP, NNTP, ...)
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2004/09/17, Modified: 2023/06/13
Plugin Output

ipaddr (tcp/7676/ftp)

A Message Queue broker is listening on this port.

ipaddr (tcp/7676/ftp)

An FTP server is running on this port

ipaddr (tcp/27676/ftp)

An FTP server is running on this port
35297 (3) - SSL Service Requests Client Certificate
-
Synopsis
The remote service requests an SSL client certificate.
Description
The remote service encrypts communications using SSL/TLS, requests a client certificate, and may require a valid certificate in order to establish a connection to the underlying service.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2009/01/06, Modified: 2022/04/11
Plugin Output

ipaddr (tcp/3920)


A TLSv1/TLSv11/TLSv12 server is listening on this port that requests a client certificate.

ipaddr (tcp/4848/www)


A TLSv1/TLSv11/TLSv12 server is listening on this port that requests a client certificate.

ipaddr (tcp/24848/www)


A TLSv1/TLSv11/TLSv12 server is listening on this port that requests a client certificate.
10092 (2) - FTP Server Detection
-
Synopsis
An FTP server is listening on a remote port.
Description
It is possible to obtain the banner of the remote FTP server by connecting to a remote port.
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0030
XREF IAVT:0001-T-0943
Plugin Information
Published: 1999/10/12, Modified: 2023/08/17
Plugin Output

ipaddr (tcp/7676/ftp)


The remote FTP banner is :

101 imqbroker 301

ipaddr (tcp/27676/ftp)


The remote FTP banner is :

101 clemssfcfinstemssfcf 301
11011 (2) - Microsoft Windows SMB Service Detection
-
Synopsis
A file / print sharing service is listening on the remote host.
Description
The remote service understands the CIFS (Common Internet File System) or Server Message Block (SMB) protocol, used to provide shared access to files, printers, etc between nodes on a network.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2002/06/05, Modified: 2021/02/11
Plugin Output

ipaddr (tcp/139/smb)


An SMB server is running on this port.

ipaddr (tcp/445/cifs)


A CIFS server is running on this port.
11111 (2) - RPC Services Enumeration
-
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

ipaddr (tcp/111/rpc-portmapper)


The following RPC services are available on TCP port 111 :

- program: 100000 (portmapper), version: 4
- program: 100000 (portmapper), version: 3
- program: 100000 (portmapper), version: 2

ipaddr (udp/111/rpc-portmapper)


The following RPC services are available on UDP port 111 :

- program: 100000 (portmapper), version: 4
- program: 100000 (portmapper), version: 3
- program: 100000 (portmapper), version: 2
85805 (2) - HTTP/2 Cleartext Detection
-
Synopsis
An HTTP/2 server is listening on the remote host.
Description
The remote host is running an HTTP server that supports HTTP/2 running over cleartext TCP (h2c).
See Also
Solution
Limit incoming traffic to this port if desired.
Risk Factor
None
Plugin Information
Published: 2015/09/04, Modified: 2022/04/11
Plugin Output

ipaddr (tcp/8080/www)


The server supports upgrading HTTP connections to
HTTP/2 cleartext connections.

The server supports direct HTTP/2 connections
without encryption.

ipaddr (tcp/28080/www)


The server supports upgrading HTTP connections to
HTTP/2 cleartext connections.

The server supports direct HTTP/2 connections
without encryption.
130024 (2) - PostgreSQL Client/Server Installed (Linux)
-
Synopsis
One or more PostgreSQL server or client versions are available on the remote Linux host.
Description
One or more PostgreSQL server or client versions have been detected on the remote Linux host.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2019/10/18, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Path : /usr/pgsql-15/bin/postgres (via package manager)
Version : 15.2

ipaddr (tcp/0)


Path : /usr/pgsql-15/bin/psql (via package manager)
Version : 15.2
10150 (1) - Windows NetBIOS / SMB Remote Host Information Disclosure
-
Synopsis
It was possible to obtain the network name of the remote host.
Description
The remote host is listening on UDP port 137 or TCP port 445, and replies to NetBIOS nbtscan or SMB requests.

Note that this plugin gathers information to be used in other plugins, but does not itself generate a report.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 1999/10/12, Modified: 2021/02/10
Plugin Output

ipaddr (tcp/445/cifs)

The following 2 NetBIOS names have been gathered :

masked_hostname = Computer name
masked_hostname = Workgroup / Domain name
10223 (1) - RPC portmapper Service Detection
-
Synopsis
An ONC RPC portmapper is running on the remote host.
Description
The RPC portmapper is running on this port.

The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request.
Solution
n/a
Risk Factor
None
CVSS v3.0 Base Score
0.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N)
CVSS v2.0 Base Score
0.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:N)
References
Plugin Information
Published: 1999/08/19, Modified: 2019/10/04
Plugin Output

ipaddr (udp/111/rpc-portmapper)

10267 (1) - SSH Server Type and Version Information
-
Synopsis
An SSH server is listening on this port.
Description
It is possible to obtain information about the remote SSH server by sending an empty authentication request.
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0933
Plugin Information
Published: 1999/10/12, Modified: 2020/09/22
Plugin Output

ipaddr (tcp/22/ssh)


SSH version : SSH-2.0-OpenSSH_7.4
SSH supported authentication : publickey,gssapi-keyex,gssapi-with-mic,password
10394 (1) - Microsoft Windows SMB Log In Possible
-
Synopsis
It was possible to log into the remote host.
Description
The remote host is running a Microsoft Windows operating system or Samba, a CIFS/SMB server for Unix. It was possible to log into it using one of the following accounts :

- Guest account
- Supplied credentials
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2000/05/09, Modified: 2023/07/25
Plugin Output

ipaddr (tcp/445/cifs)

- Remote users are authenticated as 'Guest'.
- NULL sessions may be enabled on the remote host.
10785 (1) - Microsoft Windows SMB NativeLanManager Remote System Information Disclosure
-
Synopsis
It was possible to obtain information about the remote operating system.
Description
Nessus was able to obtain the remote operating system name and version (Windows and/or Samba) by sending an authentication request to port 139 or 445. Note that this plugin requires SMB to be enabled on the host.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2001/10/17, Modified: 2021/09/20
Plugin Output

ipaddr (tcp/445/cifs)

The remote Operating System is : Windows 6.1
The remote native LAN manager is : Samba 4.10.16
The remote SMB Domain Name is : masked_hostname
10881 (1) - SSH Protocol Versions Supported
-
Synopsis
A SSH server is running on the remote host.
Description
This plugin determines the versions of the SSH protocol supported by the remote SSH daemon.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2002/03/06, Modified: 2021/01/19
Plugin Output

ipaddr (tcp/22/ssh)

The remote SSH daemon supports the following versions of the
SSH protocol :

- 1.99
- 2.0
11936 (1) - OS Identification
-
Synopsis
It is possible to guess the remote operating system.
Description
Using a combination of remote probes (e.g., TCP/IP, SMB, HTTP, NTP, SNMP, etc.), it is possible to guess the name of the remote operating system in use. It is also possible sometimes to guess the version of the operating system.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2003/12/09, Modified: 2023/11/08
Plugin Output

ipaddr (tcp/0)


Remote operating system : Linux Kernel 3.10.0-1160.el7.x86_64 on CentOS Linux release 7.9.2009 (Core)
Confidence level : 100
Method : LinuxDistribution


The remote host is running Linux Kernel 3.10.0-1160.el7.x86_64 on CentOS Linux release 7.9.2009 (Core)
19506 (1) - Nessus Scan Information
-
Synopsis
This plugin displays information about the Nessus scan.
Description
This plugin displays, for each tested host, information about the scan itself :

- The version of the plugin set.
- The type of scanner (Nessus or Nessus Home).
- The version of the Nessus Engine.
- The port scanner(s) used.
- The port range scanned.
- The ping round trip time
- Whether credentialed or third-party patch management checks are possible.
- Whether the display of superseded patches is enabled
- The date of the scan.
- The duration of the scan.
- The number of hosts scanned in parallel.
- The number of checks done in parallel.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2005/08/26, Modified: 2024/03/13
Plugin Output

ipaddr (tcp/0)

Information about this scan :

Nessus version : 10.4.1
Nessus build : 20091
Plugin feed version : 202404150448
Scanner edition used : Nessus
Scanner OS : WINDOWS
Scanner distribution : win-x86-64
Scan type : Normal
Scan name : masked_systemname Pre V6 masked_hostname
Scan policy used : Copy of masked_systemname Pre
Scanner IP : fd01:e2e2:0:e0c0:c1ff:eb68:fcf4:dad5
Port scanner(s) : netstat
Port range : 1-65535
Ping RTT : Unavailable
Thorough tests : no
Experimental tests : no
Plugin debugging enabled : no
Paranoia level : 1
Report verbosity : 2
Safe checks : yes
Optimize the test : yes
Credentialed checks : yes, as 'root' via ssh
Attempt Least Privilege : no
Patch management checks : None
Display superseded patches : yes (supersedence plugin did not launch)
CGI scanning : enabled
Web application tests : disabled
Max hosts : 5
Max checks : 5
Recv timeout : 3
Backports : Detected
Allow post-scan editing : Yes
Nessus Plugin Signature Checking : Enabled
Audit File Signature Checking : Disabled
Scan Start Date : 2024/4/23 12:31 Tokyo Standard Time
Scan duration : 1984 sec
Scan for malware : yes
22869 (1) - Software Enumeration (SSH)
-
Synopsis
It was possible to enumerate installed software on the remote host via SSH.
Description
Nessus was able to list the software installed on the remote host by calling the appropriate command (e.g., 'rpm -qa' on RPM-based Linux distributions, qpkg, dpkg, etc.).
Solution
Remove any software that is not in compliance with your organization's acceptable use and security policies.
Risk Factor
None
References
XREF IAVT:0001-T-0502
Plugin Information
Published: 2006/10/15, Modified: 2022/09/06
Plugin Output

ipaddr (tcp/0)


Here is the list of packages installed on the remote CentOS Linux system :

authconfig-6.2.8-30.el7|(none) 2023年07月18日 14時39分59秒
ssacli-5.30-6.0|(none) 2023年07月18日 16時42分12秒
m2crypto-0.21.1-17.el7|(none) 2023年07月18日 14時38分04秒
ibus-libpinyin-1.6.91-4.el7|(none) 2023年07月18日 14時45分44秒
pcsc-lite-libs-1.8.8-8.el7|(none) 2023年07月18日 14時34分19秒
gupnp-igd-0.2.5-2.el7|(none) 2023年07月18日 14時42分38秒
mobile-broadband-provider-info-1.20170310-1.el7|(none) 2023年07月18日 14時32分27秒
pciutils-3.5.1-3.el7|(none) 2023年07月18日 14時40分12秒
httpd-2.4.57-1a.el7|(none) 2023年07月21日 13時40分57秒
python2-subprocess32-3.2.6-14.el7|(none) 2023年07月18日 14時38分05秒
scap-security-guide-0.1.49-13.el7.centos|(none) 2023年07月18日 14時47分15秒
iptables-1.4.21-35.el7|(none) 2023年07月18日 14時34分21秒
samba-common-tools-4.10.16-5.el7|0 2023年07月18日 14時42分43秒
thai-scalable-fonts-common-0.5.0-7.el7|(none) 2023年07月18日 14時32分31秒
at-spi2-atk-2.26.2-1.el7|(none) 2023年07月18日 14時40分18秒
stax2-api-3.1.1-10.el7|(none) 2023年07月18日 14時38分07秒
xorg-x11-drivers-7.7-6.el7|(none) 2023年07月18日 14時47分23秒
perl-Pod-Usage-1.63-3.el7|(none) 2023年07月18日 14時34分23秒
libdmapsharing-2.9.37-1.el7|(none) 2023年07月18日 14時42分52秒
skkdic-20130104-6.T1435.el7|(none) 2023年07月18日 14時33分08秒
teamd-1.29-3.el7|(none) 2023年07月18日 14時40分24秒
nss-pem-1.0.3-7.el7|(none) 2023年07月18日 14時38分10秒
openssh-server-7.4p1-21.el7|(none) 2023年07月18日 14時47分25秒
perl-Pod-Simple-3.28-4.el7|1 2023年07月18日 14時34分24秒
libwvstreams-4.6.1-12.el7_8|(none) 2023年07月18日 14時42分59秒
zlib-1.2.7-18.el7|(none) 2023年07月18日 14時33分25秒
kexec-tools-2.0.15-51.el7|(none) 2023年07月18日 14時40分32秒
python-pycurl-7.19.0-19.el7|(none) 2023年07月18日 14時38分15秒
rpm-build-4.11.3-45.el7|(none) 2023年07月18日 14時47分31秒
perl-PlRPC-0.2020-14.el7|(none) 2023年07月18日 14時34分44秒
udisks2-2.8.4-1.el7|(none) 2023年07月18日 14時43分05秒
sed-4.2.2-7.el7|(none) 2023年07月18日 14時33分27秒
python-pyblock-0.53-6.el7|(none) 2023年07月18日 14時40分37秒
python-nss-0.16.0-3.el7|(none) 2023年07月18日 14時38分18秒
smartmontools-7.0-2.el7|1 2023年07月18日 14時47分38秒
libXres-1.2.0-1.el7|(none) 2023年07月18日 14時34分52秒
adwaita-cursor-theme-3.28.0-1.el7|(none) 2023年07月18日 14時43分22秒
json-c-0.11-4.el7_0|(none) 2023年07月18日 14時33分29秒
sox-14.4.1-7.el7|(none) 2023年07月18日 14時40分43秒
libfastjson-0.99.4-3.el7|(none) 2023年07月18日 14時38分27秒
man-pages-ja-20130615-6.el7|(none) 2023年07月18日 14時47分49秒
compat-exiv2-026-0.26-2.el7|(none) 2023年07月18日 14時34分54秒
libreport-gtk-2.1.11-53.el7.centos|(none) 2023年07月18日 14時44分11秒
libxkbcommon-0.7.1-3.el7|(none) 2023年07月18日 14時33分31秒
abrt-addon-python-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
libnotify-0.7.7-1.el7|(none) 2023年07月18日 14時38分32秒
libtool-2.4.2-22.el7_3|(none) 2023年07月18日 14時48分08秒
libpaper-1.1.24-9.el7|(none) 2023年07月18日 14時35分11秒
gnome-bluetooth-3.28.2-1.el7|1 2023年07月18日 14時44分22秒
libxcb-1.13-1.el7|(none) 2023年07月18日 14時33分41秒
librsvg2-2.40.20-1.el7|(none) 2023年07月18日 14時41分03秒
rpm-python-4.11.3-45.el7|(none) 2023年07月18日 14時38分34秒
enscript-1.6.6-7.el7|(none) 2023年07月18日 14時48分12秒
libblkid-2.23.2-65.el7|(none) 2023年07月18日 14時36分37秒
grilo-plugins-0.3.7-1.el7|(none) 2023年07月18日 14時44分29秒
libsigc++20-2.10.0-1.el7|(none) 2023年07月18日 14時33分42秒
poppler-glib-0.26.5-43.el7|(none) 2023年07月18日 14時41分07秒
hyphen-2.8.6-5.el7|(none) 2023年07月18日 14時38分39秒
lohit-gujarati-fonts-2.5.3-2.el7|(none) 2023年07月18日 14時48分15秒
gvfs-client-1.36.2-4.el7|(none) 2023年07月18日 14時36分46秒
vino-3.22.0-7.el7|(none) 2023年07月18日 14時44分34秒
bzip2-1.0.6-13.el7|(none) 2023年07月18日 14時33分45秒
si-units-0.6.5-1.el7|(none) 2023年07月18日 14時41分15秒
libsrtp-1.4.4-11.20101004cvs.el7|(none) 2023年07月18日 14時38分42秒
gnu-free-mono-fonts-20120503-8.el7|(none) 2023年07月18日 14時48分27秒
libxml2-python-2.9.1-6.el7.5|(none) 2023年07月18日 14時37分10秒
libwacom-data-0.30-1.el7|(none) 2023年07月18日 14時44分58秒
mesa-libglapi-18.3.4-10.el7|(none) 2023年07月18日 14時33分46秒
joda-convert-1.3-5.el7|(none) 2023年07月18日 14時41分17秒
avahi-libs-0.6.31-20.el7|(none) 2023年07月18日 14時38分54秒
lohit-marathi-fonts-2.5.3-2.el7|(none) 2023年07月18日 14時48分43秒
gdb-7.6.1-120.el7|(none) 2023年07月18日 14時37分31秒
gnome-shell-extension-user-theme-3.28.1-14.el7|(none) 2023年07月18日 14時45分08秒
libical-3.0.3-2.el7|(none) 2023年07月18日 14時33分47秒
pygtk2-libglade-2.24.0-9.el7|(none) 2023年07月18日 14時41分24秒
avahi-glib-0.6.31-20.el7|(none) 2023年07月18日 14時38分56秒
rdate-1.4-25.el7|(none) 2023年07月18日 14時48分52秒
libvirt-gconfig-1.0.0-1.el7|(none) 2023年07月18日 14時37分37秒
libvirt-daemon-driver-storage-mpath-4.5.0-36.el7|(none) 2023年07月18日 14時45分12秒
snappy-1.1.0-3.el7|(none) 2023年07月18日 14時33分52秒
libblockdev-loop-2.18-5.el7|(none) 2023年07月18日 14時41分26秒
device-mapper-event-libs-1.02.170-6.el7|7 2023年07月18日 14時39分01秒
iwl6000g2b-firmware-18.168.6.1-79.el7|(none) 2023年07月18日 14時49分11秒
shim-x64-15-8.el7|(none) 2023年07月18日 14時37分46秒
compat-cheese314-3.14.2-1.el7|(none) 2023年07月18日 14時45分19秒
dosfstools-3.0.20-10.el7|(none) 2023年07月18日 14時33分54秒
espeak-1.47.11-4.el7|(none) 2023年07月18日 14時41分29秒
libgusb-0.2.9-1.el7|(none) 2023年07月18日 14時39分11秒
gnutls-utils-3.3.29-9.el7_6|(none) 2023年07月18日 16時19分43秒
urw-base35-nimbus-mono-ps-fonts-20170801-10.el7|(none) 2023年07月18日 14時37分51秒
file-roller-nautilus-3.28.1-2.el7|(none) 2023年07月18日 14時45分31秒
copy-jdk-configs-3.3-10.el7_5|(none) 2023年07月18日 14時33分56秒
chrony-3.4-1.el7|(none) 2023年07月18日 14時41分33秒
elfutils-0.176-5.el7|(none) 2023年07月18日 14時39分57秒
sssd-krb5-1.16.5-10.el7|(none) 2023年07月18日 16時23分52秒
libgcab1-0.7-4.el7_4|(none) 2023年07月18日 14時37分58秒
gvfs-gphoto2-1.36.2-4.el7|(none) 2023年07月18日 14時45分43秒
grub2-common-2.02-0.86.el7.centos|1 2023年07月18日 14時32分26秒
ibus-kkc-1.5.18-7.el7|(none) 2023年07月18日 14時45分44秒
postgresql15-15.2-1PGDG.rhel7|(none) 2023年07月18日 16時44分19秒
libnl-1.1.4-3.el7|(none) 2023年07月18日 14時34分19秒
liblouis-python-2.5.2-12.el7_4|(none) 2023年07月18日 14時38分04秒
mesa-libEGL-18.3.4-10.el7|(none) 2023年07月18日 14時40分06秒
flatpak-libs-1.0.9-9.el7_7|(none) 2023年07月18日 14時42分39秒
mozilla-filesystem-1.9-11.el7|(none) 2023年07月18日 14時32分28秒
qgnomeplatform-0.3-5.el7|(none) 2023年07月18日 14時47分03秒
mod_auth_gssapi-1.5.1-7.el7|(none) 2023年07月21日 13時40分57秒
mtdev-1.1.5-5.el7|(none) 2023年07月18日 14時34分20秒
python-configobj-4.7.2-7.el7|(none) 2023年07月18日 14時38分06秒
systemtap-devel-4.0-13.el7|(none) 2023年07月18日 14時40分17秒
dleyna-server-0.5.0-3.el7|(none) 2023年07月18日 14時42分44秒
cim-schema-2.33.0-6.el7|(none) 2023年07月18日 14時32分33秒
gutenprint-cups-5.2.9-18.el7|(none) 2023年07月18日 14時47分22秒
perl-Pod-Escapes-1.04-297.el7|1 2023年07月18日 14時34分22秒
pyxattr-0.5.1-5.el7|(none) 2023年07月18日 14時38分07秒
libgphoto2-2.5.15-3.el7|(none) 2023年07月18日 14時40分23秒
libvirt-daemon-driver-interface-4.5.0-36.el7|(none) 2023年07月18日 14時42分54秒
kernel-headers-3.10.0-1160.el7|(none) 2023年07月18日 14時33分09秒
grub2-2.02-0.86.el7.centos|1 2023年07月18日 14時47分25秒
perl-Time-Local-1.2300-2.el7|(none) 2023年07月18日 14時34分24秒
librados2-10.2.5-4.el7|1 2023年07月18日 14時38分11秒
dhcp-common-4.2.5-82.el7.centos|12 2023年07月18日 14時40分32秒
libatasmart-0.19-6.el7|(none) 2023年07月18日 14時43分02秒
libuuid-2.23.2-65.el7|(none) 2023年07月18日 14時33分25秒
spice-streaming-agent-0.2-4.el7|(none) 2023年07月18日 14時47分31秒
perl-Test-Harness-3.28-3.el7|(none) 2023年07月18日 14時34分44秒
mailx-12.5-19.el7|(none) 2023年07月18日 14時38分15秒
lvm2-python-libs-2.02.187-6.el7|7 2023年07月18日 14時40分37秒
tigervnc-license-1.8.0-21.el7|(none) 2023年07月18日 14時43分05秒
sqlite-3.7.17-8.el7_7.1|(none) 2023年07月18日 14時33分27秒
libreport-plugin-mailx-2.1.11-53.el7.centos|(none) 2023年07月18日 14時47分37秒
libXvMC-1.0.10-1.el7|(none) 2023年07月18日 14時34分51秒
dyninst-9.3.1-3.el7|(none) 2023年07月18日 14時38分25秒
cdrdao-1.2.3-20.el7|(none) 2023年07月18日 14時40分42秒
gcr-3.28.0-1.el7|(none) 2023年07月18日 14時43分36秒
which-2.20-7.el7|(none) 2023年07月18日 14時33分29秒
perf-3.10.0-1160.el7|(none) 2023年07月18日 14時47分46秒
dwz-0.11-3.el7|(none) 2023年07月18日 14時34分53秒
openjpeg2-2.3.1-3.el7_7|(none) 2023年07月18日 14時38分28秒
abrt-addon-kerneloops-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
evolution-data-server-langpacks-3.28.5-5.el7|(none) 2023年07月18日 14時44分15秒
lua-5.1.4-15.el7|(none) 2023年07月18日 14時33分32秒
sudo-1.8.23-10.el7|(none) 2023年07月18日 14時48分03秒
liberation-sans-fonts-1.07.2-16.el7|1 2023年07月18日 14時35分05秒
libmediaart-1.9.4-1.el7|(none) 2023年07月18日 14時38分32秒
java-1.7.0-openjdk-1.7.0.261-2.6.22.2.el7_8|1 2023年07月18日 14時41分02秒
colord-gtk-0.1.25-4.el7|(none) 2023年07月18日 14時44分24秒
libXfixes-5.0.3-1.el7|(none) 2023年07月18日 14時33分41秒
tcsh-6.18.01-17.el7|(none) 2023年07月18日 14時48分12秒
python-2.7.5-89.el7|(none) 2023年07月18日 14時36分36秒
yum-3.4.3-168.el7.centos|(none) 2023年07月18日 14時38分35秒
apache-commons-lang-2.6-15.el7|(none) 2023年07月18日 14時41分07秒
anaconda-widgets-21.48.22.159-1.el7.centos|(none) 2023年07月18日 14時44分30秒
libaio-0.3.109-13.el7|(none) 2023年07月18日 14時33分42秒
time-1.7-45.el7|(none) 2023年07月18日 14時48分14秒
pkgconfig-0.27.1-4.el7|1 2023年07月18日 14時36分45秒
opencc-0.4.3-3.el7|(none) 2023年07月18日 14時38分40秒
gstreamer-plugins-bad-free-0.10.23-23.el7|(none) 2023年07月18日 14時41分14秒
gucharmap-libs-10.0.4-1.el7|(none) 2023年07月18日 14時44分42秒
konkretcmpi-0.9.1-5.el7|(none) 2023年07月18日 14時33分45秒
lohit-assamese-fonts-2.5.3-2.el7|(none) 2023年07月18日 14時48分25秒
xorg-x11-xinit-1.3.4-2.el7|(none) 2023年07月18日 14時37分03秒
util-linux-2.23.2-65.el7|(none) 2023年07月18日 14時38分44秒
xorg-x11-drv-nouveau-1.0.15-1.el7|1 2023年07月18日 14時41分16秒
libinput-1.10.7-2.el7|(none) 2023年07月18日 14時44分58秒
boost-system-1.53.0-28.el7|(none) 2023年07月18日 14時33分46秒
google-crosextra-caladea-fonts-1.002-0.4.20130214.el7|(none) 2023年07月18日 14時48分41秒
xfsprogs-4.5.0-22.el7|(none) 2023年07月18日 14時37分29秒
polkit-pkla-compat-0.1-4.el7|(none) 2023年07月18日 14時38分54秒
jline-1.0-8.el7|(none) 2023年07月18日 14時41分23秒
gnome-shell-extension-window-list-3.28.1-14.el7|(none) 2023年07月18日 14時45分08秒
fuse-2.9.2-11.el7|(none) 2023年07月18日 14時33分48秒
doxygen-1.8.5-4.el7|1 2023年07月18日 14時48分51秒
libgee06-0.6.8-3.el7|(none) 2023年07月18日 14時37分37秒
PackageKit-glib-1.1.10-2.el7.centos|(none) 2023年07月18日 14時38分57秒
imsettings-gsettings-1.6.3-11.el7|(none) 2023年07月18日 14時41分26秒
libvirt-daemon-driver-storage-logical-4.5.0-36.el7|(none) 2023年07月18日 14時45分12秒
libtasn1-4.10-1.el7|(none) 2023年07月18日 14時33分53秒
rootfiles-8.1-11.el7|(none) 2023年07月18日 14時49分06秒
mokutil-15-8.el7|(none) 2023年07月18日 14時37分46秒
samba-common-4.10.16-5.el7|0 2023年07月18日 14時39分05秒
libmtp-1.1.14-1.el7|(none) 2023年07月18日 14時41分28秒
gnome-contacts-3.28.2-1.el7|(none) 2023年07月18日 14時45分22秒
libcdio-paranoia-10.2+0.90-11.el7|(none) 2023年07月18日 14時33分55秒
autogen-libopts-5.18-5.el7|(none) 2023年07月18日 16時19分43秒
urw-base35-c059-fonts-20170801-10.el7|(none) 2023年07月18日 14時37分50秒
accountsservice-0.6.50-7.el7|(none) 2023年07月18日 14時39分12秒
python-cups-1.9.63-6.el7|(none) 2023年07月18日 14時41分32秒
gnome-terminal-nautilus-3.28.2-3.el7|(none) 2023年07月18日 14時45分31秒
libiscsi-1.9.0-7.el7|(none) 2023年07月18日 14時33分56秒
sssd-common-pac-1.16.5-10.el7|(none) 2023年07月18日 16時23分52秒
gupnp-av-0.12.10-1.el7|(none) 2023年07月18日 14時37分58秒
libstoragemgmt-python-1.8.1-1.el7|(none) 2023年07月18日 14時39分57秒
libvirt-daemon-4.5.0-36.el7|(none) 2023年07月18日 14時42分33秒
gvfs-archive-1.36.2-4.el7|(none) 2023年07月18日 14時45分43秒
cyrus-sasl-gssapi-2.1.26-23.el7|(none) 2023年07月18日 14時38分03秒
libXfont2-2.0.3-1.el7|(none) 2023年07月18日 14時34分18秒
libsmbclient-4.10.16-5.el7|0 2023年07月18日 14時42分37秒
filesystem-3.2-25.el7|(none) 2023年07月18日 14時32分26秒
libreport-plugin-reportuploader-2.1.11-53.el7.centos|(none) 2023年07月18日 14時40分05秒
httpd-tools-2.4.57-1a.el7|(none) 2023年07月21日 13時40分56秒
PackageKit-gtk3-module-1.1.10-2.el7.centos|(none) 2023年07月18日 14時45分47秒
python-schedutils-0.4-6.el7|(none) 2023年07月18日 14時38分05秒
hostname-3.13-3.el7_7.1|(none) 2023年07月18日 14時34分20秒
gstreamer1-plugins-good-1.10.4-2.el7|(none) 2023年07月18日 14時42分41秒
langtable-0.0.31-4.el7|(none) 2023年07月18日 14時32分29秒
NetworkManager-wifi-1.18.8-1.el7|1 2023年07月18日 14時40分15秒
samba-4.10.16-5.el7|0 2023年07月18日 14時47分16秒
python-lxml-3.2.1-4.el7|(none) 2023年07月18日 14時38分07秒
xorg-x11-xauth-1.0.9-1.el7|1 2023年07月18日 14時34分22秒
libmusicbrainz5-5.0.1-9.el7|(none) 2023年07月18日 14時42分45秒
perl-srpm-macros-1-8.el7|(none) 2023年07月18日 14時32分34秒
grub2-tools-extra-2.02-0.86.el7.centos|1 2023年07月18日 14時40分22秒
MFEcma-5.8.0-161|(none) 2024年01月12日 19時44分13秒
latencytop-0.5-13.el7|(none) 2023年07月18日 14時47分24秒
libXft-2.3.2-2.el7|(none) 2023年07月18日 14時38分08秒
perl-Carp-1.26-244.el7|(none) 2023年07月18日 14時34分23秒
libvirt-daemon-driver-nodedev-4.5.0-36.el7|(none) 2023年07月18日 14時42分54秒
glibc-common-2.17-317.el7|(none) 2023年07月18日 14時33分19秒
systemtap-client-4.0-13.el7|(none) 2023年07月18日 14時40分31秒
NetworkManager-tui-1.18.8-1.el7|1 2023年07月18日 14時47分28秒
rpm-4.11.3-45.el7|(none) 2023年07月18日 14時38分14秒
perl-Error-0.17020-2.el7|1 2023年07月18日 14時34分32秒
device-mapper-multipath-libs-0.4.9-133.el7|(none) 2023年07月18日 14時43分03秒
bzip2-libs-1.0.6-13.el7|(none) 2023年07月18日 14時33分25秒
open-vm-tools-11.0.5-3.el7|(none) 2023年07月18日 14時40分37秒
rasdaemon-0.4.1-37.el7|(none) 2023年07月18日 14時47分32秒
net-snmp-agent-libs-5.7.2-49.el7|1 2023年07月18日 14時38分16秒
hunspell-en-GB-0.20121024-6.el7|(none) 2023年07月18日 14時34分46秒
firewalld-filesystem-0.6.3-11.el7|(none) 2023年07月18日 14時43分06秒
libgcrypt-1.5.3-14.el7|(none) 2023年07月18日 14時33分28秒
numad-0.5-18.20150602git.el7|(none) 2023年07月18日 14時40分38秒
microcode_ctl-2.1-73.el7|2 2023年07月18日 14時47分41秒
harfbuzz-1.7.5-2.el7|(none) 2023年07月18日 14時38分27秒
xcb-util-wm-0.4.1-5.el7|(none) 2023年07月18日 14時34分52秒
ibus-setup-1.5.17-11.el7|(none) 2023年07月18日 14時43分36秒
libacl-2.2.51-15.el7|(none) 2023年07月18日 14時33分30秒
abrt-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
tcpdump-4.9.2-4.el7_7.1|14 2023年07月18日 14時47分51秒
systemtap-runtime-4.0-13.el7|(none) 2023年07月18日 14時38分31秒
mtools-4.0.18-5.el7|(none) 2023年07月18日 14時34分59秒
evince-libs-3.28.2-10.el7|(none) 2023年07月18日 14時44分16秒
tcp_wrappers-libs-7.6-77.el7|(none) 2023年07月18日 14時33分33秒
cairo-gobject-1.15.12-4.el7|(none) 2023年07月18日 14時40分58秒
mtr-0.85-7.el7|2 2023年07月18日 14時48分09秒
libsss_nss_idmap-1.16.5-10.el7|(none) 2023年07月18日 14時38分33秒
linux-firmware-20200421-79.git78c0348.el7|(none) 2023年07月18日 14時36分24秒
gtk-vnc2-0.7.0-3.el7|(none) 2023年07月18日 14時44分25秒
libXcomposite-0.4.4-4.1.el7|(none) 2023年07月18日 14時33分41秒
pygtk2-2.24.0-9.el7|(none) 2023年07月18日 14時41分07秒
rcs-5.9.0-7.el7|(none) 2023年07月18日 14時48分13秒
gavl-1.4.0-4.el7|(none) 2023年07月18日 14時38分39秒
glib2-2.56.1-7.el7|(none) 2023年07月18日 14時36分44秒
gvfs-fuse-1.36.2-4.el7|(none) 2023年07月18日 14時44分31秒
tar-1.26-35.el7|2 2023年07月18日 14時33分43秒
xalan-j2-2.7.1-23.el7|0 2023年07月18日 14時41分13秒
khmeros-base-fonts-5.0-17.el7|(none) 2023年07月18日 14時48分21秒
libsysfs-2.1.0-16.el7|(none) 2023年07月18日 14時38分41秒
libcroco-0.6.12-4.el7|(none) 2023年07月18日 14時36分47秒
libtimezonemap-0.4.4-1.el7|(none) 2023年07月18日 14時44分47秒
pciutils-libs-3.5.1-3.el7|(none) 2023年07月18日 14時33分45秒
xorg-x11-drv-vmmouse-13.1.0-1.el7.1|(none) 2023年07月18日 14時41分16秒
sil-nuosu-fonts-2.1.1-5.el7|(none) 2023年07月18日 14時48分33秒
elfutils-libs-0.176-5.el7|(none) 2023年07月18日 14時38分45秒
xdg-utils-1.1.0-0.17.20120809git.el7|(none) 2023年07月18日 14時37分25秒
clutter-gst3-3.0.26-1.el7|(none) 2023年07月18日 14時45分00秒
libraw1394-2.1.0-2.el7|(none) 2023年07月18日 14時33分47秒
avalon-framework-4.3-10.el7|0 2023年07月18日 14時41分22秒
cscope-15.8-10.el7|(none) 2023年07月18日 14時48分44秒
libreport-2.1.11-53.el7.centos|(none) 2023年07月18日 14時38分55秒
pam-1.1.8-23.el7|(none) 2023年07月18日 14時37分35秒
gnome-shell-extension-top-icons-3.28.1-14.el7|(none) 2023年07月18日 14時45分08秒
xml-common-0.6.3-39.el7|(none) 2023年07月18日 14時33分49秒
xorg-x11-drv-vmware-13.2.1-1.el7.1|(none) 2023年07月18日 14時41分26秒
gnome-getting-started-docs-3.28.2-1.el7|(none) 2023年07月18日 14時49分04秒
libpciaccess-0.14-1.el7|(none) 2023年07月18日 14時39分00秒
langtable-python-0.0.31-4.el7|(none) 2023年07月18日 14時37分45秒
libvirt-daemon-driver-qemu-4.5.0-36.el7|(none) 2023年07月18日 14時45分13秒
lm_sensors-libs-3.4.0-8.20160601gitf9185e5.el7|(none) 2023年07月18日 14時33分53秒
fprintd-0.8.1-2.el7|(none) 2023年07月18日 14時41分28秒
iwl6050-firmware-41.28.5.1-79.el7|(none) 2023年07月18日 14時49分16秒
grub2-tools-minimal-2.02-0.86.el7.centos|1 2023年07月18日 14時39分07秒
python-pwquality-1.2.3-5.el7|(none) 2023年07月18日 14時37分48秒
gnome-session-xsession-3.28.1-8.el7|(none) 2023年07月18日 14時45分22秒
libiec61883-1.2.0-10.el7|(none) 2023年07月18日 14時33分55秒
cups-client-1.6.3-51.el7|1 2023年07月18日 14時41分31秒
python-sssdconfig-1.16.5-10.el7|(none) 2023年07月18日 16時23分51秒
cronie-anacron-1.4.11-23.el7|(none) 2023年07月18日 14時39分44秒
urw-base35-fonts-20170801-10.el7|(none) 2023年07月18日 14時37分57秒
gedit-3.28.1-3.el7|2 2023年07月18日 14時45分33秒
exempi-2.2.0-9.el7|(none) 2023年07月18日 14時33分57秒
trousers-0.3.14-2.el7|(none) 2023年07月18日 14時42分27秒
python3-setuptools-39.2.0-10.el7|(none) 2023年07月18日 16時26分42秒
cyrus-sasl-plain-2.1.26-23.el7|(none) 2023年07月18日 14時38分03秒
libsoup-2.62.2-2.el7|(none) 2023年07月18日 14時42分37秒
lvm2-2.02.187-6.el7|7 2023年07月18日 14時40分05秒
liberation-fonts-common-1.07.2-16.el7|1 2023年07月18日 14時32分26秒
seahorse-3.20.0-1.el7|(none) 2023年07月18日 14時45分46秒
sg3_utils-libs-1.37-19.el7|1 2023年07月18日 14時34分19秒
mailcap-2.1.41-2.el7|(none) 2023年07月21日 13時40分56秒
python-linux-procfs-0.4.11-4.el7|(none) 2023年07月18日 14時38分05秒
upower-0.99.7-1.el7|(none) 2023年07月18日 14時42分41秒
rpcbind-0.2.0-49.el7|(none) 2023年07月18日 14時40分12秒
libreport-filesystem-2.1.11-53.el7.centos|(none) 2023年07月18日 14時32分30秒
alsa-plugins-pulseaudio-1.1.6-1.el7|(none) 2023年07月18日 14時47分15秒
sg3_utils-1.37-19.el7|1 2023年07月18日 14時34分22秒
tagsoup-1.2.1-8.el7|0 2023年07月18日 14時38分07秒
telepathy-gabble-0.18.1-4.el7|(none) 2023年07月18日 14時42分46秒
qemu-img-1.5.3-175.el7|10 2023年07月18日 14時40分20秒
pcp-conf-4.3.2-12.el7|(none) 2023年07月18日 14時32分36秒
icedtea-web-1.7.1-2.el7_6|(none) 2023年07月18日 14時47分24秒
perl-Scalar-List-Utils-1.27-248.el7|(none) 2023年07月18日 14時34分23秒
ldns-1.6.16-10.el7|(none) 2023年07月18日 14時38分09秒
alsa-utils-1.1.8-2.el7|(none) 2023年07月18日 14時42分56秒
perl-Git-1.8.3.1-23.el7_8|(none) 2023年07月18日 14時40分24秒
ncurses-libs-5.9-14.20130511.el7_4|(none) 2023年07月18日 14時33分23秒
grub2-efi-x64-2.02-0.86.el7.centos|1 2023年07月18日 14時47分27秒
perl-5.16.3-297.el7|4 2023年07月18日 14時34分30秒
libuser-0.60-9.el7|(none) 2023年07月18日 14時38分15秒
fcoe-utils-1.0.32-2.el7_6|(none) 2023年07月18日 14時43分04秒
python-firewall-0.6.3-11.el7|(none) 2023年07月18日 14時40分36秒
libxml2-2.9.1-6.el7.5|(none) 2023年07月18日 14時33分26秒
avahi-0.6.31-20.el7|(none) 2023年07月18日 14時47分32秒
xcb-util-image-0.4.0-2.el7|(none) 2023年07月18日 14時34分45秒
GeoIP-1.5.0-14.el7|(none) 2023年07月18日 14時38分17秒
anaconda-core-21.48.22.159-1.el7.centos|(none) 2023年07月18日 14時43分07秒
hypervkvpd-0-0.34.20180415git.el7|(none) 2023年07月18日 14時40分38秒
libogg-1.3.0-7.el7|2 2023年07月18日 14時33分28秒
rsyslog-8.24.0-55.el7|(none) 2023年07月18日 14時47分39秒
libXpm-3.5.12-1.el7|(none) 2023年07月18日 14時34分52秒
ncompress-4.2.4.4-3.1.el7_8|(none) 2023年07月18日 14時38分27秒
gvfs-1.36.2-4.el7|(none) 2023年07月18日 14時43分39秒
selinux-policy-targeted-3.13.1-268.el7|(none) 2023年07月18日 14時40分49秒
libffi-3.0.13-19.el7|(none) 2023年07月18日 14時33分30秒
rpm-sign-4.11.3-45.el7|(none) 2023年07月18日 14時47分50秒
ttmkfdir-3.0.9-42.el7|(none) 2023年07月18日 14時34分54秒
jbigkit-libs-2.0-11.el7|(none) 2023年07月18日 14時38分31秒
libgnomekbd-3.26.0-3.el7|(none) 2023年07月18日 14時44分17秒
mesa-libGL-18.3.4-10.el7|(none) 2023年07月18日 14時40分58秒
libtool-ltdl-2.4.2-22.el7_3|(none) 2023年07月18日 14時33分34秒
gnome-icon-theme-extras-3.12.0-1.el7|(none) 2023年07月18日 14時48分09秒
liberation-mono-fonts-1.07.2-16.el7|1 2023年07月18日 14時35分16秒
gnupg2-2.0.22-5.el7_5|(none) 2023年07月18日 14時38分34秒
gnome-abrt-0.3.4-9.el7|(none) 2023年07月18日 14時44分25秒
spice-glib-0.35-5.el7|(none) 2023年07月18日 14時41分06秒
libXtst-1.2.3-1.el7|(none) 2023年07月18日 14時33分41秒
bison-3.0.4-2.el7|(none) 2023年07月18日 14時48分13秒
gzip-1.5-10.el7|(none) 2023年07月18日 14時36分38秒
bridge-utils-1.5-9.el7|(none) 2023年07月18日 14時38分39秒
metacity-2.34.13-7.el7|(none) 2023年07月18日 14時44分32秒
python2-pyatspi-2.26.0-3.el7|(none) 2023年07月18日 14時41分11秒
diffutils-3.3-5.el7|(none) 2023年07月18日 14時33分44秒
paratype-pt-sans-fonts-20101909-3.el7|(none) 2023年07月18日 14時48分21秒
totem-pl-parser-3.26.1-1.el7|(none) 2023年07月18日 14時36分47秒
man-db-2.6.3-11.el7|(none) 2023年07月18日 14時38分42秒
gnome-themes-standard-3.28-2.el7|(none) 2023年07月18日 14時44分50秒
xorg-x11-drv-synaptics-1.9.0-2.el7|(none) 2023年07月18日 14時41分16秒
libexif-0.6.22-1.el7|(none) 2023年07月18日 14時33分45秒
lohit-kannada-fonts-2.5.3-3.el7|(none) 2023年07月18日 14時48分28秒
genisoimage-1.1.11-25.el7|(none) 2023年07月18日 14時37分11秒
systemd-219-78.el7|(none) 2023年07月18日 14時38分52秒
libchamplain-0.12.16-2.el7|(none) 2023年07月18日 14時45分04秒
log4j-1.2.17-16.el7_4|0 2023年07月18日 14時41分21秒
libepoxy-1.5.2-1.el7|(none) 2023年07月18日 14時33分47秒
liberation-serif-fonts-1.07.2-16.el7|1 2023年07月18日 14時48分43秒
mariadb-libs-5.5.68-1.el7|1 2023年07月18日 14時37分32秒
telepathy-glib-0.24.1-1.el7|(none) 2023年07月18日 14時38分56秒
totem-3.26.2-1.el7|1 2023年07月18日 14時45分11秒
plymouth-theme-charge-0.8.9-0.34.20140113.el7.centos|(none) 2023年07月18日 14時41分25秒
unzip-6.0-21.el7|(none) 2023年07月18日 14時33分51秒
ctags-5.8-13.el7|(none) 2023年07月18日 14時48分52秒
glusterfs-client-xlators-6.0-37.el7|(none) 2023年07月18日 14時37分45秒
libreport-web-2.1.11-53.el7.centos|(none) 2023年07月18日 14時39分01秒
targetd-0.8.6-1.el7|(none) 2023年07月18日 14時45分14秒
setroubleshoot-server-3.2.30-8.el7|(none) 2023年07月18日 14時41分28秒
libieee1284-0.2.11-15.el7|(none) 2023年07月18日 14時33分54秒
iwl135-firmware-18.168.6.1-79.el7|(none) 2023年07月18日 14時49分11秒
libXau-devel-1.0.8-2.1.el7|(none) 2023年07月18日 14時37分47秒
pyparted-3.9-15.el7|1 2023年07月18日 14時39分10秒
gnome-clocks-3.28.0-1.el7|(none) 2023年07月18日 14時45分25秒
cups-filters-libs-1.0.35-28.el7|(none) 2023年07月18日 14時41分31秒
libdvdnav-5.0.3-1.el7|(none) 2023年07月18日 14時33分55秒
libsss_certmap-1.16.5-10.el7|(none) 2023年07月18日 16時23分51秒
urw-base35-standard-symbols-ps-fonts-20170801-10.el7|(none) 2023年07月18日 14時37分54秒
iscsi-initiator-utils-iscsiuio-6.2.0.874-19.el7|(none) 2023年07月18日 14時39分44秒
gnome-color-manager-3.28.0-1.el7|(none) 2023年07月18日 14時45分35秒
qemu-kvm-common-1.5.3-175.el7|10 2023年07月18日 14時42分26秒
gdisk-0.8.10-3.el7|(none) 2023年07月18日 14時33分57秒
sssd-1.16.5-10.el7|(none) 2023年07月18日 16時23分52秒
grubby-8.28-26.el7|(none) 2023年07月18日 14時37分59秒
samba-common-libs-4.10.16-5.el7|0 2023年07月18日 14時42分33秒
cyrus-sasl-md5-2.1.26-23.el7|(none) 2023年07月18日 14時38分03秒
postgresql15-server-15.2-1PGDG.rhel7|(none) 2023年07月18日 16時44分20秒
soundtouch-1.4.0-9.el7|(none) 2023年07月18日 14時34分19秒
firewall-config-0.6.3-11.el7|(none) 2023年07月18日 14時45分46秒
dejavu-fonts-common-2.33-6.el7|(none) 2023年07月18日 14時32分27秒
libglvnd-egl-1.0.1-0.8.git5baa1e5.el7|1 2023年07月18日 14時40分05秒
xdg-desktop-portal-1.0.2-1.el7|(none) 2023年07月18日 14時42分39秒
python-di-0.3-2.el7|(none) 2023年07月18日 14時38分05秒
centos-logos-85.8-2.el7|(none) 2023年07月21日 13時40分57秒
sysvinit-tools-2.88-14.dsf.el7|(none) 2023年07月18日 14時34分20秒
cockpit-195.10-1.el7.centos|(none) 2023年07月18日 14時47分15秒
basesystem-10.0-7.el7.centos|(none) 2023年07月18日 14時32分30秒
festival-speechtools-libs-1.2.96-28.el7|(none) 2023年07月18日 14時40分15秒
telepathy-farstream-0.6.0-5.el7|(none) 2023年07月18日 14時42分44秒
javapackages-tools-3.4.1-11.el7|(none) 2023年07月18日 14時38分07秒
McAfeeRt-10.7.16-843|(none) 2024年01月12日 19時43分55秒
perl-podlators-2.5.1-3.el7|(none) 2023年07月18日 14時34分22秒
parfait-0.5.4-2.el7|(none) 2023年07月18日 14時47分24秒
appstream-data-7-20180614.el7|(none) 2023年07月18日 14時32分42秒
lockdev-1.0.4-0.13.20111007git.el7|(none) 2023年07月18日 14時40分22秒
libvirt-daemon-driver-secret-4.5.0-36.el7|(none) 2023年07月18日 14時42分54秒
nmap-ncat-6.40-19.el7|2 2023年07月18日 14時38分09秒
perl-libs-5.16.3-297.el7|4 2023年07月18日 14時34分24秒
glusterfs-fuse-6.0-37.el7|(none) 2023年07月18日 14時47分27秒
nss-util-3.44.0-4.el7_7|(none) 2023年07月18日 14時33分24秒
libblockdev-nvdimm-2.18-5.el7|(none) 2023年07月18日 14時40分32秒
libwinpr-2.1.1-2.el7|(none) 2023年07月18日 14時43分03秒
xmlrpc-c-client-1.32.5-1905.svn2451.el7|(none) 2023年07月18日 14時38分14秒
perl-XML-Parser-2.41-10.el7|(none) 2023年07月18日 14時34分44秒
spice-vdagent-0.14.0-18.el7|(none) 2023年07月18日 14時47分32秒
popt-1.13-16.el7|(none) 2023年07月18日 14時33分26秒
libreport-rhel-anaconda-bugzilla-2.1.11-53.el7.centos|(none) 2023年07月18日 14時40分37秒
tigervnc-server-minimal-1.8.0-21.el7|(none) 2023年07月18日 14時43分06秒
geoipupdate-2.5.0-1.el7|(none) 2023年07月18日 14時38分16秒
cpp-4.8.5-44.el7|(none) 2023年07月18日 14時34分51秒
qemu-guest-agent-2.12.0-3.el7|10 2023年07月18日 14時47分39秒
libSM-1.2.2-2.el7|(none) 2023年07月18日 14時33分28秒
libcgroup-tools-0.41-21.el7|(none) 2023年07月18日 14時40分41秒
libcanberra-gtk3-0.30-9.el7|(none) 2023年07月18日 14時43分36秒
gpm-libs-1.20.7-6.el7|(none) 2023年07月18日 14時38分27秒
libdb-utils-5.3.21-25.el7|(none) 2023年07月18日 14時34分53秒
sssd-client-1.16.5-10.el7|(none) 2023年07月18日 14時47分50秒
libwayland-server-1.15.0-1.el7|(none) 2023年07月18日 14時33分31秒
abrt-python-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
evolution-data-server-3.28.5-5.el7|(none) 2023年07月18日 14時44分16秒
libasyncns-0.8-7.el7|(none) 2023年07月18日 14時38分31秒
abattis-cantarell-fonts-0.0.25-1.el7|(none) 2023年07月18日 14時35分05秒
gnome-icon-theme-symbolic-3.12.0-2.el7|(none) 2023年07月18日 14時48分09秒
cpio-2.11-28.el7|(none) 2023年07月18日 14時33分35秒
gtk2-2.24.31-1.el7|(none) 2023年07月18日 14時41分02秒
gtkmm30-3.22.2-1.el7|(none) 2023年07月18日 14時44分24秒
pth-2.0.7-23.el7|(none) 2023年07月18日 14時38分33秒
python-libs-2.7.5-89.el7|(none) 2023年07月18日 14時36分36秒
flex-2.5.37-6.el7|(none) 2023年07月18日 14時48分13秒
libXcursor-1.1.15-1.el7|(none) 2023年07月18日 14時33分41秒
geronimo-jms-1.1.1-19.el7|(none) 2023年07月18日 14時41分07秒
yelp-libs-3.28.1-1.el7|2 2023年07月18日 14時44分30秒
gnome-video-effects-0.4.3-1.el7|(none) 2023年07月18日 14時38分39秒
gobject-introspection-1.56.1-1.el7|(none) 2023年07月18日 14時36分45秒
dejavu-sans-mono-fonts-2.33-6.el7|(none) 2023年07月18日 14時48分21秒
dmidecode-3.2-5.el7|1 2023年07月18日 14時33分44秒
objectweb-asm-3.3.1-9.el7|0 2023年07月18日 14時41分14秒
avahi-ui-gtk3-0.6.31-20.el7|(none) 2023年07月18日 14時44分43秒
libpipeline-1.2.3-3.el7|(none) 2023年07月18日 14時38分41秒
openssl-1.0.2k-19.el7|1 2023年07月18日 14時37分03秒
nhn-nanum-gothic-fonts-3.020-9.el7|(none) 2023年07月18日 14時48分33秒
xorg-x11-xkb-utils-7.7-14.el7|(none) 2023年07月18日 14時33分46秒
xorg-x11-drv-qxl-0.1.5-5.el7|(none) 2023年07月18日 14時41分16秒
clutter-1.26.2-2.el7|(none) 2023年07月18日 14時45分00秒
dbus-libs-1.10.24-15.el7|1 2023年07月18日 14時38分45秒
e2fsprogs-1.42.9-19.el7|(none) 2023年07月18日 14時37分28秒
lohit-punjabi-fonts-2.5.3-2.el7|(none) 2023年07月18日 14時48分44秒
libXxf86vm-1.1.4-1.el7|(none) 2023年07月18日 14時33分47秒
apache-commons-io-2.4-12.el7|1 2023年07月18日 14時41分22秒
gnome-shell-extension-places-menu-3.28.1-14.el7|(none) 2023年07月18日 14時45分08秒
systemd-sysv-219-78.el7|(none) 2023年07月18日 14時38分55秒
imsettings-libs-1.6.3-11.el7|(none) 2023年07月18日 14時37分37秒
setserial-2.17-33.el7|(none) 2023年07月18日 14時48分52秒
m4-1.4.16-10.el7|(none) 2023年07月18日 14時33分51秒
libosinfo-1.1.0-5.el7|(none) 2023年07月18日 14時41分26秒
libvirt-daemon-driver-storage-rbd-4.5.0-36.el7|(none) 2023年07月18日 14時45分12秒
mesa-libgbm-18.3.4-10.el7|(none) 2023年07月18日 14時39分01秒
openslp-2.0.0-8.el7_7|1 2023年07月18日 14時37分45秒
iwl2030-firmware-18.168.6.1-79.el7|(none) 2023年07月18日 14時49分12秒
cdparanoia-libs-10.2-17.el7|(none) 2023年07月18日 14時33分54秒
usb_modeswitch-2.5.1-1.el7|(none) 2023年07月18日 14時41分28秒
sushi-3.28.3-1.el7|(none) 2023年07月18日 14時45分22秒
java-1.7.0-openjdk-headless-1.7.0.261-2.6.22.2.el7_8|1 2023年07月18日 14時39分10秒
urw-base35-gothic-fonts-20170801-10.el7|(none) 2023年07月18日 14時37分49秒
libkadm5-1.15.1-50.el7|(none) 2023年07月18日 16時23分51秒
keyutils-1.5.8-3.el7|(none) 2023年07月18日 14時33分55秒
cups-1.6.3-51.el7|1 2023年07月18日 14時41分32秒
gnome-packagekit-3.28.0-1.el7|(none) 2023年07月18日 14時45分31秒
crontabs-1.11-6.20121102git.el7|(none) 2023年07月18日 14時39分44秒
gom-0.4-1.el7|(none) 2023年07月18日 14時37分58秒
krb5-workstation-1.15.1-50.el7|(none) 2023年07月18日 16時23分53秒
daxctl-libs-65-5.el7|(none) 2023年07月18日 14時33分57秒
libvirt-libs-4.5.0-36.el7|(none) 2023年07月18日 14時42分33秒
gvfs-afc-1.36.2-4.el7|(none) 2023年07月18日 14時45分43秒
ilorest-3.6.0.0-45|(none) 2023年07月18日 16時42分11秒
tog-pegasus-2.14.1-8.el7|2 2023年07月18日 14時40分01秒
libvirt-daemon-driver-network-4.5.0-36.el7|(none) 2023年07月18日 14時42分37秒
libedit-3.0-12.20121213cvs.el7|(none) 2023年07月18日 14時34分19秒
python-backports-1.0-8.el7|(none) 2023年07月18日 14時38分04秒
urw-base35-fonts-common-20170801-10.el7|(none) 2023年07月18日 14時32分26秒
gnome-disk-utility-3.28.3-1.el7|(none) 2023年07月18日 14時45分45秒
libreport-plugin-rhtsupport-2.1.11-53.el7.centos|(none) 2023年07月18日 14時40分05秒
gupnp-1.0.2-5.el7|(none) 2023年07月18日 14時42分38秒
libdaemon-0.14-7.el7|(none) 2023年07月18日 14時34分19秒
python-setuptools-0.9.8-7.el7|(none) 2023年07月18日 14時38分05秒
tzdata-2020a-1.el7|(none) 2023年07月18日 14時32分27秒
mousetweaks-3.12.0-1.el7|(none) 2023年07月18日 14時45分47秒
rdma-core-22.4-5.el7|(none) 2023年07月18日 14時40分12秒
neon-0.30.0-4.el7|(none) 2023年07月18日 14時42分41秒
libnfnetlink-1.0.1-4.el7|(none) 2023年07月18日 14時34分20秒
pyldb-1.5.4-1.el7|(none) 2023年07月18日 14時38分05秒
langtable-data-0.0.31-4.el7|(none) 2023年07月18日 14時32分30秒
wvdial-1.61-9.el7|(none) 2023年07月18日 14時47分15秒
NetworkManager-1.18.8-1.el7|1 2023年07月18日 14時40分14秒
gvnc-0.7.0-3.el7|(none) 2023年07月18日 14時42分43秒
iproute-4.11.0-30.el7|(none) 2023年07月18日 14時34分21秒
python-setproctitle-1.1.6-5.el7|(none) 2023年07月18日 14時38分06秒
smc-fonts-common-6.0-7.el7|(none) 2023年07月18日 14時32分31秒
cifs-utils-6.2-10.el7|(none) 2023年07月18日 14時47分17秒
rsync-3.1.2-10.el7|(none) 2023年07月18日 14時40分18秒
subversion-libs-1.7.14-16.el7|(none) 2023年07月18日 14時42分45秒
perl-parent-0.225-244.el7|1 2023年07月18日 14時34分22秒
bea-stax-api-1.2.0-9.el7|(none) 2023年07月18日 14時38分07秒
libkkc-common-0.3.1-9.el7|(none) 2023年07月18日 14時32分34秒
plymouth-system-theme-0.8.9-0.34.20140113.el7.centos|(none) 2023年07月18日 14時47分23秒
grub2-tools-2.02-0.86.el7.centos|1 2023年07月18日 14時40分21秒
telepathy-haze-0.8.0-1.el7|(none) 2023年07月18日 14時42分52秒
perl-macros-5.16.3-297.el7|4 2023年07月18日 14時34分23秒
python-chardet-2.2.1-3.el7|(none) 2023年07月18日 14時38分08秒
poppler-data-0.4.6-3.el7|(none) 2023年07月18日 14時32分59秒
ModemManager-1.6.10-4.el7|(none) 2023年07月18日 14時47分24秒
dhcp-libs-4.2.5-82.el7.centos|12 2023年07月18日 14時40分24秒
libvirt-glib-1.0.0-1.el7|(none) 2023年07月18日 14時42分54秒
perl-File-Path-2.09-2.el7|(none) 2023年07月18日 14時34分24秒
sound-theme-freedesktop-0.8-3.el7|(none) 2023年07月18日 14時38分09秒
glibc-2.17-317.el7|(none) 2023年07月18日 14時33分22秒
setuptool-1.19.11-8.el7|(none) 2023年07月18日 14時47分25秒
gettext-devel-0.19.8.1-3.el7|(none) 2023年07月18日 14時40分28秒
libgnome-keyring-3.12.0-1.el7|(none) 2023年07月18日 14時42分58秒
perl-Getopt-Long-2.40-3.el7|(none) 2023年07月18日 14時34分24秒
libcurl-7.29.0-59.el7|(none) 2023年07月18日 14時38分13秒
libselinux-2.5-15.el7|(none) 2023年07月18日 14時33分25秒
openlmi-service-0.5.0-4.el7|(none) 2023年07月18日 14時47分28秒
NetworkManager-team-1.18.8-1.el7|1 2023年07月18日 14時40分32秒
device-mapper-multipath-0.4.9-133.el7|(none) 2023年07月18日 14時43分03秒
perl-Net-Daemon-0.48-5.el7|(none) 2023年07月18日 14時34分44秒
deltarpm-3.6-3.el7|(none) 2023年07月18日 14時38分15秒
freetype-2.8-14.el7|(none) 2023年07月18日 14時33分25秒
mlocate-0.26-8.el7|(none) 2023年07月18日 14時47分31秒
librdmacm-22.4-5.el7|(none) 2023年07月18日 14時40分36秒
libblockdev-crypto-2.18-5.el7|(none) 2023年07月18日 14時43分04秒
perl-DBI-1.627-4.el7|(none) 2023年07月18日 14時34分45秒
libnfsidmap-0.25-19.el7|(none) 2023年07月18日 14時38分15秒
grep-2.20-3.el7|(none) 2023年07月18日 14時33分27秒
PackageKit-gstreamer-plugin-1.1.10-2.el7.centos|(none) 2023年07月18日 14時47分33秒
openlmi-logicalfile-0.5.0-4.el7|(none) 2023年07月18日 14時40分37秒
firewalld-0.6.3-11.el7|(none) 2023年07月18日 14時43分06秒
fftw-libs-double-3.3.3-8.el7|(none) 2023年07月18日 14時34分47秒
bind-libs-9.11.4-26.P2.el7|32 2023年07月18日 14時38分18秒
libICE-1.0.9-9.el7|(none) 2023年07月18日 14時33分28秒
biosdevname-0.7.3-2.el7|(none) 2023年07月18日 14時47分39秒
cyrus-sasl-2.1.26-23.el7|(none) 2023年07月18日 14時40分38秒
yelp-xsl-3.28.0-1.el7|(none) 2023年07月18日 14時43分21秒
libdmx-1.1.3-3.el7|(none) 2023年07月18日 14時34分52秒
webrtc-audio-processing-0.3-1.el7|(none) 2023年07月18日 14時38分27秒
libtdb-1.3.18-1.el7|(none) 2023年07月18日 14時33分29秒
powertop-2.9-1.el7|(none) 2023年07月18日 14時47分44秒
festival-freebsoft-utils-0.10-7.el7|(none) 2023年07月18日 14時40分43秒
ibus-1.5.17-11.el7|(none) 2023年07月18日 14時43分39秒
tcp_wrappers-7.6-77.el7|(none) 2023年07月18日 14時34分52秒
theora-tools-1.1.1-8.el7|1 2023年07月18日 14時38分27秒
libcap-2.22-11.el7|(none) 2023年07月18日 14時33分30秒
iprutils-2.4.17.1-3.el7|(none) 2023年07月18日 14時47分50秒
libreport-plugin-ureport-2.1.11-53.el7.centos|(none) 2023年07月18日 14時40分56秒
libnma-1.8.6-2.el7|(none) 2023年07月18日 14時44分11秒
isomd5sum-1.0.10-5.el7|1 2023年07月18日 14時34分54秒
shadow-utils-4.6-5.el7|2 2023年07月18日 14時38分29秒
libtar-1.2.11-29.el7|(none) 2023年07月18日 14時33分31秒
gcc-c++-4.8.5-44.el7|(none) 2023年07月18日 14時48分02秒
abrt-addon-xorg-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
gtksourceview3-3.24.8-2.el7|(none) 2023年07月18日 14時44分17秒
mozjs52-52.9.0-1.el7|(none) 2023年07月18日 14時35分05秒
gdk-pixbuf2-2.36.12-3.el7|(none) 2023年07月18日 14時38分32秒
libtevent-0.9.39-1.el7|(none) 2023年07月18日 14時33分33秒
xfsdump-3.1.7-1.el7|(none) 2023年07月18日 14時48分08秒
pango-1.42.4-4.el7_7|(none) 2023年07月18日 14時40分58秒
gnome-bluetooth-libs-3.28.2-1.el7|1 2023年07月18日 14時44分22秒
redhat-menus-12.0.2-8.el7|(none) 2023年07月18日 14時35分11秒
kernel-tools-libs-3.10.0-1160.el7|(none) 2023年07月18日 14時38分33秒
libXau-1.0.8-2.1.el7|(none) 2023年07月18日 14時33分40秒
crash-7.2.3-11.el7|(none) 2023年07月18日 14時48分11秒
unit-api-1.0-3.el7|(none) 2023年07月18日 14時41分03秒
gspell-1.6.1-1.el7|(none) 2023年07月18日 14時44分25秒
openssl-libs-1.0.2k-19.el7|1 2023年07月18日 14時36分27秒
rpm-build-libs-4.11.3-45.el7|(none) 2023年07月18日 14時38分34秒
libXrender-0.9.10-1.el7|(none) 2023年07月18日 14時33分41秒
patchutils-0.3.3-4.el7|(none) 2023年07月18日 14時48分12秒
python-gobject-3.22.0-1.el7_4.1|(none) 2023年07月18日 14時41分06秒
gnome-terminal-3.28.2-3.el7|(none) 2023年07月18日 14時44分29秒
libarchive-3.1.2-14.el7_7|(none) 2023年07月18日 14時36分37秒
libyaml-0.1.4-11.el7_0|(none) 2023年07月18日 14時38分37秒
findutils-4.5.11-6.el7|1 2023年07月18日 14時33分42秒
m17n-contrib-1.1.14-3.el7|(none) 2023年07月18日 14時48分13秒
glx-utils-8.3.0-10.el7|(none) 2023年07月18日 14時41分07秒
ibus-table-1.5.0-5.el7|(none) 2023年07月18日 14時44分31秒
json-glib-1.4.2-2.el7|(none) 2023年07月18日 14時36分44秒
pakchois-0.4-10.el7|(none) 2023年07月18日 14時38分39秒
flac-libs-1.3.0-5.el7_1|(none) 2023年07月18日 14時33分43秒
wqy-zenhei-fonts-0.9.46-11.el7|(none) 2023年07月18日 14時48分20秒
xml-commons-resolver-1.2-15.el7|0 2023年07月18日 14時41分12秒
xdg-desktop-portal-gtk-1.0.2-1.el7|(none) 2023年07月18日 14時44分34秒
python-gobject-base-3.22.0-1.el7_4.1|(none) 2023年07月18日 14時36分46秒
mpg123-libs-1.25.6-1.el7|(none) 2023年07月18日 14時38分41秒
libplist-1.12-3.el7|(none) 2023年07月18日 14時33分44秒
thai-scalable-waree-fonts-0.5.0-7.el7|(none) 2023年07月18日 14時48分22秒
uom-systems-0.7-1.el7|(none) 2023年07月18日 14時41分15秒
anaconda-gui-21.48.22.159-1.el7.centos|(none) 2023年07月18日 14時44分48秒
pygobject2-2.28.6-11.el7|(none) 2023年07月18日 14時36分48秒
checkpolicy-2.5-8.el7|(none) 2023年07月18日 14時38分42秒
libdvdread-5.0.3-3.el7|(none) 2023年07月18日 14時33分45秒
scl-utils-20130529-19.el7|(none) 2023年07月18日 14時48分27秒
xorg-x11-drv-void-1.4.1-2.el7.1|(none) 2023年07月18日 14時41分16秒
qemu-kvm-1.5.3-175.el7|10 2023年07月18日 14時44分58秒
libselinux-python-2.5-15.el7|(none) 2023年07月18日 14時37分11秒
cryptsetup-libs-2.0.3-6.el7|(none) 2023年07月18日 14時38分44秒
psmisc-22.20-17.el7|(none) 2023年07月18日 14時33分46秒
google-noto-emoji-fonts-20180508-4.el7|(none) 2023年07月18日 14時48分40秒
joda-time-2.2-3.tzdata2013c.el7|(none) 2023年07月18日 14時41分17秒
cheese-libs-3.28.0-1.el7|2 2023年07月18日 14時45分00秒
ModemManager-glib-1.6.10-4.el7|(none) 2023年07月18日 14時37分26秒
elfutils-default-yama-scope-0.176-5.el7|(none) 2023年07月18日 14時38分53秒
gdbm-1.10-8.el7|(none) 2023年07月18日 14時33分47秒
lohit-malayalam-fonts-2.5.3-2.el7|(none) 2023年07月18日 14時48分43秒
apache-commons-logging-1.1.2-7.el7|(none) 2023年07月18日 14時41分22秒
gnome-shell-extension-common-3.28.1-14.el7|(none) 2023年07月18日 14時45分08秒
libtirpc-0.2.4-0.16.el7|(none) 2023年07月18日 14時37分31秒
libgudev1-219-78.el7|(none) 2023年07月18日 14時38分54秒
startup-notification-0.12-8.el7|(none) 2023年07月18日 14時33分47秒
sil-padauk-fonts-2.8-5.el7|(none) 2023年07月18日 14時48分45秒
adwaita-gtk2-theme-3.28-2.el7|(none) 2023年07月18日 14時41分25秒
gnome-shell-extension-horizontal-workspaces-3.28.1-14.el7|(none) 2023年07月18日 14時45分08秒
xorg-x11-fonts-Type1-7.5-9.el7|(none) 2023年07月18日 14時37分37秒
dbus-python-1.1.1-9.el7|(none) 2023年07月18日 14時38分56秒
iso-codes-3.46-2.el7|(none) 2023年07月18日 14時33分51秒
lrzsz-0.12.20-36.el7|(none) 2023年07月18日 14時48分52秒
mesa-libxatracker-18.3.4-10.el7|(none) 2023年07月18日 14時41分26秒
libvirt-daemon-driver-storage-scsi-4.5.0-36.el7|(none) 2023年07月18日 14時45分12秒
libpinyin-data-0.9.93-4.el7|(none) 2023年07月18日 14時37分44秒
dbus-x11-1.10.24-15.el7|1 2023年07月18日 14時38分58秒
taglib-1.8-8.20130218git.el7|(none) 2023年07月18日 14時33分52秒
iwl1000-firmware-39.31.5.1-79.el7|1 2023年07月18日 14時49分05秒
oddjob-0.31.5-4.el7|(none) 2023年07月18日 14時41分27秒
libvirt-daemon-kvm-4.5.0-36.el7|(none) 2023年07月18日 14時45分13秒
pyliblzma-0.5.3-11.el7|(none) 2023年07月18日 14時37分45秒
pulseaudio-libs-glib2-10.0-5.el7|(none) 2023年07月18日 14時39分01秒
slang-2.2.4-11.el7|(none) 2023年07月18日 14時33分54秒
iwl2000-firmware-18.168.6.1-79.el7|(none) 2023年07月18日 14時49分11秒
libfprint-0.8.2-1.el7|(none) 2023年07月18日 14時41分28秒
system-config-printer-1.4.1-23.el7|(none) 2023年07月18日 14時45分19秒
fwupdate-efi-12-6.el7.centos|(none) 2023年07月18日 14時37分47秒
libao-1.1.0-8.el7|(none) 2023年07月18日 14時39分07秒
libglvnd-1.0.1-0.8.git5baa1e5.el7|1 2023年07月18日 14時33分54秒
man-pages-overrides-7.9.0-1.el7|(none) 2023年07月18日 14時49分18秒
speech-dispatcher-0.7.1-15.el7|(none) 2023年07月18日 14時41分30秒
gnome-software-3.28.2-3.el7|(none) 2023年07月18日 14時45分25秒
python-slip-0.4.0-4.el7|(none) 2023年07月18日 14時37分49秒
PackageKit-1.1.10-2.el7.centos|(none) 2023年07月18日 14時39分11秒
libavc1394-0.5.3-14.el7|(none) 2023年07月18日 14時33分55秒
libvirt-client-4.5.0-36.el7|(none) 2023年07月18日 16時19分44秒
cups-filters-1.0.35-28.el7|(none) 2023年07月18日 14時41分31秒
NetworkManager-libreswan-gnome-1.2.4-2.el7|(none) 2023年07月18日 14時45分31秒
urw-base35-z003-fonts-20170801-10.el7|(none) 2023年07月18日 14時37分52秒
kernel-3.10.0-1160.el7|(none) 2023年07月18日 14時39分44秒
xmlsec1-1.2.20-7.el7_4|(none) 2023年07月18日 14時33分56秒
http-parser-2.7.1-9.el7|(none) 2023年07月18日 16時23分51秒
unbound-libs-1.6.6-5.el7_8|(none) 2023年07月18日 14時41分33秒
gnome-system-monitor-3.28.2-1.el7|(none) 2023年07月18日 14時45分34秒
gstreamer-tools-0.10.36-7.el7|(none) 2023年07月18日 14時37分57秒
python-pyudev-0.15-9.el7|(none) 2023年07月18日 14時39分57秒
libnl3-cli-3.2.28-4.el7|(none) 2023年07月18日 14時33分57秒
sssd-ldap-1.16.5-10.el7|(none) 2023年07月18日 16時23分52秒
hplip-libs-3.15.9-5.el7|(none) 2023年07月18日 14時42分26秒
gvfs-mtp-1.36.2-4.el7|(none) 2023年07月18日 14時45分43秒
osinfo-db-tools-1.1.0-1.el7|(none) 2023年07月18日 14時37分58秒
libreport-centos-2.1.11-53.el7.centos|(none) 2023年07月18日 14時39分58秒
llvm-private-7.0.1-1.el7|(none) 2023年07月18日 14時34分18秒
clusterpro-5.1.1-1|(none) 2023年07月19日 14時50分31秒
centos-logos-httpd-85.8-2.el7|(none) 2023年07月21日 13時40分57秒
McAfeeESPFileAccess-10.7.16-1049|(none) 2024年01月12日 19時44分01秒
python3-pip-9.0.3-8.el7|(none) 2023年07月18日 16時26分44秒
ibus-chewing-1.4.4-14.el7|(none) 2023年07月18日 14時45分43秒
fontpackages-filesystem-1.44-8.el7|(none) 2023年07月18日 14時32分26秒
python-inotify-0.9.4-4.el7|(none) 2023年07月18日 14時38分04秒
boost-random-1.53.0-28.el7|(none) 2023年07月18日 14時34分19秒
geocode-glib-3.26.0-3.el7|(none) 2023年07月18日 14時42分37秒
lvm2-libs-2.02.187-6.el7|7 2023年07月18日 14時40分02秒
gnome-screenshot-3.26.0-1.el7|(none) 2023年07月18日 14時45分45秒
xkeyboard-config-2.24-1.el7|(none) 2023年07月18日 14時32分27秒
python-backports-ssl_match_hostname-3.5.0.1-1.el7|(none) 2023年07月18日 14時38分04秒
libvisual-0.4.0-16.el7|(none) 2023年07月18日 14時34分19秒
libappstream-glib-0.7.8-2.el7|(none) 2023年07月18日 14時42分38秒
libglvnd-gles-1.0.1-0.8.git5baa1e5.el7|1 2023年07月18日 14時40分06秒
gnome-dictionary-3.26.1-2.el7|(none) 2023年07月18日 14時45分48秒
tzdata-java-2020a-1.el7|(none) 2023年07月18日 14時32分28秒
python-tdb-1.3.18-1.el7|(none) 2023年07月18日 14時38分05秒
ethtool-4.8-10.el7|2 2023年07月18日 14時34分20秒
tracker-1.10.5-8.el7|(none) 2023年07月18日 14時42分42秒
telepathy-logger-0.8.0-5.el7|(none) 2023年07月18日 14時40分12秒
openslp-server-2.0.0-8.el7_7|1 2023年07月18日 14時47分15秒
bind-license-9.11.4-26.P2.el7|32 2023年07月18日 14時32分30秒
pytalloc-2.1.16-1.el7|(none) 2023年07月18日 14時38分06秒
m17n-lib-1.6.4-14.el7|(none) 2023年07月18日 14時34分21秒
dleyna-connector-dbus-0.2.0-2.el7|(none) 2023年07月18日 14時42分44秒
bluez-5.44-7.el7|(none) 2023年07月18日 14時40分18秒
libsane-hpaio-3.15.9-5.el7|(none) 2023年07月18日 14時47分17秒
vim-filesystem-7.4.629-7.el7|2 2023年07月18日 14時32分31秒
tomcat-servlet-3.0-api-7.0.76-15.el7|0 2023年07月18日 14時38分07秒
perl-HTTP-Tiny-0.033-3.el7|(none) 2023年07月18日 14時34分22秒
libgovirt-0.3.4-5.el7|(none) 2023年07月18日 14時42分46秒
glusterfs-api-6.0-37.el7|(none) 2023年07月18日 14時40分20秒
paps-0.6.8-28.el7.1|(none) 2023年07月18日 14時47分23秒
libX11-common-1.6.7-2.el7|(none) 2023年07月18日 14時32分36秒
python-perf-3.10.0-1160.el7|(none) 2023年07月18日 14時38分08秒
perl-Exporter-5.68-3.el7|(none) 2023年07月18日 14時34分23秒
libvirt-daemon-config-network-4.5.0-36.el7|(none) 2023年07月18日 14時42分54秒
sane-backends-libs-1.0.24-12.el7|(none) 2023年07月18日 14時40分23秒
cgdcbxd-1.0.2-7.el7|(none) 2023年07月18日 14時47分24秒
seavgabios-bin-1.11.0-2.el7|(none) 2023年07月18日 14時33分08秒
xmlsec1-openssl-1.2.20-7.el7_4|(none) 2023年07月18日 14時38分09秒
perl-Storable-2.45-3.el7|(none) 2023年07月18日 14時34分24秒
gssproxy-0.7.0-29.el7|(none) 2023年07月18日 14時42分56秒
python-meh-0.25.3-1.el7|(none) 2023年07月18日 14時40分24秒
sane-backends-drivers-scanners-1.0.24-12.el7|(none) 2023年07月18日 14時47分27秒
bash-4.2.46-34.el7|(none) 2023年07月18日 14時33分24秒
nss-tools-3.44.0-7.el7_7|(none) 2023年07月18日 14時38分13秒
perl-Socket-2.010-5.el7|(none) 2023年07月18日 14時34分24秒
openscap-scanner-1.2.17-11.el7|(none) 2023年07月18日 14時43分02秒
dhclient-4.2.5-82.el7.centos|12 2023年07月18日 14時40分32秒
openlmi-account-0.5.0-4.el7|(none) 2023年07月18日 14時47分29秒
info-5.1-5.el7|(none) 2023年07月18日 14時33分25秒
liboauth-0.9.7-4.el7|(none) 2023年07月18日 14時38分15秒
perl-Compress-Raw-Zlib-2.061-4.el7|1 2023年07月18日 14時34分44秒
libblockdev-fs-2.18-5.el7|(none) 2023年07月18日 14時43分04秒
festival-1.96-28.el7|(none) 2023年07月18日 14時40分36秒
net-snmp-5.7.2-49.el7|1 2023年07月18日 14時47分31秒
libcap-ng-0.7.5-4.el7|(none) 2023年07月18日 14時33分26秒
passwd-0.79-6.el7|(none) 2023年07月18日 14時38分15秒
perl-DBD-SQLite-1.39-3.el7|(none) 2023年07月18日 14時34分45秒
seabios-bin-1.11.0-2.el7|(none) 2023年07月18日 14時43分05秒
dmraid-events-1.0.0.rc16-28.el7|(none) 2023年07月18日 14時40分37秒
autofs-5.0.7-113.el7|1 2023年07月18日 14時47分35秒
readline-6.2-11.el7|(none) 2023年07月18日 14時33分27秒
bind-libs-lite-9.11.4-26.P2.el7|32 2023年07月18日 14時38分18秒
libofa-0.9.3-24.el7|(none) 2023年07月18日 14時34分47秒
initial-setup-0.3.9.45-1.el7.centos|(none) 2023年07月18日 14時43分07秒
lldpad-1.0.1-5.git036e314.el7|(none) 2023年07月18日 14時40分38秒
aic94xx-firmware-30-6.el7|(none) 2023年07月18日 14時47分39秒
yajl-2.0.4-4.el7|(none) 2023年07月18日 14時33分28秒
libstdc++-devel-4.8.5-44.el7|(none) 2023年07月18日 14時38分26秒
libXxf86dga-1.1.4-2.1.el7|(none) 2023年07月18日 14時34分52秒
gtk3-3.22.30-5.el7|(none) 2023年07月18日 14時43分35秒
vorbis-tools-1.4.0-13.el7|1 2023年07月18日 14時40分43秒
irqbalance-1.0.7-12.el7|3 2023年07月18日 14時47分44秒
augeas-libs-1.4.0-10.el7|(none) 2023年07月18日 14時33分29秒
SDL-1.2.15-17.el7|(none) 2023年07月18日 14時38分27秒
libisofs-1.2.8-4.el7|(none) 2023年07月18日 14時34分52秒
webkitgtk4-jsc-2.28.2-2.el7|(none) 2023年07月18日 14時43分44秒
selinux-policy-3.13.1-268.el7|(none) 2023年07月18日 14時40分45秒
yum-langpacks-0.4.2-7.el7|(none) 2023年07月18日 14時47分50秒
p11-kit-0.23.5-3.el7|(none) 2023年07月18日 14時33分30秒
libsemanage-2.5-14.el7|(none) 2023年07月18日 14時38分28秒
libbluray-0.2.3-6.el7|(none) 2023年07月18日 14時34分54秒
libgdata-0.17.9-1.el7|(none) 2023年07月18日 14時44分14秒
abrt-addon-pstoreoops-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
libproxy-mozjs-0.4.11-11.el7|(none) 2023年07月18日 14時48分02秒
libwayland-cursor-1.15.0-1.el7|(none) 2023年07月18日 14時33分32秒
libtiff-4.0.3-35.el7|(none) 2023年07月18日 14時38分31秒
libselinux-utils-2.5-15.el7|(none) 2023年07月18日 14時35分05秒
gjs-1.52.5-1.el7_6|(none) 2023年07月18日 14時44分18秒
libglvnd-glx-1.0.1-0.8.git5baa1e5.el7|1 2023年07月18日 14時40分58秒
pinfo-0.6.10-9.el7|(none) 2023年07月18日 14時48分08秒
libldb-1.5.4-1.el7|(none) 2023年07月18日 14時33分34秒
libini_config-1.3.1-32.el7|(none) 2023年07月18日 14時38分33秒
google-noto-emoji-color-fonts-20180508-4.el7|(none) 2023年07月18日 14時35分16秒
system-config-printer-libs-1.4.1-23.el7|(none) 2023年07月18日 14時44分24秒
xorg-x11-server-Xorg-1.20.4-10.el7|(none) 2023年07月18日 14時41分03秒
dstat-0.7.2-12.el7|(none) 2023年07月18日 14時48分11秒
libXext-1.3.3-3.el7|(none) 2023年07月18日 14時33分41秒
gpgme-1.3.2-5.el7|(none) 2023年07月18日 14時38分34秒
krb5-libs-1.15.1-50.el7|(none) 2023年07月18日 14時36分27秒
abrt-gui-2.1.11-60.el7.centos|(none) 2023年07月18日 14時44分25秒
xml-commons-apis-1.4.01-16.el7|(none) 2023年07月18日 14時41分06秒
ntsysv-1.7.6-1.el7|(none) 2023年07月18日 14時48分12秒
libXinerama-1.1.3-2.1.el7|(none) 2023年07月18日 14時33分41秒
libhangul-0.1.0-8.el7|(none) 2023年07月18日 14時38分37秒
glusterfs-libs-6.0-37.el7|(none) 2023年07月18日 14時36分37秒
glade-libs-3.22.1-1.el7|(none) 2023年07月18日 14時44分30秒
pinentry-gtk-0.8.1-17.el7|(none) 2023年07月18日 14時41分07秒
bpftool-3.10.0-1160.el7|(none) 2023年07月18日 14時48分13秒
orc-0.4.26-1.el7|(none) 2023年07月18日 14時33分42秒
netcf-libs-0.2.8-4.el7|(none) 2023年07月18日 14時38分39秒
gstreamer1-1.10.4-2.el7|(none) 2023年07月18日 14時36分45秒
gnome-keyring-3.28.2-1.el7|(none) 2023年07月18日 14時44分32秒
highcontrast-qt5-0.1-2.el7|(none) 2023年07月18日 14時41分11秒
lohit-oriya-fonts-2.5.4.1-3.el7|(none) 2023年07月18日 14時48分20秒
opus-1.0.2-6.el7|(none) 2023年07月18日 14時33分44秒
libndp-1.2-9.el7|(none) 2023年07月18日 14時38分40秒
desktop-file-utils-0.23-2.el7|(none) 2023年07月18日 14時36分47秒
webkitgtk3-2.4.11-2.el7|(none) 2023年07月18日 14時44分41秒
uom-lib-1.0.1-5.el7|(none) 2023年07月18日 14時41分14秒
overpass-fonts-2.1-1.el7|(none) 2023年07月18日 14時48分22秒
libgomp-4.8.5-44.el7|(none) 2023年07月18日 14時33分45秒
sgpio-1.2.0.10-13.el7|(none) 2023年07月18日 14時38分42秒
gcc-4.8.5-44.el7|(none) 2023年07月18日 14時37分02秒
gnome-desktop3-3.28.2-2.el7|(none) 2023年07月18日 14時44分51秒
xorg-x11-drv-wacom-0.36.1-3.el7|(none) 2023年07月18日 14時41分16秒
lohit-nepali-fonts-2.5.3-2.el7|(none) 2023年07月18日 14時48分27秒
libpcap-1.5.3-12.el7|14 2023年07月18日 14時33分46秒
device-mapper-libs-1.02.170-6.el7|7 2023年07月18日 14時38分44秒
libevent-2.0.21-4.el7|(none) 2023年07月18日 14時37分11秒
gnome-settings-daemon-3.28.1-8.el7|(none) 2023年07月18日 14時44分58秒
xorg-x11-drv-v4l-0.2.0-49.el7|(none) 2023年07月18日 14時41分16秒
traceroute-2.0.22-2.el7|3 2023年07月18日 14時48分40秒
hunspell-1.3.2-16.el7|(none) 2023年07月18日 14時33分46秒
dbus-1.10.24-15.el7|1 2023年07月18日 14時38分53秒
libxklavier-5.4-7.el7|(none) 2023年07月18日 14時37分26秒
clutter-gst2-2.0.18-1.el7|(none) 2023年07月18日 14時45分04秒
javamail-1.4.6-8.el7|(none) 2023年07月18日 14時41分20秒
dejavu-serif-fonts-2.33-6.el7|(none) 2023年07月18日 14時48分43秒
fuse-libs-2.9.2-11.el7|(none) 2023年07月18日 14時33分47秒
libusbx-1.0.21-1.el7|(none) 2023年07月18日 14時38分54秒
libssh2-1.8.0-4.el7|(none) 2023年07月18日 14時37分31秒
gnome-shell-extension-alternate-tab-3.28.1-14.el7|(none) 2023年07月18日 14時45分08秒
rhino-1.7R5-1.el7|(none) 2023年07月18日 14時41分24秒
gnu-free-sans-fonts-20120503-8.el7|(none) 2023年07月18日 14時48分46秒
acl-2.2.51-15.el7|(none) 2023年07月18日 14時33分48秒
ibus-libs-1.5.17-11.el7|(none) 2023年07月18日 14時38分56秒
xorg-x11-proto-devel-2018.4-1.el7|(none) 2023年07月18日 14時37分37秒
quota-nls-4.01-19.el7|1 2023年07月18日 14時45分11秒
plymouth-plugin-two-step-0.8.9-0.34.20140113.el7.centos|(none) 2023年07月18日 14時41分25秒
byacc-1.9.20130304-3.el7|(none) 2023年07月18日 14時48分52秒
GConf2-3.2.6-8.el7|(none) 2023年07月18日 14時38分58秒
libpinyin-0.9.93-4.el7|(none) 2023年07月18日 14時37分44秒
libvirt-daemon-driver-storage-gluster-4.5.0-36.el7|(none) 2023年07月18日 14時45分12秒
imsettings-1.6.3-11.el7|(none) 2023年07月18日 14時41分26秒
iwl3945-firmware-15.32.2.9-79.el7|(none) 2023年07月18日 14時49分05秒
pcre2-10.23-2.el7|(none) 2023年07月18日 14時33分52秒
NetworkManager-glib-1.18.8-1.el7|1 2023年07月18日 14時39分01秒
fipscheck-lib-1.4.1-6.el7|(none) 2023年07月18日 14時37分45秒
totem-nautilus-3.26.2-1.el7|1 2023年07月18日 14時45分14秒
setroubleshoot-plugins-3.0.67-4.el7|(none) 2023年07月18日 14時41分27秒
ivtv-firmware-20080701-26.el7|2 2023年07月18日 14時49分11秒
libusal-1.1.11-25.el7|(none) 2023年07月18日 14時33分54秒
libmbim-1.14.2-1.el7|(none) 2023年07月18日 14時39分07秒
fwupdate-libs-12-6.el7.centos|(none) 2023年07月18日 14時37分47秒
cheese-3.28.0-1.el7|2 2023年07月18日 14時45分22秒
cups-pk-helper-0.2.6-2.el7|(none) 2023年07月18日 14時41分29秒
iwl5150-firmware-8.24.2.2-79.el7|(none) 2023年07月18日 14時49分18秒
libevdev-1.5.6-1.el7|(none) 2023年07月18日 14時33分55秒
PackageKit-yum-1.1.10-2.el7.centos|(none) 2023年07月18日 14時39分10秒
xdg-user-dirs-0.15-5.el7|(none) 2023年07月18日 14時37分49秒
eog-3.28.3-1.el7|(none) 2023年07月18日 14時45分29秒
pulseaudio-module-bluetooth-10.0-5.el7|(none) 2023年07月18日 14時41分31秒
libdhash-0.5.0-32.el7|(none) 2023年07月18日 16時23分51秒
lzop-1.03-10.el7|(none) 2023年07月18日 14時33分55秒
initscripts-9.49.53-1.el7|(none) 2023年07月18日 14時39分13秒
urw-base35-bookman-fonts-20170801-10.el7|(none) 2023年07月18日 14時37分54秒
ibus-table-chinese-1.4.6-3.el7|(none) 2023年07月18日 14時45分31秒
pcp-libs-4.3.2-12.el7|(none) 2023年07月18日 14時41分32秒
c-ares-1.10.0-3.el7|(none) 2023年07月18日 16時23分51秒
attr-2.4.46-13.el7|(none) 2023年07月18日 14時33分56秒
iscsi-initiator-utils-6.2.0.874-19.el7|(none) 2023年07月18日 14時39分45秒
gstreamer-0.10.36-7.el7|(none) 2023年07月18日 14時37分58秒
system-config-printer-udev-1.4.1-23.el7|(none) 2023年07月18日 14時45分35秒
python-brlapi-0.6.0-16.el7|(none) 2023年07月18日 14時42分26秒
sssd-proxy-1.16.5-10.el7|(none) 2023年07月18日 16時23分52秒
boost-iostreams-1.53.0-28.el7|(none) 2023年07月18日 14時33分57秒
colord-1.3.4-2.el7|(none) 2023年07月18日 14時39分58秒
glusterfs-cli-6.0-37.el7|(none) 2023年07月18日 14時37分59秒
gvfs-afp-1.36.2-4.el7|(none) 2023年07月18日 14時45分43秒
libwbclient-4.10.16-5.el7|0 2023年07月18日 14時42分33秒
httpd-core-2.4.57-1a.el7|(none) 2023年07月21日 13時40分57秒
ntp-4.2.6p5-29.el7.centos.2|(none) 2023年08月17日 09時59分12秒
McAfeeESPAac-10.7.16-1049|(none) 2024年01月12日 19時43分59秒
samba-client-libs-4.10.16-5.el7|0 2023年07月18日 14時42分37秒
mozjs17-17.0.0-20.el7|(none) 2023年07月18日 14時34分19秒
postgresql15-libs-15.2-1PGDG.rhel7|(none) 2023年07月18日 16時44分19秒
openlmi-indicationmanager-libs-0.5.0-4.el7|(none) 2023年07月18日 14時40分01秒
setup-2.8.71-11.el7|(none) 2023年07月18日 14時32分26秒
ibus-m17n-1.3.4-13.el7|(none) 2023年07月18日 14時45分44秒
pywbem-0.7.0-25.20130827svn625.el7|(none) 2023年07月18日 14時38分04秒
geoclue2-libs-2.4.8-1.el7|(none) 2023年07月18日 14時42分37秒
libcollection-0.7.0-32.el7|(none) 2023年07月18日 14時34分19秒
libreport-plugin-bugzilla-2.1.11-53.el7.centos|(none) 2023年07月18日 14時40分05秒
gnu-free-fonts-common-20120503-8.el7|(none) 2023年07月18日 14時32分27秒
gtk3-immodule-xim-3.22.30-5.el7|(none) 2023年07月18日 14時45分47秒
python-coverage-3.6-0.5.b3.el7|(none) 2023年07月18日 14時38分05秒
flatpak-1.0.9-9.el7_7|(none) 2023年07月18日 14時42分40秒
libwebp-0.3.0-7.el7|(none) 2023年07月18日 14時34分20秒
libblockdev-2.18-5.el7|(none) 2023年07月18日 14時40分12秒
adobe-mappings-cmap-20171205-3.el7|(none) 2023年07月18日 14時32分29秒
openlmi-storage-0.8.0-2.el7|(none) 2023年07月18日 14時47分03秒
python2-futures-3.1.1-5.el7|(none) 2023年07月18日 14時38分05秒
cockpit-bridge-195.10-1.el7.centos|(none) 2023年07月18日 14時42分43秒
libnetfilter_conntrack-1.0.6-1.el7_3|(none) 2023年07月18日 14時34分21秒
libreport-cli-2.1.11-53.el7.centos|(none) 2023年07月18日 14時40分15秒
grub2-pc-modules-2.02-0.86.el7.centos|1 2023年07月18日 14時32分30秒
python-smbc-1.0.13-8.el7|(none) 2023年07月18日 14時47分16秒
python-configshell-1.1.26-1.el7|1 2023年07月18日 14時38分06秒
usbmuxd-1.1.0-1.el7|(none) 2023年07月18日 14時42分44秒
cdparanoia-10.2-17.el7|(none) 2023年07月18日 14時34分22秒
mdadm-4.1-6.el7|(none) 2023年07月18日 14時40分19秒
adobe-mappings-pdf-20180407-1.el7|(none) 2023年07月18日 14時32分34秒
fprintd-pam-0.8.1-2.el7|(none) 2023年07月18日 14時47分23秒
pytz-2016.10-2.el7|(none) 2023年07月18日 14時38分07秒
farstream-0.1.2-8.el7|(none) 2023年07月18日 14時42分48秒
perl-Encode-2.51-7.el7|(none) 2023年07月18日 14時34分23秒
systemd-python-219-78.el7|(none) 2023年07月18日 14時40分22秒
gnome-user-docs-3.28.2-1.el7|(none) 2023年07月18日 14時32分57秒
gtk2-immodule-xim-2.24.31-1.el7|(none) 2023年07月18日 14時47分24秒
gd-2.0.35-26.el7|(none) 2023年07月18日 14時38分08秒
libvirt-daemon-driver-nwfilter-4.5.0-36.el7|(none) 2023年07月18日 14時42分54秒
perl-PathTools-3.40-5.el7|(none) 2023年07月18日 14時34分24秒
usermode-1.111-6.el7|(none) 2023年07月18日 14時40分24秒
nss-softokn-freebl-3.44.0-8.el7_7|(none) 2023年07月18日 14時33分09秒
intltool-0.50.2-7.el7|(none) 2023年07月18日 14時47分25秒
nss-3.44.0-7.el7_7|(none) 2023年07月18日 14時38分10秒
alsa-firmware-1.0.28-2.el7|(none) 2023年07月18日 14時42分58秒
perl-constant-1.27-2.el7|(none) 2023年07月18日 14時34分24秒
ndctl-65-5.el7|(none) 2023年07月18日 14時40分32秒
libsepol-2.5-10.el7|(none) 2023年07月18日 14時33分24秒
NetworkManager-adsl-1.18.8-1.el7|1 2023年07月18日 14時47分28秒
rpm-libs-4.11.3-45.el7|(none) 2023年07月18日 14時38分13秒
freerdp-libs-2.1.1-2.el7|(none) 2023年07月18日 14時43分03秒
perl-Thread-Queue-3.02-2.el7|(none) 2023年07月18日 14時34分32秒
libblockdev-mdraid-2.18-5.el7|(none) 2023年07月18日 14時40分32秒
libpng-1.5.13-8.el7|2 2023年07月18日 14時33分25秒
targetcli-2.1.51-2.el7|(none) 2023年07月18日 14時47分31秒
python-urlgrabber-3.10-10.el7|(none) 2023年07月18日 14時38分15秒
python-blivet-0.61.15.75-1.el7|1 2023年07月18日 14時43分04秒
perl-IO-Compress-2.061-2.el7|(none) 2023年07月18日 14時34分44秒
libreport-anaconda-2.1.11-53.el7.centos|(none) 2023年07月18日 14時40分37秒
chkconfig-1.7.6-1.el7|(none) 2023年07月18日 14時33分26秒
lshw-B.02.18-17.el7|(none) 2023年07月18日 14時47分33秒
color-filesystem-1-13.el7|(none) 2023年07月18日 14時38分16秒
vte-profile-0.52.4-1.el7|(none) 2023年07月18日 14時43分06秒
xorg-x11-server-common-1.20.4-10.el7|(none) 2023年07月18日 14時34分46秒
sysstat-10.1.5-19.el7|(none) 2023年07月18日 14時40分37秒
libgpg-error-1.12-3.el7|(none) 2023年07月18日 14時33分28秒
rng-tools-6.3.1-5.el7|(none) 2023年07月18日 14時47分38秒
wodim-1.1.11-25.el7|(none) 2023年07月18日 14時38分19秒
centos-indexhtml-7-9.el7.centos|(none) 2023年07月18日 14時43分19秒
libbytesize-1.2-1.el7|(none) 2023年07月18日 14時34分52秒
java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7|1 2023年07月18日 14時40分41秒
libvorbis-1.3.3-8.el7.1|1 2023年07月18日 14時33分29秒
crda-3.18_2018.05.31-4.el7|(none) 2023年07月18日 14時47分43秒
graphite2-1.3.10-1.el7_3|(none) 2023年07月18日 14時38分27秒
ibus-gtk2-1.5.17-11.el7|(none) 2023年07月18日 14時43分36秒
xcb-util-renderutil-0.3.9-3.el7|(none) 2023年07月18日 14時34分52秒
ghostscript-9.25-5.el7|(none) 2023年07月18日 14時40分43秒
libattr-2.4.46-13.el7|(none) 2023年07月18日 14時33分30秒
dracut-config-rescue-033-572.el7|(none) 2023年07月18日 14時47分46秒
pcre2-utf16-10.23-2.el7|(none) 2023年07月18日 14時38分27秒
nautilus-extensions-3.26.3.1-7.el7|(none) 2023年07月18日 14時44分08秒
setools-libs-3.3.8-4.el7|(none) 2023年07月18日 14時34分53秒
abrt-dbus-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
libtalloc-2.1.16-1.el7|(none) 2023年07月18日 14時33分31秒
oprofile-0.9.9-27.el7|(none) 2023年07月18日 14時47分52秒
tog-pegasus-libs-2.14.1-8.el7|2 2023年07月18日 14時38分31秒
libpeas-gtk-1.22.0-1.el7|(none) 2023年07月18日 14時44分16秒
libss-1.42.9-19.el7|(none) 2023年07月18日 14時34分59秒
abrt-retrace-client-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
jansson-2.10-1.el7|(none) 2023年07月18日 14時33分33秒
vsftpd-3.0.2-28.el7|(none) 2023年07月18日 14時48分07秒
gtk-update-icon-cache-3.22.30-5.el7|(none) 2023年07月18日 14時38分32秒
nm-connection-editor-1.8.6-2.el7|(none) 2023年07月18日 14時44分21秒
dejavu-sans-fonts-2.33-6.el7|(none) 2023年07月18日 14時35分11秒
gstreamer1-plugins-base-1.10.4-2.el7|(none) 2023年07月18日 14時40分59秒
file-libs-5.11-37.el7|(none) 2023年07月18日 14時33分35秒
latencytop-tui-0.5-13.el7|(none) 2023年07月18日 14時48分09秒
sbc-1.0-5.el7|(none) 2023年07月18日 14時38分33秒
spice-gtk3-0.35-5.el7|(none) 2023年07月18日 14時44分25秒
ncurses-5.9-14.20130511.el7_4|(none) 2023年07月18日 14時36分24秒
gstreamer1-plugins-bad-free-1.10.4-3.el7|(none) 2023年07月18日 14時41分04秒
libXdamage-1.1.4-4.1.el7|(none) 2023年07月18日 14時33分41秒
hunspell-en-0.20121024-6.el7|(none) 2023年07月18日 14時48分12秒
pygpgme-0.3-9.el7|(none) 2023年07月18日 14時38分34秒
brasero-3.12.2-5.el7|(none) 2023年07月18日 14時44分27秒
alsa-lib-1.1.8-1.el7|(none) 2023年07月18日 14時36分37秒
pangomm-2.40.1-1.el7|(none) 2023年07月18日 14時41分07秒
mpfr-3.1.1-4.el7|(none) 2023年07月18日 14時33分42秒
xvattr-1.3-27.el7|(none) 2023年07月18日 14時48分13秒
libgdither-0.6-8.el7|(none) 2023年07月18日 14時38分37秒
yelp-3.28.1-1.el7|2 2023年07月18日 14時44分31秒
shared-mime-info-1.8-5.el7|(none) 2023年07月18日 14時36分44秒
libva-1.8.3-1.el7|(none) 2023年07月18日 14時41分11秒
libXt-1.1.5-3.el7|(none) 2023年07月18日 14時33分43秒
swig-2.0.10-5.el7|(none) 2023年07月18日 14時48分15秒
qrencode-libs-3.4.1-3.el7|(none) 2023年07月18日 14時38分39秒
keybinder3-0.3.0-1.el7|(none) 2023年07月18日 14時44分33秒
xorg-x11-font-utils-7.5-21.el7|1 2023年07月18日 14時36分46秒
xerces-j2-2.11.0-17.el7_0|(none) 2023年07月18日 14時41分13秒
lzo-2.06-8.el7|(none) 2023年07月18日 14時33分44秒
lohit-devanagari-fonts-2.5.3-4.el7|(none) 2023年07月18日 14時48分21秒
libburn-1.2.8-4.el7|(none) 2023年07月18日 14時38分41秒
compat-gnome-desktop314-3.14.2-1.el7|(none) 2023年07月18日 14時44分43秒
enchant-1.6.0-8.el7|1 2023年07月18日 14時36分47秒
xorg-x11-drv-dummy-0.3.7-1.el7.1|(none) 2023年07月18日 14時41分15秒
libsndfile-1.0.25-12.el7|(none) 2023年07月18日 14時33分45秒
pnm2ppa-1.04-28.el7|1 2023年07月18日 14時48分26秒
libsmartcols-2.23.2-65.el7|(none) 2023年07月18日 14時38分42秒
evince-3.28.2-10.el7|(none) 2023年07月18日 14時44分56秒
gnome-icon-theme-3.12.0-1.el7|(none) 2023年07月18日 14時37分10秒
xorg-x11-drv-evdev-2.10.6-1.el7|(none) 2023年07月18日 14時41分16秒
file-5.11-37.el7|(none) 2023年07月18日 14時33分46秒
cjkuni-uming-fonts-0.2.20080216.1-53.el7|(none) 2023年07月18日 14時48分39秒
kmod-20-28.el7|(none) 2023年07月18日 14時38分44秒
clutter-gtk-1.8.4-1.el7|(none) 2023年07月18日 14時45分00秒
libgee-0.20.1-1.el7|(none) 2023年07月18日 14時37分25秒
cal10n-0.7.7-4.el7|(none) 2023年07月18日 14時41分18秒
efivar-libs-36-12.el7|(none) 2023年07月18日 14時33分46秒
wqy-microhei-fonts-0.2.0-0.12.beta.el7|(none) 2023年07月18日 14時48分43秒
cups-libs-1.6.3-51.el7|1 2023年07月18日 14時38分54秒
gdm-3.28.2-23.el7|1 2023年07月18日 14時45分07秒
python-decorator-3.4.0-3.el7|(none) 2023年07月18日 14時37分30秒
slf4j-1.7.4-4.el7_4|0 2023年07月18日 14時41分22秒
giflib-4.1.6-9.el7|(none) 2023年07月18日 14時33分47秒
ucs-miscfixed-fonts-0.3-11.el7|(none) 2023年07月18日 14時48分44秒
libreport-python-2.1.11-53.el7.centos|(none) 2023年07月18日 14時38分55秒
gnome-shell-extension-apps-menu-3.28.1-14.el7|(none) 2023年07月18日 14時45分08秒
gettext-libs-0.19.8.1-3.el7|(none) 2023年07月18日 14時37分35秒
gupnp-dlna-0.10.5-1.el7|(none) 2023年07月18日 14時41分25秒
groff-base-1.22.2-8.el7|(none) 2023年07月18日 14時33分49秒
diffstat-1.57-4.el7|(none) 2023年07月18日 14時48分52秒
NetworkManager-libnm-1.18.8-1.el7|1 2023年07月18日 14時38分57秒
libvirt-daemon-driver-storage-core-4.5.0-36.el7|(none) 2023年07月18日 14時45分12秒
libgtop2-2.38.0-3.el7|(none) 2023年07月18日 14時37分37秒
osinfo-db-20200529-1.el7|(none) 2023年07月18日 14時41分26秒
libcdio-0.92-3.el7|(none) 2023年07月18日 14時33分51秒
iwl4965-firmware-228.61.2.24-79.el7|(none) 2023年07月18日 14時49分04秒
hwdata-0.252-9.7.el7|(none) 2023年07月18日 14時39分00秒
libvirt-daemon-driver-storage-4.5.0-36.el7|(none) 2023年07月18日 14時45分12秒
python-IPy-0.75-6.el7|(none) 2023年07月18日 14時37分45秒
realmd-0.16.1-12.el7|(none) 2023年07月18日 14時41分27秒
ca-certificates-2020.2.41-70.0.el7_8|(none) 2023年07月18日 14時33分53秒
iwl6000-firmware-9.221.4.1-79.el7|(none) 2023年07月18日 14時49分11秒
policycoreutils-2.5-34.el7|(none) 2023年07月18日 14時39分02秒
gnome-tweak-tool-3.28.1-7.el7|(none) 2023年07月18日 14時45分17秒
logrotate-3.8.6-19.el7|(none) 2023年07月18日 14時37分46秒
usb_modeswitch-data-20170806-1.el7|(none) 2023年07月18日 14時41分28秒
openjpeg-libs-1.5.1-18.el7|(none) 2023年07月18日 14時33分54秒
iwl100-firmware-39.31.5.1-79.el7|(none) 2023年07月18日 14時49分17秒
plymouth-core-libs-0.8.9-0.34.20140113.el7.centos|(none) 2023年07月18日 14時39分07秒
evince-nautilus-3.28.2-10.el7|(none) 2023年07月18日 14時45分22秒
dvd+rw-tools-7.1-15.el7|(none) 2023年07月18日 14時37分48秒
bolt-0.7-1.el7|(none) 2023年07月18日 14時41分30秒
less-458-9.el7|(none) 2023年07月18日 14時33分55秒
gnutls-dane-3.3.29-9.el7_6|(none) 2023年07月18日 16時19分43秒
colord-libs-1.3.4-2.el7|(none) 2023年07月18日 14時39分12秒
vinagre-3.22.0-14.el7|(none) 2023年07月18日 14時45分30秒
urw-base35-nimbus-sans-fonts-20170801-10.el7|(none) 2023年07月18日 14時37分51秒
ghostscript-cups-9.25-5.el7|(none) 2023年07月18日 14時41分31秒
libXxf86misc-1.0.3-7.1.el7|(none) 2023年07月18日 14時33分55秒
libipa_hbac-1.16.5-10.el7|(none) 2023年07月18日 16時23分51秒
plymouth-0.8.9-0.34.20140113.el7.centos|(none) 2023年07月18日 14時39分44秒
abrt-desktop-2.1.11-60.el7.centos|(none) 2023年07月18日 14時45分31秒
wayland-devel-1.15.0-1.el7|(none) 2023年07月18日 14時37分57秒
NetworkManager-libreswan-1.2.4-2.el7|(none) 2023年07月18日 14時42分25秒
bc-1.06.95-13.el7|(none) 2023年07月18日 14時33分56秒
sssd-ipa-1.16.5-10.el7|(none) 2023年07月18日 16時23分52秒
python-rtslib-2.1.72-1.el7|(none) 2023年07月18日 14時39分57秒
gvfs-goa-1.36.2-4.el7|(none) 2023年07月18日 14時45分43秒
spice-server-0.14.0-9.el7|(none) 2023年07月18日 14時37分58秒
gnutls-3.3.29-9.el7_6|(none) 2023年07月18日 14時42分28秒
make-3.82-24.el7|1 2023年07月18日 14時33分57秒
python3-libs-3.6.8-17.el7|(none) 2023年07月18日 16時26分43秒
policycoreutils-python-2.5-34.el7|(none) 2023年07月18日 14時39分58秒
httpd-filesystem-2.4.57-1a.el7|(none) 2023年07月21日 13時40分56秒
mod_lua-2.4.57-1a.el7|(none) 2023年07月21日 13時40分57秒
MFErt-2.0-185|(none) 2024年01月12日 19時44分09秒
lksctp-tools-1.0.17-2.el7|(none) 2023年07月18日 14時34分19秒
glib-networking-2.56.1-1.el7|(none) 2023年07月18日 14時42分37秒
telepathy-filesystem-0.0.2-6.el7|(none) 2023年07月18日 14時32分26秒
telepathy-mission-control-5.16.3-3.el7|1 2023年07月18日 14時40分05秒
apr-1.6.3-12.el7|(none) 2023年07月21日 13時40分56秒
openlmi-python-base-0.5.0-4.el7|(none) 2023年07月18日 14時38分05秒
xdg-user-dirs-gtk-0.10-4.el7|(none) 2023年07月18日 14時45分47秒
libvpx-1.3.0-8.el7|(none) 2023年07月18日 14時34分20秒
libimobiledevice-1.2.0-1.el7|(none) 2023年07月18日 14時42分41秒
m17n-db-1.6.4-4.el7|(none) 2023年07月18日 14時32分30秒
wpa_supplicant-2.6-12.el7|1 2023年07月18日 14時40分13秒
gpg-pubkey-1c5ed88d-6346b208|(none) 2023年07月25日 10時26分55秒
pyparsing-1.5.6-9.el7|(none) 2023年07月18日 14時38分06秒
samba-client-4.10.16-5.el7|0 2023年07月18日 14時47分17秒
libgfortran-4.8.5-44.el7|(none) 2023年07月18日 14時34分22秒
fwupd-1.0.8-5.el7|(none) 2023年07月18日 14時42分45秒
kbd-misc-1.15.5-15.el7|(none) 2023年07月18日 14時32分36秒
os-prober-1.58-9.el7|(none) 2023年07月18日 14時40分20秒
McAfeeTP-10.7.16-27|(none) 2024年01月12日 19時44分02秒
python-kitchen-1.1.1-5.el7|(none) 2023年07月18日 14時38分08秒
abrt-console-notification-2.1.11-60.el7.centos|(none) 2023年07月18日 14時47分24秒
perl-Filter-1.49-3.el7|(none) 2023年07月18日 14時34分24秒
libvirt-gobject-1.0.0-1.el7|(none) 2023年07月18日 14時42分54秒
libstdc++-4.8.5-44.el7|(none) 2023年07月18日 14時33分23秒
git-1.8.3.1-23.el7_8|(none) 2023年07月18日 14時40分28秒
curl-7.29.0-59.el7|(none) 2023年07月18日 14時38分13秒
openlmi-software-0.5.0-4.el7|(none) 2023年07月18日 14時47分28秒
kernel-devel-3.10.0-1160.el7|(none) 2023年07月18日 14時34分43秒
libblockdev-part-2.18-5.el7|(none) 2023年07月18日 14時43分04秒
xz-libs-5.2.2-1.el7|(none) 2023年07月18日 14時33分26秒
python2-blockdev-2.18-5.el7|(none) 2023年07月18日 14時40分36秒
redhat-rpm-config-9.1.0-88.el7.centos|(none) 2023年07月18日 14時38分16秒
PackageKit-command-not-found-1.1.10-2.el7.centos|(none) 2023年07月18日 14時47分33秒
libsamplerate-0.1.8-6.el7|(none) 2023年07月18日 14時34分47秒
anaconda-tui-21.48.22.159-1.el7.centos|(none) 2023年07月18日 14時43分06秒
numactl-libs-2.0.12-5.el7|(none) 2023年07月18日 14時33分28秒
kmod-kvdo-6.1.3.23-5.el7|(none) 2023年07月18日 14時40分38秒
marisa-0.2.4-4.el7|(none) 2023年07月18日 14時38分27秒
ntpdate-4.2.6p5-29.el7.centos.2|(none) 2023年07月18日 14時47分44秒
hesiod-3.2.1-3.el7|(none) 2023年07月18日 14時34分52秒
ibus-gtk3-1.5.17-11.el7|(none) 2023年07月18日 14時43分39秒
lcms2-2.6-3.el7|(none) 2023年07月18日 14時33分30秒
pcp-selinux-4.3.2-12.el7|(none) 2023年07月18日 14時40分50秒
libutempter-1.1.6-4.el7|(none) 2023年07月18日 14時38分29秒
vim-enhanced-7.4.629-7.el7|2 2023年07月18日 14時47分53秒
qpdf-libs-5.0.1-4.el7|(none) 2023年07月18日 14時34分59秒
grilo-0.3.6-1.el7|(none) 2023年07月18日 14時44分17秒
xz-5.2.2-1.el7|(none) 2023年07月18日 14時33分34秒
cairo-1.15.12-4.el7|(none) 2023年07月18日 14時40分58秒
hardlink-1.0-19.el7|1 2023年07月18日 14時38分33秒
nautilus-sendto-3.8.6-1.el7|1 2023年07月18日 14時48分09秒
coreutils-8.22-24.el7|(none) 2023年07月18日 14時36分26秒
abrt-gui-libs-2.1.11-60.el7.centos|(none) 2023年07月18日 14時44分25秒
libXrandr-1.5.1-2.el7|(none) 2023年07月18日 14時33分41秒
pycairo-1.8.10-8.el7|(none) 2023年07月18日 14時41分06秒
PyYAML-3.10-11.el7|(none) 2023年07月18日 14時38分37秒
nfs4-acl-tools-0.3.3-21.el7|(none) 2023年07月18日 14時48分13秒
atk-2.28.1-2.el7|(none) 2023年07月18日 14時36分44秒
libcanberra-gtk2-0.30-9.el7|(none) 2023年07月18日 14時44分31秒
libtheora-1.1.1-8.el7|1 2023年07月18日 14時33分43秒
libpeas-loader-python-1.22.0-1.el7|(none) 2023年07月18日 14時41分11秒
lsscsi-0.27-6.el7|(none) 2023年07月18日 14時38分41秒
madan-fonts-2.000-11.el7|(none) 2023年07月18日 14時48分22秒
glibmm24-2.56.0-1.el7|(none) 2023年07月18日 14時36分48秒
librsvg2-tools-2.40.20-1.el7|(none) 2023年07月18日 14時44分48秒
speex-1.2-0.19.rc1.el7|(none) 2023年07月18日 14時33分45秒
xorg-x11-drv-vesa-2.4.0-3.el7|(none) 2023年07月18日 14時41分16秒
dracut-033-572.el7|(none) 2023年07月18日 14時38分44秒
lohit-tamil-fonts-2.5.3-2.el7|(none) 2023年07月18日 14時48分39秒
libudisks2-2.8.4-1.el7|(none) 2023年07月18日 14時37分26秒
control-center-3.28.1-7.el7|1 2023年07月18日 14時45分04秒
libxshmfence-1.2-1.el7|(none) 2023年07月18日 14時33分47秒
avalon-logkit-2.1-14.el7|0 2023年07月18日 14時41分21秒
satyr-0.13-15.el7|(none) 2023年07月18日 14時38分55秒
jomolhari-fonts-0.003-17.el7|(none) 2023年07月18日 14時48分45秒
gettext-0.19.8.1-3.el7|(none) 2023年07月18日 14時37分36秒
libchamplain-gtk-0.12.16-2.el7|(none) 2023年07月18日 14時45分08秒
zip-3.0-11.el7|(none) 2023年07月18日 14時33分51秒
poppler-utils-0.26.5-43.el7|(none) 2023年07月18日 14時41分25秒
dconf-0.28.0-4.el7|(none) 2023年07月18日 14時38分59秒
iwl3160-firmware-25.30.13.0-79.el7|(none) 2023年07月18日 14時49分05秒
audit-libs-python-2.8.5-4.el7|(none) 2023年07月18日 14時37分45秒
gnome-boxes-3.28.5-4.el7|(none) 2023年07月18日 14時45分14秒
newt-0.52.15-4.el7|(none) 2023年07月18日 14時33分54秒
gsound-1.0.2-2.el7|(none) 2023年07月18日 14時41分28秒
libcgroup-0.41-21.el7|(none) 2023年07月18日 14時39分07秒
iwl5000-firmware-8.83.5.1_1-79.el7|(none) 2023年07月18日 14時49分17秒
libverto-libevent-0.2.5-4.el7|(none) 2023年07月18日 14時37分48秒
gnome-font-viewer-3.28.0-1.el7|(none) 2023年07月18日 14時45分25秒
libshout-2.2.2-11.el7|(none) 2023年07月18日 14時33分55秒
cups-filesystem-1.6.3-51.el7|1 2023年07月18日 14時41分31秒
plymouth-scripts-0.8.9-0.34.20140113.el7.centos|(none) 2023年07月18日 14時39分44秒
libsss_sudo-1.16.5-10.el7|(none) 2023年07月18日 16時23分51秒
bash-completion-2.1-8.el7|1 2023年07月18日 14時37分57秒
open-vm-tools-desktop-11.0.5-3.el7|(none) 2023年07月18日 14時45分34秒
pinentry-0.8.1-17.el7|(none) 2023年07月18日 14時33分57秒
hplip-common-3.15.9-5.el7|(none) 2023年07月18日 14時42分26秒
plymouth-graphics-libs-0.8.9-0.34.20140113.el7.centos|(none) 2023年07月18日 14時39分58秒
python3-3.6.8-17.el7|(none) 2023年07月18日 16時26分43秒
libfontenc-1.1.3-3.el7|(none) 2023年07月18日 14時34分18秒
cyrus-sasl-scram-2.1.26-23.el7|(none) 2023年07月18日 14時38分03秒
device-mapper-event-1.02.170-6.el7|7 2023年07月18日 14時40分02秒
rest-0.8.1-2.el7|(none) 2023年07月18日 14時42分37秒
control-center-filesystem-3.28.1-7.el7|1 2023年07月18日 14時32分27秒
gnome-system-log-3.9.90-3.el7|1 2023年07月18日 14時45分47秒
libbrotli-1.0.9-10.el7|(none) 2023年07月21日 13時40分56秒
libref_array-0.1.5-32.el7|(none) 2023年07月18日 14時34分20秒
fros-1.0-5.el7|(none) 2023年07月18日 14時38分05秒
python-slip-dbus-0.4.0-4.el7|(none) 2023年07月18日 14時40分12秒
farstream02-0.2.3-3.el7|(none) 2023年07月18日 14時42分43秒
adobe-mappings-cmap-deprecated-20171205-3.el7|(none) 2023年07月18日 14時32分30秒
subversion-1.7.14-16.el7|(none) 2023年07月18日 14時47分16秒
libteam-1.29-3.el7|(none) 2023年07月18日 14時34分22秒
python-javapackages-3.4.1-11.el7|(none) 2023年07月18日 14時38分07秒
glusterfs-6.0-37.el7|(none) 2023年07月18日 14時40分20秒
telepathy-salut-0.8.1-6.el7|(none) 2023年07月18日 14時42分46秒
gettext-common-devel-0.19.8.1-3.el7|(none) 2023年07月18日 14時32分36秒
libyami-1.2.0-2.el7|(none) 2023年07月18日 14時47分24秒
MFEdx-6.0.3-995|(none) 2024年01月12日 19時45分11秒
perl-threads-shared-1.43-6.el7|(none) 2023年07月18日 14時34分23秒
bind-export-libs-9.11.4-26.P2.el7|32 2023年07月18日 14時38分09秒
openssh-clients-7.4p1-21.el7|(none) 2023年07月18日 14時40分24秒
net-tools-2.0-0.25.20131004git.el7|(none) 2023年07月18日 14時42分57秒
nspr-4.21.0-1.el7|(none) 2023年07月18日 14時33分24秒
NetworkManager-ppp-1.18.8-1.el7|1 2023年07月18日 14時47分28秒
autoconf-2.69-11.el7|(none) 2023年07月18日 14時34分32秒
openldap-2.4.44-22.el7|(none) 2023年07月18日 14時38分14秒
festvox-slt-arctic-hts-0.20061229-28.el7|(none) 2023年07月18日 14時40分35秒
cryptsetup-2.0.3-6.el7|(none) 2023年07月18日 14時43分04秒
audit-libs-2.8.5-4.el7|(none) 2023年07月18日 14時33分26秒
usbutils-007-5.el7|(none) 2023年07月18日 14時47分32秒
ipset-7.1-1.el7|(none) 2023年07月18日 14時34分46秒
libwsman1-2.6.3-7.git4391e5c.el7|(none) 2023年07月18日 14時38分16秒
hypervfcopyd-0-0.34.20180415git.el7|(none) 2023年07月18日 14時40分38秒
libkkc-data-0.3.1-9.el7|(none) 2023年07月18日 14時43分17秒
libdb-5.3.21-25.el7|(none) 2023年07月18日 14時33分28秒
at-3.1.13-24.el7|(none) 2023年07月18日 14時47分39秒
libxkbcommon-x11-0.7.1-3.el7|(none) 2023年07月18日 14時34分52秒
harfbuzz-icu-1.7.5-2.el7|(none) 2023年07月18日 14時38分27秒
libspectre-0.2.8-1.el7|(none) 2023年07月18日 14時40分45秒
webkitgtk4-2.28.2-2.el7|(none) 2023年07月18日 14時44分08秒
libwayland-client-1.15.0-1.el7|(none) 2023年07月18日 14時33分31秒
kernel-tools-3.10.0-1160.el7|(none) 2023年07月18日 14時47分50秒
liblouis-2.5.2-12.el7_4|(none) 2023年07月18日 14時34分58秒
libsemanage-python-2.5-14.el7|(none) 2023年07月18日 14時38分31秒
abrt-cli-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
vte291-0.52.4-1.el7|(none) 2023年07月18日 14時44分18秒
libidn-1.28-4.el7|(none) 2023年07月18日 14時33分34秒
net-snmp-utils-5.7.2-49.el7|1 2023年07月18日 14時48分09秒
glibc-devel-2.17-317.el7|(none) 2023年07月18日 14時35分17秒
libsss_idmap-1.16.5-10.el7|(none) 2023年07月18日 14時38分33秒
cairomm-1.12.0-1.el7|(none) 2023年07月18日 14時41分05秒
gnome-packagekit-installer-3.28.0-1.el7|(none) 2023年07月18日 14時44分25秒
keyutils-libs-1.5.8-3.el7|(none) 2023年07月18日 14時33分41秒
efibootmgr-17-2.el7|(none) 2023年07月18日 14時48分13秒
libmount-2.23.2-65.el7|(none) 2023年07月18日 14時36分42秒
frei0r-plugins-1.3-13.el7|(none) 2023年07月18日 14時38分39秒
adwaita-qt5-1.0-1.el7|(none) 2023年07月18日 14時41分11秒
gnome-keyring-pam-3.28.2-1.el7|(none) 2023年07月18日 14時44分32秒
lz4-1.8.3-1.el7|(none) 2023年07月18日 14時33分44秒
lohit-bengali-fonts-2.5.3-4.el7|(none) 2023年07月18日 14時48分21秒
libpeas-1.22.0-1.el7|(none) 2023年07月18日 14時36分47秒
fribidi-1.0.2-1.el7_7.1|(none) 2023年07月18日 14時38分41秒
xorg-x11-drv-intel-2.99.917-28.20180530.el7|(none) 2023年07月18日 14時41分15秒
gnome-session-3.28.1-8.el7|(none) 2023年07月18日 14時44分51秒
libxkbfile-1.0.9-3.el7|(none) 2023年07月18日 14時33分46秒
sil-abyssinica-fonts-1.200-6.el7|(none) 2023年07月18日 14時48分33秒
atkmm-2.24.2-1.el7|(none) 2023年07月18日 14時37分25秒
systemd-libs-219-78.el7|(none) 2023年07月18日 14時38分45秒
jackson-1.9.4-7.el7|(none) 2023年07月18日 14時41分19秒
mutter-3.28.3-26.el7|(none) 2023年07月18日 14時45分06秒
boost-thread-1.53.0-28.el7|(none) 2023年07月18日 14時33分47秒
open-sans-fonts-1.10-1.el7|(none) 2023年07月18日 14時48分44秒
libpwquality-1.2.3-5.el7|(none) 2023年07月18日 14時37分35秒
libcanberra-0.30-9.el7|(none) 2023年07月18日 14時38分55秒
plymouth-plugin-label-0.8.9-0.34.20140113.el7.centos|(none) 2023年07月18日 14時41分25秒
quota-4.01-19.el7|1 2023年07月18日 14時45分11秒
libquadmath-4.8.5-44.el7|(none) 2023年07月18日 14時33分51秒
rfkill-0.4-10.el7|(none) 2023年07月18日 14時48分52秒
python-ethtool-0.8-8.el7|(none) 2023年07月18日 14時37分45秒
libdrm-2.4.97-2.el7|(none) 2023年07月18日 14時39分00秒
audit-2.8.5-4.el7|(none) 2023年07月18日 14時41分27秒
empathy-3.12.13-1.el7|(none) 2023年07月18日 14時45分17秒
libXdmcp-1.1.2-6.el7|(none) 2023年07月18日 14時33分54秒
iwl7260-firmware-25.30.13.0-79.el7|(none) 2023年07月18日 14時49分16秒
libX11-devel-1.6.7-2.el7|(none) 2023年07月18日 14時37分48秒
libreport-plugin-mantisbt-2.1.11-53.el7.centos|(none) 2023年07月18日 14時39分07秒
pulseaudio-10.0-5.el7|(none) 2023年07月18日 14時41分31秒
iowatcher-1.0-6.el7|(none) 2023年07月18日 14時45分29秒
libXmu-1.1.2-2.el7|(none) 2023年07月18日 14時33分55秒
libsss_autofs-1.16.5-10.el7|(none) 2023年07月18日 16時23分51秒
urw-base35-p052-fonts-20170801-10.el7|(none) 2023年07月18日 14時37分57秒
cronie-1.4.11-23.el7|(none) 2023年07月18日 14時39分44秒
brltty-4.5-16.el7|(none) 2023年07月18日 14時42分26秒
gnome-weather-3.26.0-1.el7|(none) 2023年07月18日 14時45分42秒
jasper-libs-1.900.1-33.el7|(none) 2023年07月18日 14時33分57秒
adcli-0.8.1-15.el7|(none) 2023年07月18日 16時23分53秒
openlmi-providers-0.5.0-4.el7|(none) 2023年07月18日 14時40分01秒
libzstd-1.5.4-1.el7|(none) 2023年07月18日 16時44分19秒
ibus-rawcode-1.3.2-3.el7|(none) 2023年07月18日 14時45分44秒
cmpi-bindings-pywbem-0.9.5-6.el7|(none) 2023年07月18日 14時38分04秒
libdv-1.0.0-17.el7|(none) 2023年07月18日 14時34分19秒
gssdp-1.0.2-1.el7|(none) 2023年07月18日 14時42分38秒
hyperv-daemons-license-0-0.34.20180415git.el7|(none) 2023年07月18日 14時32分27秒
libibverbs-22.4-5.el7|(none) 2023年07月18日 14時40分12秒
mod_ssl-2.4.57-1a.el7|1 2023年07月21日 13時40分57秒
tuned-2.11.0-9.el7|(none) 2023年07月18日 14時47分03秒
sos-3.9-2.el7.centos|(none) 2023年07月18日 14時38分06秒
libmpcdec-1.2.6-12.el7|(none) 2023年07月18日 14時34分20秒
samba-libs-4.10.16-5.el7|0 2023年07月18日 14時42分43秒
nhn-nanum-fonts-common-3.020-9.el7|(none) 2023年07月18日 14時32分30秒
ppp-2.4.5-34.el7_7|(none) 2023年07月18日 14時40分19秒
pulseaudio-module-x11-10.0-5.el7|(none) 2023年07月18日 14時47分22秒
python-ntplib-0.3.2-1.el7|(none) 2023年07月18日 14時38分07秒
perl-Text-ParseWords-3.29-4.el7|(none) 2023年07月18日 14時34分22秒
libpurple-2.10.11-9.el7|(none) 2023年07月18日 14時42分52秒
kbd-legacy-1.15.5-15.el7|(none) 2023年07月18日 14時32分57秒
ndctl-libs-65-5.el7|(none) 2023年07月18日 14時40分24秒
systemtap-4.0-13.el7|(none) 2023年07月18日 14時47分25秒
nss-sysinit-3.44.0-7.el7_7|(none) 2023年07月18日 14時38分10秒
perl-File-Temp-0.23.01-3.el7|(none) 2023年07月18日 14時34分24秒
alsa-tools-firmware-1.1.0-1.el7|(none) 2023年07月18日 14時42分58秒
pcre-8.32-17.el7|(none) 2023年07月18日 14時33分25秒
grub2-pc-2.02-0.86.el7.centos|1 2023年07月18日 14時40分32秒
pm-utils-1.4.1-27.el7|(none) 2023年07月18日 14時47分31秒
pykickstart-1.99.66.22-1.el7|(none) 2023年07月18日 14時38分15秒
perl-Compress-Raw-Bzip2-2.061-3.el7|(none) 2023年07月18日 14時34分44秒
volume_key-libs-0.3.9-9.el7|(none) 2023年07月18日 14時43分04秒
libnl3-3.2.28-4.el7|(none) 2023年07月18日 14時33分27秒
libqmi-utils-1.18.0-2.el7|(none) 2023年07月18日 14時40分37秒
mcelog-144-10.94d853b2ea81.el7|3 2023年07月18日 14時47分38秒
boost-date-time-1.53.0-28.el7|(none) 2023年07月18日 14時38分19秒
device-mapper-persistent-data-0.8.5-3.el7|(none) 2023年07月18日 14時34分52秒
ipxe-roms-qemu-20180825-3.git133f4c.el7|(none) 2023年07月18日 14時43分20秒
kmod-libs-20-28.el7|(none) 2023年07月18日 14時33分29秒
libmbim-utils-1.14.2-1.el7|(none) 2023年07月18日 14時40分43秒
kpatch-0.6.1-6.el7|(none) 2023年07月18日 14時47分46秒
libsmbios-2.3.3-8.el7|(none) 2023年07月18日 14時38分28秒
libdwarf-20130207-4.el7|(none) 2023年07月18日 14時34分53秒
libgweather-3.28.2-3.el7|(none) 2023年07月18日 14時44分11秒
libwayland-egl-1.15.0-1.el7|(none) 2023年07月18日 14時33分31秒
abrt-tui-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
gcc-gfortran-4.8.5-44.el7|(none) 2023年07月18日 14時48分07秒
poppler-0.26.5-43.el7|(none) 2023年07月18日 14時38分32秒
vim-common-7.4.629-7.el7|2 2023年07月18日 14時35分10秒
brasero-libs-3.12.2-5.el7|(none) 2023年07月18日 14時44分21秒
libicu-50.2-4.el7_7|(none) 2023年07月18日 14時33分40秒
java-1.8.0-openjdk-1.8.0.262.b10-1.el7|1 2023年07月18日 14時41分03秒
xorg-x11-utils-7.5-23.el7|(none) 2023年07月18日 14時48分12秒
yum-plugin-fastestmirror-1.1.31-54.el7_8|(none) 2023年07月18日 14時38分34秒
cyrus-sasl-lib-2.1.26-23.el7|(none) 2023年07月18日 14時36分36秒
brasero-nautilus-3.12.2-5.el7|(none) 2023年07月18日 14時44分28秒
xmlrpc-c-1.32.5-1905.svn2451.el7|(none) 2023年07月18日 14時33分42秒
qt5-qtbase-gui-5.9.7-4.el7|(none) 2023年07月18日 14時41分11秒
ed-1.9-4.el7|(none) 2023年07月18日 14時48分14秒
libestr-0.1.9-2.el7|(none) 2023年07月18日 14時38分40秒
gsettings-desktop-schemas-3.28.0-3.el7|(none) 2023年07月18日 14時36分46秒
libnm-gtk-1.8.6-2.el7|(none) 2023年07月18日 14時44分33秒
libmpc-1.0.1-3.el7|(none) 2023年07月18日 14時33分44秒
xorg-x11-drv-fbdev-0.5.0-1.el7|(none) 2023年07月18日 14時41分15秒
lklug-fonts-0.6-10.20090803cvs.el7|(none) 2023年07月18日 14時48分26秒
procps-ng-3.3.10-28.el7|(none) 2023年07月18日 14時38分42秒
hicolor-icon-theme-0.12-7.el7|(none) 2023年07月18日 14時37分03秒
sgabios-bin-0.20110622svn-4.el7|1 2023年07月18日 14時44分56秒
nss-softokn-3.44.0-8.el7_7|(none) 2023年07月18日 14時33分46秒
javassist-3.16.1-10.el7|(none) 2023年07月18日 14時41分18秒
lohit-telugu-fonts-2.5.3-3.el7|(none) 2023年07月18日 14時48分42秒
polkit-0.112-26.el7|(none) 2023年07月18日 14時38分54秒
btrfs-progs-4.9.1-1.el7|(none) 2023年07月18日 14時37分30秒
pulseaudio-gdm-hooks-10.0-5.el7|(none) 2023年07月18日 14時45分07秒
xcb-util-0.4.0-2.el7|(none) 2023年07月18日 14時33分47秒
gstreamer1-plugins-ugly-free-1.10.4-3.el7|(none) 2023年07月18日 14時41分25秒
openwsman-client-2.6.3-7.git4391e5c.el7|(none) 2023年07月18日 14時48分51秒
abrt-libs-2.1.11-60.el7.centos|(none) 2023年07月18日 14時38分57秒
gnome-menus-3.13.3-3.el7|(none) 2023年07月18日 14時37分37秒
libvirt-daemon-driver-storage-disk-4.5.0-36.el7|(none) 2023年07月18日 14時45分12秒
e2fsprogs-libs-1.42.9-19.el7|(none) 2023年07月18日 14時33分52秒
oddjob-mkhomedir-0.31.5-4.el7|(none) 2023年07月18日 14時41分27秒
man-pages-3.53-5.el7|(none) 2023年07月18日 14時49分10秒
libgs-9.25-5.el7|(none) 2023年07月18日 14時39分05秒
automake-1.13.4-3.el7|(none) 2023年07月18日 14時37分46秒
gnome-initial-setup-3.28.0-2.el7|(none) 2023年07月18日 14時45分18秒
libverto-0.2.5-4.el7|(none) 2023年07月18日 14時33分54秒
speech-dispatcher-python-0.7.1-15.el7|(none) 2023年07月18日 14時41分30秒
libvirt-bash-completion-4.5.0-36.el7|(none) 2023年07月18日 16時19分43秒
usbredir-0.7.1-3.el7|(none) 2023年07月18日 14時39分12秒
urw-base35-d050000l-fonts-20170801-10.el7|(none) 2023年07月18日 14時37分50秒
gucharmap-10.0.4-1.el7|(none) 2023年07月18日 14時45分31秒
xorg-x11-server-utils-7.7-20.el7|(none) 2023年07月18日 14時33分56秒
libreswan-3.25-8.1.el7_7|(none) 2023年07月18日 14時42分25秒
sssd-ad-1.16.5-10.el7|(none) 2023年07月18日 16時23分52秒
kbd-1.15.5-15.el7|(none) 2023年07月18日 14時39分57秒
meanwhile-1.1.0-12.el7|(none) 2023年07月18日 14時37分58秒
setroubleshoot-3.2.30-8.el7|(none) 2023年07月18日 14時45分43秒
libunistring-0.9.3-9.el7|(none) 2023年07月18日 14時33分58秒
libqmi-1.18.0-2.el7|(none) 2023年07月18日 14時39分59秒
libgcc-4.8.5-44.el7|(none) 2023年07月18日 14時32分26秒
ibus-sayura-1.3.2-3.el7|(none) 2023年07月18日 14時45分44秒
libconfig-1.4.9-5.el7|(none) 2023年07月18日 14時34分19秒
postgresql15-contrib-15.2-1PGDG.rhel7|(none) 2023年07月18日 16時44分20秒
python-ipaddress-1.0.16-2.el7|(none) 2023年07月18日 14時38分04秒
libnice-0.1.3-4.el7|(none) 2023年07月18日 14時42分38秒
mesa-dri-drivers-18.3.4-10.el7|(none) 2023年07月18日 14時40分12秒
latencytop-common-0.5-13.el7|(none) 2023年07月18日 14時32分27秒
baobab-3.28.0-2.el7|(none) 2023年07月18日 14時45分48秒
libbasicobjects-0.1.1-32.el7|(none) 2023年07月18日 14時34分20秒
blktrace-1.0.5-9.el7|(none) 2023年07月18日 14時38分06秒
cockpit-system-195.10-1.el7.centos|(none) 2023年07月18日 14時42分44秒
at-spi2-core-2.28.0-1.el7|(none) 2023年07月18日 14時40分18秒
khmeros-fonts-common-5.0-17.el7|(none) 2023年07月18日 14時32分31秒
hpijs-3.15.9-5.el7|1 2023年07月18日 14時47分21秒
perl-Pod-Perldoc-3.20-4.el7|(none) 2023年07月18日 14時34分22秒
McAfeeESP-10.7.16-843|(none) 2024年01月12日 19時43分55秒
newt-python-0.52.15-4.el7|(none) 2023年07月18日 14時38分08秒
cockpit-ws-195.10-1.el7.centos|(none) 2023年07月18日 14時42分54秒
sane-backends-1.0.24-12.el7|(none) 2023年07月18日 14時40分23秒
mesa-filesystem-18.3.4-10.el7|(none) 2023年07月18日 14時33分08秒
vdo-6.1.3.23-5.el7|(none) 2023年07月18日 14時47分25秒
perl-Time-HiRes-1.9725-3.el7|4 2023年07月18日 14時34分24秒
libcacard-2.7.0-1.el7|40 2023年07月18日 14時38分13秒
openscap-1.2.17-11.el7|(none) 2023年07月18日 14時43分02秒
dracut-network-033-572.el7|(none) 2023年07月18日 14時40分32秒
libcom_err-1.42.9-19.el7|(none) 2023年07月18日 14時33分25秒
openlmi-hardware-0.5.0-4.el7|(none) 2023年07月18日 14時47分29秒
perl-TermReadKey-2.30-20.el7|(none) 2023年07月18日 14時34分44秒
libuser-python-0.60-9.el7|(none) 2023年07月18日 14時38分15秒
virt-what-1.18-4.el7|(none) 2023年07月18日 14時43分05秒
dmraid-1.0.0.rc16-28.el7|(none) 2023年07月18日 14時40分37秒
expat-2.1.0-12.el7|(none) 2023年07月18日 14時33分27秒
postfix-2.10.1-9.el7|2 2023年07月18日 14時47分36秒
libusbmuxd-1.0.10-5.el7|(none) 2023年07月18日 14時34分47秒
libproxy-0.4.11-11.el7|(none) 2023年07月18日 14時38分25秒
adwaita-icon-theme-3.28.0-1.el7|(none) 2023年07月18日 14時43分32秒
icedax-1.1.11-25.el7|(none) 2023年07月18日 14時40分43秒
libxslt-1.1.28-6.el7|(none) 2023年07月18日 14時33分29秒
ledmon-0.92-1.el7|(none) 2023年07月18日 14時47分44秒
vim-minimal-7.4.629-7.el7|2 2023年07月18日 14時34分53秒
ustr-1.0.4-16.el7|(none) 2023年07月18日 14時38分28秒
zenity-3.28.1-1.el7|(none) 2023年07月18日 14時44分13秒
abrt-addon-vmcore-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
pixman-0.34.0-1.el7|(none) 2023年07月18日 14時33分32秒
bind-utils-9.11.4-26.P2.el7|32 2023年07月18日 14時48分02秒
lsof-4.87-6.el7|(none) 2023年07月18日 14時35分05秒
libpath_utils-0.2.1-32.el7|(none) 2023年07月18日 14時38分33秒
gnome-packagekit-common-3.28.0-1.el7|(none) 2023年07月18日 14時44分23秒
cogl-1.22.2-2.el7|(none) 2023年07月18日 14時41分03秒
libX11-1.6.7-2.el7|(none) 2023年07月18日 14時33分41秒
iotop-0.6-4.el7|(none) 2023年07月18日 14時48分11秒
fontconfig-2.13.0-4.3.el7|(none) 2023年07月18日 14時36分27秒
yum-utils-1.1.31-54.el7_8|(none) 2023年07月18日 14時38分35秒
python-meh-gui-0.25.3-1.el7|(none) 2023年07月18日 14時44分29秒
libgxps-0.3.0-4.el7|(none) 2023年07月18日 14時41分07秒
libseccomp-2.3.1-4.el7|(none) 2023年07月18日 14時33分42秒
indent-2.2.11-13.el7|(none) 2023年07月18日 14時48分14秒
libsecret-0.18.6-1.el7|(none) 2023年07月18日 14時36分45秒
libiptcdata-1.0.4-11.el7|(none) 2023年07月18日 14時38分40秒
libwnck3-3.24.1-2.el7|(none) 2023年07月18日 14時44分34秒
uom-se-1.0.4-3.el7|(none) 2023年07月18日 14時41分15秒
libv4l-0.9.5-4.el7|(none) 2023年07月18日 14時33分45秒
paktype-naskh-basic-fonts-4.1-3.el7|(none) 2023年07月18日 14時48分23秒
python-six-1.9.0-2.el7|(none) 2023年07月18日 14時37分03秒
kpartx-0.4.9-133.el7|(none) 2023年07月18日 14時38分44秒
libwacom-0.30-1.el7|(none) 2023年07月18日 14時44分58秒
guava-13.0-6.el7|(none) 2023年07月18日 14時41分17秒
hunspell-en-US-0.20121024-6.el7|(none) 2023年07月18日 14時33分46秒
smc-meera-fonts-6.0-7.el7|(none) 2023年07月18日 14時48分40秒
cracklib-2.9.0-11.el7|(none) 2023年07月18日 14時37分27秒
dbus-glib-0.100-7.el7|(none) 2023年07月18日 14時38分54秒
gnome-shell-extension-launch-new-instance-3.28.1-14.el7|(none) 2023年07月18日 14時45分08秒
libglade2-2.6.4-11.el7|(none) 2023年07月18日 14時41分24秒
nettle-2.7.1-8.el7|(none) 2023年07月18日 14時33分48秒
gnu-free-serif-fonts-20120503-8.el7|(none) 2023年07月18日 14時48分48秒
yum-metadata-parser-1.1.4-10.el7|(none) 2023年07月18日 14時37分37秒
libblockdev-utils-2.18-5.el7|(none) 2023年07月18日 14時38分58秒
libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7|(none) 2023年07月18日 14時45分12秒
libblockdev-swap-2.18-5.el7|(none) 2023年07月18日 14時41分26秒
gperftools-libs-2.6.1-1.el7|(none) 2023年07月18日 14時33分52秒
words-3.0-22.el7|(none) 2023年07月18日 14時49分06秒
fipscheck-1.4.1-6.el7|(none) 2023年07月18日 14時37分45秒
qt5-qtbase-5.9.7-4.el7|(none) 2023年07月18日 14時39分07秒
orca-3.6.3-4.el7|(none) 2023年07月18日 14時45分22秒
pulseaudio-utils-10.0-5.el7|(none) 2023年07月18日 14時41分29秒
wavpack-4.60.1-9.el7|(none) 2023年07月18日 14時33分54秒
iwl6000g2a-firmware-18.168.6.1-79.el7|(none) 2023年07月18日 14時49分18秒
libquadmath-devel-4.8.5-44.el7|(none) 2023年07月18日 14時37分49秒
iputils-20160308-10.el7|(none) 2023年07月18日 14時39分12秒
firstboot-19.12-1.el7|(none) 2023年07月18日 14時45分31秒
radvd-2.17-3.el7|(none) 2023年07月18日 14時41分33秒
patch-2.7.1-12.el7_7|(none) 2023年07月18日 14時33分56秒
sssd-common-1.16.5-10.el7|(none) 2023年07月18日 16時23分52秒
compat-libcolord1-1.0.4-1.el7|(none) 2023年07月18日 14時37分58秒
libstoragemgmt-python-clibs-1.8.1-1.el7|(none) 2023年07月18日 14時39分58秒
gvfs-smb-1.36.2-4.el7|(none) 2023年07月18日 14時45分43秒
ibus-hangul-1.4.2-11.el7|(none) 2023年07月18日 14時45分44秒
centos-release-7-9.2009.0.el7.centos|(none) 2023年07月18日 14時32分26秒
openlmi-python-providers-0.5.0-4.el7|(none) 2023年07月18日 14時40分02秒
geoclue2-2.4.8-1.el7|(none) 2023年07月18日 14時42分37秒
python-kmod-0.9-4.el7|(none) 2023年07月18日 14時38分04秒
sscg-2.6.1-1.el7|(none) 2023年07月21日 13時40分56秒
libthai-0.1.14-9.el7|(none) 2023年07月18日 14時34分20秒
firefox-68.10.0-1.el7.centos|(none) 2023年07月18日 14時47分03秒
emacs-filesystem-24.3-23.el7|1 2023年07月18日 14時32分28秒
avahi-gobject-0.6.31-20.el7|(none) 2023年07月18日 14時40分12秒
dleyna-core-0.5.0-1.el7|(none) 2023年07月18日 14時42分43秒
python-urwid-1.1.1-3.el7|(none) 2023年07月18日 14時38分06秒
iw-4.3-2.el7|(none) 2023年07月18日 14時34分22秒
pcp-4.3.2-12.el7|(none) 2023年07月18日 14時47分22秒
python-srpm-macros-3-34.el7|(none) 2023年07月18日 14時32分33秒
ebtables-2.0.10-16.el7|(none) 2023年07月18日 14時40分19秒
gstreamer-plugins-good-0.10.31-13.el7|(none) 2023年07月18日 14時42分47秒
python-iniparse-0.4-9.el7|(none) 2023年07月18日 14時38分07秒
McAfeeFW-10.7.16-37|(none) 2024年01月30日 20時46分08秒
perl-threads-1.87-4.el7|(none) 2023年07月18日 14時34分23秒
hyperv-daemons-0-0.34.20180415git.el7|(none) 2023年07月18日 14時47分25秒
ncurses-base-5.9-14.20130511.el7_4|(none) 2023年07月18日 14時33分09秒
openssh-7.4p1-21.el7|(none) 2023年07月18日 14時40分24秒
fxload-2002_04_11-16.el7|(none) 2023年07月18日 14時42分57秒
librbd1-10.2.5-4.el7|1 2023年07月18日 14時38分13秒
perl-Data-Dumper-2.145-3.el7|(none) 2023年07月18日 14時34分31秒
openlmi-networking-0.3.0-3.el7|(none) 2023年07月18日 14時47分30秒
libjpeg-turbo-1.2.90-8.el7|(none) 2023年07月18日 14時33分25秒
festival-lib-1.96-28.el7|(none) 2023年07月18日 14時40分33秒
cryptsetup-python-2.0.3-6.el7|(none) 2023年07月18日 14時43分04秒
python-deltarpm-3.6-3.el7|(none) 2023年07月18日 14時38分15秒
ipset-libs-7.1-1.el7|(none) 2023年07月18日 14時34分46秒
psacct-6.6.1-13.el7|(none) 2023年07月18日 14時47分37秒
elfutils-libelf-0.176-5.el7|(none) 2023年07月18日 14時33分28秒
hypervvssd-0-0.34.20180415git.el7|(none) 2023年07月18日 14時40分37秒
libkkc-0.3.1-9.el7|(none) 2023年07月18日 14時43分18秒
libmodman-2.0.1-8.el7|(none) 2023年07月18日 14時38分25秒
xcb-util-keysyms-0.4.0-1.el7|(none) 2023年07月18日 14時34分52秒
strace-4.24-6.el7|(none) 2023年07月18日 14時47分44秒
gawk-4.0.2-4.el7_3.1|(none) 2023年07月18日 14時33分30秒
gutenprint-5.2.9-18.el7|(none) 2023年07月18日 14時40分45秒
gnome-online-accounts-3.28.2-1.el7|(none) 2023年07月18日 14時44分08秒
libmspack-0.5-0.8.alpha.el7|(none) 2023年07月18日 14時38分28秒
libchewing-0.3.4-6.el7|(none) 2023年07月18日 14時34分55秒
wsmancli-2.6.0-2.el7|(none) 2023年07月18日 14時48分02秒
gmp-6.0.0-15.el7|1 2023年07月18日 14時33分33秒
abrt-addon-ccpp-2.1.11-60.el7.centos|(none) 2023年07月18日 14時40分57秒
folks-0.11.4-1.el7|1 2023年07月18日 14時44分19秒
libgsf-1.14.26-7.el7|(none) 2023年07月18日 14時38分33秒
glibc-headers-2.17-317.el7|(none) 2023年07月18日 14時35分16秒
wget-1.14-18.el7_6.1|(none) 2023年07月18日 14時48分11秒
libXi-1.7.9-1.el7|(none) 2023年07月18日 14時33分41秒
gstreamer-plugins-base-0.10.36-10.el7|(none) 2023年07月18日 14時41分05秒
gnome-packagekit-updater-3.28.0-1.el7|(none) 2023年07月18日 14時44分25秒
createrepo-0.9.9-28.el7|(none) 2023年07月18日 14時38分35秒
binutils-2.27-44.base.el7|(none) 2023年07月18日 14時36分42秒
nano-2.3.1-10.el7|(none) 2023年07月18日 14時48分14秒
libXv-1.0.11-1.el7|(none) 2023年07月18日 14時33分42秒
libva-devel-1.8.3-1.el7|(none) 2023年07月18日 14時41分11秒
file-roller-3.28.1-2.el7|(none) 2023年07月18日 14時44分33秒
dotconf-1.3-8.el7|(none) 2023年07月18日 14時38分40秒
net-snmp-libs-5.7.2-49.el7|1 2023年07月18日 14時36分47秒
stix-fonts-1.1.0-5.el7|(none) 2023年07月18日 14時48分25秒
gsm-1.0.13-11.el7|(none) 2023年07月18日 14時33分45秒
xorg-x11-drv-ati-19.0.1-3.el7|(none) 2023年07月18日 14時41分15秒
nautilus-3.26.3.1-7.el7|(none) 2023年07月18日 14時44分53秒
device-mapper-1.02.170-6.el7|7 2023年07月18日 14時38分44秒
vlgothic-fonts-20130607-2.el7|(none) 2023年07月18日 14時48分41秒
libmnl-1.0.3-7.el7|(none) 2023年07月18日 14時33分46秒
jsr-311-1.1.1-6.el7|(none) 2023年07月18日 14時41分18秒
gnome-shell-3.28.3-30.el7|(none) 2023年07月18日 14時45分07秒
pulseaudio-libs-10.0-5.el7|(none) 2023年07月18日 14時38分54秒
cracklib-dicts-2.9.0-11.el7|(none) 2023年07月18日 14時37分34秒
google-crosextra-carlito-fonts-1.103-0.2.20130920.el7|(none) 2023年07月18日 14時48分49秒
celt051-0.5.1.3-8.el7|(none) 2023年07月18日 14時33分48秒
paps-libs-0.6.8-28.el7.1|(none) 2023年07月18日 14時41分25秒
nfs-utils-1.3.0-0.68.el7|1 2023年07月18日 14時45分12秒
parted-3.1-32.el7|(none) 2023年07月18日 14時38分58秒
python-augeas-0.5.0-2.el7|(none) 2023年07月18日 14時37分45秒
iwl105-firmware-18.168.6.1-79.el7|(none) 2023年07月18日 14時49分06秒
p11-kit-trust-0.23.5-3.el7|(none) 2023年07月18日 14時33分53秒
dnsmasq-2.76-16.el7|(none) 2023年07月18日 14時41分27秒
gnome-classic-session-3.28.1-14.el7|(none) 2023年07月18日 14時45分17秒
qt5-qtbase-common-5.9.7-4.el7|(none) 2023年07月18日 14時39分05秒
libxcb-devel-1.13-1.el7|(none) 2023年07月18日 14時37分48秒
gpg-pubkey-f4a80eb5-53a7ff4b|(none) 2023年07月18日 16時19分07秒
apr-util-1.5.2-6.el7|(none) 2023年07月18日 14時33分55秒
rtkit-0.11-10.el7|(none) 2023年07月18日 14時41分30秒
initial-setup-gui-0.3.9.45-1.el7.centos|(none) 2023年07月18日 14時45分29秒
accountsservice-libs-0.6.50-7.el7|(none) 2023年07月18日 14時39分12秒
urw-base35-nimbus-roman-fonts-20170801-10.el7|(none) 2023年07月18日 14時37分56秒
sssd-krb5-common-1.16.5-10.el7|(none) 2023年07月18日 16時23分52秒
libassuan-2.1.0-3.el7|(none) 2023年07月18日 14時33分56秒
brlapi-0.6.0-16.el7|(none) 2023年07月18日 14時42分25秒
gnome-calculator-3.28.2-1.el7|(none) 2023年07月18日 14時45分43秒
libstoragemgmt-1.8.1-1.el7|(none) 2023年07月18日 14時39分58秒
flite-1.3-22.el7|(none) 2023年07月18日 14時38分03秒
25202 (1) - Enumerate IPv6 Interfaces via SSH
-
Synopsis
Nessus was able to enumerate the IPv6 interfaces on the remote host.
Description
Nessus was able to enumerate the network interfaces configured with IPv6 addresses by connecting to the remote host via SSH using the supplied credentials.
Solution
Disable IPv6 if you are not actually using it. Otherwise, disable any unused IPv6 interfaces.
Risk Factor
None
Plugin Information
Published: 2007/05/11, Modified: 2022/02/23
Plugin Output

ipaddr (tcp/0)


The following IPv6 interfaces are set on the remote host :

- fe80::d6f5:efff:fe8c:84ac (on interface eno5)
- fd01:e2e2:0:e0c0:d6f5:efff:fe8c:84ac (on interface eno5)
- fd01:e2e2:0:e0c0::141 (on interface eno5)
- fd01:e2e2:0:e0c0::142 (on interface eno5)
- fe80::311d:a8a9:5575:76f6 (on interface eno6)
- ipaddr (on interface eno6)
- fe80::d6f5:efff:fea8:831c (on interface ens1f0)
- ::1 (on interface lo)
25203 (1) - Enumerate IPv4 Interfaces via SSH
-
Synopsis
Nessus was able to enumerate the IPv4 interfaces on the remote host.
Description
Nessus was able to enumerate the network interfaces configured with IPv4 addresses by connecting to the remote host via SSH using the supplied credentials.
Solution
Disable any unused IPv4 interfaces.
Risk Factor
None
Plugin Information
Published: 2007/05/11, Modified: 2024/02/05
Plugin Output

ipaddr (tcp/0)


The following IPv4 addresses are set on the remote host :

- 192.168.100.41 (on interface eno5)
- 192.168.100.152 (on interface eno5:0)
- 192.168.100.151 (on interface eno5:1)
- 192.168.101.41 (on interface ens1f0)
- 127.0.0.1 (on interface lo)
25240 (1) - Samba Server Detection
-
Synopsis
An SMB server is running on the remote host.
Description
The remote host is running Samba, a CIFS/SMB server for Linux and Unix.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2007/05/16, Modified: 2022/10/12
Plugin Output

ipaddr (tcp/445/cifs)

The remote host tries to hide its SMB server type by changing the MAC
address and the LAN manager name.

However by sending several valid and invalid RPC requests it was
possible to fingerprint the remote SMB server as Samba.
26024 (1) - PostgreSQL Server Detection
-
Synopsis
A database service is listening on the remote host.
Description
The remote service is a PostgreSQL database server, or a derivative such as EnterpriseDB.
See Also
Solution
Limit incoming traffic to this port if desired.
Risk Factor
None
Plugin Information
Published: 2007/09/14, Modified: 2023/05/24
Plugin Output

ipaddr (tcp/5432/postgresql)

33276 (1) - Enumerate MAC Addresses via SSH
-
Synopsis
Nessus was able to enumerate MAC addresses on the remote host.
Description
Nessus was able to enumerate MAC addresses by connecting to the remote host via SSH with the supplied credentials.
Solution
Disable any unused interfaces.
Risk Factor
None
Plugin Information
Published: 2008/06/30, Modified: 2022/12/20
Plugin Output

ipaddr (tcp/0)


The following MAC addresses exist on the remote host :

- d4:f5:ef:a8:83:1e (interface ens1f2)
- d4:f5:ef:a8:83:1d (interface ens1f1)
- d4:f5:ef:8c:84:ac (interfaces eno5 & eno5:0 & eno5:1)
- d4:f5:ef:8c:84:ae (interface eno7)
- d4:f5:ef:a8:83:1c (interface ens1f0)
- d4:f5:ef:8c:84:af (interface eno8)
- d4:f5:ef:8c:84:ad (interface eno6)
- d4:f5:ef:a8:83:1f (interface ens1f3)
34098 (1) - BIOS Info (SSH)
-
Synopsis
BIOS info could be read.
Description
Using SMBIOS and UEFI, it was possible to get BIOS info.
Solution
N/A
Risk Factor
None
Plugin Information
Published: 2008/09/08, Modified: 2024/02/12
Plugin Output

ipaddr (tcp/0)

Version : U30
Vendor : HPE
Release Date : 04/20/2023
UUID : 38343250-3634-4753-4833-3034594a4c58
Secure boot : disabled
35351 (1) - System Information Enumeration (via DMI)
-
Synopsis
Information about the remote system's hardware can be read.
Description
Using the SMBIOS (aka DMI) interface, it was possible to retrieve information about the remote system's hardware, such as its product name and serial number.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2009/01/12, Modified: 2016/08/17
Plugin Output

ipaddr (tcp/0)

Chassis Information
Serial Number : SGH304YJLX
Version : Not Specified
Manufacturer : HPE
Lock : Not Present
Type : Rack Mount Chassis

System Information
Serial Number : SGH304YJLX
Version : Not Specified
Manufacturer : HPE
Product Name : ProLiant DL380 Gen10
Family : ProLiant
35716 (1) - Ethernet Card Manufacturer Detection
-
Synopsis
The manufacturer can be identified from the Ethernet OUI.
Description
Each ethernet MAC address starts with a 24-bit Organizationally Unique Identifier (OUI). These OUIs are registered by IEEE.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2009/02/19, Modified: 2020/05/13
Plugin Output

ipaddr (tcp/0)


The following card manufacturers were identified :

D4:F5:EF:A8:83:1E : Hewlett Packard Enterprise
D4:F5:EF:A8:83:1D : Hewlett Packard Enterprise
D4:F5:EF:8C:84:AC : Hewlett Packard Enterprise
D4:F5:EF:8C:84:AE : Hewlett Packard Enterprise
D4:F5:EF:A8:83:1C : Hewlett Packard Enterprise
D4:F5:EF:8C:84:AF : Hewlett Packard Enterprise
D4:F5:EF:8C:84:AD : Hewlett Packard Enterprise
D4:F5:EF:A8:83:1F : Hewlett Packard Enterprise
39520 (1) - Backported Security Patch Detection (SSH)
-
Synopsis
Security patches are backported.
Description
Security patches may have been 'backported' to the remote SSH server without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2009/06/25, Modified: 2015/07/07
Plugin Output

ipaddr (tcp/22/ssh)


Local checks have been enabled.
39521 (1) - Backported Security Patch Detection (WWW)
-
Synopsis
Security patches are backported.
Description
Security patches may have been 'backported' to the remote HTTP server without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2009/06/25, Modified: 2015/07/07
Plugin Output

ipaddr (tcp/443/www)


Local checks have been enabled.
42410 (1) - Microsoft Windows NTLMSSP Authentication Request Remote Network Name Disclosure
-
Synopsis
It is possible to obtain the network name of the remote host.
Description
The remote host listens on tcp port 445 and replies to SMB requests.

By sending an NTLMSSP authentication request it is possible to obtain the name of the remote system and the name of its domain.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2009/11/06, Modified: 2019/11/22
Plugin Output

ipaddr (tcp/445/cifs)

The following 2 NetBIOS names have been gathered :

masked_hostname = Computer name
masked_hostname = Workgroup / Domain name
45432 (1) - Processor Information (via DMI)
-
Synopsis
Nessus was able to read information about the remote system's processor.
Description
Nessus was able to retrieve information about the remote system's hardware, such as its processor type, by using the SMBIOS (aka DMI) interface.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2010/04/06, Modified: 2016/02/25
Plugin Output

ipaddr (tcp/0)


Nessus detected 2 processors :

Current Speed : 2900 MHz
Version : Intel(R) Xeon(R) Gold 6226R CPU @ 2.90GHz
Manufacturer : Intel(R) Corporation
External Clock : 100 MHz
Status : Populated, Enabled
Family : Xeon
Type : Central Processor

Current Speed : 2900 MHz
Version : Not Specified
Manufacturer : HPE
External Clock : 100 MHz
Status : No errors detected
Family : ProLiant
Type : x16 PCI Express 3
45433 (1) - Memory Information (via DMI)
-
Synopsis
Information about the remote system's memory devices can be read.
Description
Using the SMBIOS (aka DMI) interface, it was possible to retrieve information about the remote system's memory devices, such as the total amount of installed memory.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2010/04/06, Modified: 2018/03/29
Plugin Output

ipaddr (tcp/0)


Total memory : 262144 MB
45590 (1) - Common Platform Enumeration (CPE)
-
Synopsis
It was possible to enumerate CPE names that matched on the remote system.
Description
By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform Enumeration) matches for various hardware and software products found on a host.

Note that if an official CPE is not available for the product, this plugin computes the best possible CPE based on the information available from the scan.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2010/04/21, Modified: 2024/04/03
Plugin Output

ipaddr (tcp/0)


The remote operating system matched the following CPE :

cpe:/o:centos:centos:7:update9 -> CentOS

Following application CPE's matched on the remote system :

cpe:/a:apache:http_server:2.4.57 -> Apache Software Foundation Apache HTTP Server
cpe:/a:apache:log4j:1.2.17 -> Apache Software Foundation log4j
cpe:/a:apache:log4j:2.17.1 -> Apache Software Foundation log4j
cpe:/a:apache:log4j:2.8.2 -> Apache Software Foundation log4j
cpe:/a:gnupg:libgcrypt:1.5.3 -> GnuPG Libgcrypt
cpe:/a:haxx:curl:7.29.0 -> Haxx Curl
cpe:/a:haxx:libcurl:7.29.0 -> Haxx libcurl
cpe:/a:haxx:libcurl:7.80.0 -> Haxx libcurl
cpe:/a:haxx:libcurl:8.0.1 -> Haxx libcurl
cpe:/a:mcafee:epolicy_orchestrator_agent:5.8.0.161 -> McAfee ePolicy Orchestrator Agent
cpe:/a:oisf:suricata -> OISF (The Open Information Security Foundation) Suricata
cpe:/a:openbsd:openssh:7.4 -> OpenBSD OpenSSH
cpe:/a:openssl:openssl:1.0.2k -> OpenSSL Project OpenSSL
cpe:/a:openssl:openssl:1.0.2k-fips -> OpenSSL Project OpenSSL
cpe:/a:openssl:openssl:1.0.2z -> OpenSSL Project OpenSSL
cpe:/a:openssl:openssl:1.0.2zg -> OpenSSL Project OpenSSL
cpe:/a:openssl:openssl:1.0.2zi -> OpenSSL Project OpenSSL
cpe:/a:oracle:glassfish:5.1 -> Oracle GlassFish
cpe:/a:oracle:glassfish_server:5.1.0 -> Oracle GlassFish Server v
cpe:/a:postgresql:postgresql -> PostgreSQL
cpe:/a:postgresql:postgresql:15.2 -> PostgreSQL
cpe:/a:samba:samba -> Samba Samba
cpe:/a:samba:samba:4.10.16 -> Samba Samba
cpe:/a:sqlite:sqlite:3.7.17 -> SQLite
cpe:/a:tukaani:xz:5.2.2 -> Tukaani XZ
cpe:/a:vim:vim:7.4 -> Vim
cpe:/a:vmware:open_vm_tools:11.0.5
cpe:/a:webmproject:libwebp:0.3.0-7 -> WebM Project libwebp
x-cpe:/a:java:jre:1.8.0_262
48204 (1) - Apache HTTP Server Version
-
Synopsis
It is possible to obtain the version number of the remote Apache HTTP server.
Description
The remote host is running the Apache HTTP Server, an open source web server. It was possible to read the version number from the banner.
See Also
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0030
XREF IAVT:0001-T-0530
Plugin Information
Published: 2010/07/30, Modified: 2023/08/17
Plugin Output

ipaddr (tcp/443/www)


URL : https://ipaddr/
Version : 2.4.57
Source : Server: Apache/2.4.57 (CentOS Linux) OpenSSL/1.0.2k-fips mod_auth_gssapi/1.5.1
backported : 0
modules : OpenSSL/1.0.2k-fips mod_auth_gssapi/1.5.1
os : CentOS Linux
53335 (1) - RPC portmapper (TCP)
-
Synopsis
An ONC RPC portmapper is running on the remote host.
Description
The RPC portmapper is running on this port.

The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2011/04/08, Modified: 2011/08/29
Plugin Output

ipaddr (tcp/111/rpc-portmapper)

54615 (1) - Device Type
-
Synopsis
It is possible to guess the remote device type.
Description
Based on the remote operating system, it is possible to determine what the remote system type is (eg: a printer, router, general-purpose computer, etc).
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2011/05/23, Modified: 2022/09/09
Plugin Output

ipaddr (tcp/0)

Remote device type : general-purpose
Confidence level : 100
55472 (1) - Device Hostname
-
Synopsis
It was possible to determine the remote system hostname.
Description
This plugin reports a device's hostname collected via SSH or WMI.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2011/06/30, Modified: 2024/03/27
Plugin Output

ipaddr (tcp/0)


Hostname : masked_hostname
masked_hostname (hostname command)
56310 (1) - Firewall Rule Enumeration
-
Synopsis
A firewall is configured on the remote host.
Description
Using the supplied credentials, Nessus was able to get a list of firewall rules from the remote host.

Note: The output for this plugin can be very long, and is not shown by default. To display it, enable verbose reporting in scan settings.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2011/09/28, Modified: 2020/09/11
Plugin Output

ipaddr (tcp/0)


By running "lsmod | grep -q _conntrack_ipv4 && iptables -L -n -v -t nat", Nessus was able to get the
following list of firewall rules :

Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

By running "lsmod | grep -q iptable_filter && iptables -L -n -v -t filter", Nessus was able to get the
following list of firewall rules :

Chain INPUT (policy DROP 4671 packets, 6174K bytes)
pkts bytes target prot opt in out source destination
60231 23M MFE_INPUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy DROP 10 packets, 400 bytes)
pkts bytes target prot opt in out source destination
56414 84M MFE_OUTPUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0

Chain MFE_Adaptive_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination

Chain MFE_Adaptive_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination

Chain MFE_BlockEven_IN_868247356 (0 references)
pkts bytes target prot opt in out source destination
0 0 NFQUEUE tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 5/hour burst 5 mode srcip-dstport NFQUEUE num 3
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 NFQUEUE udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 5/hour burst 5 mode srcip-dstport NFQUEUE num 3
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 NFQUEUE icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 5/hour burst 5 mode srcip NFQUEUE num 3
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 5/hour burst 5 mode srcip NFQUEUE num 3
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain MFE_BlockEven_OUT_868247356 (0 references)
pkts bytes target prot opt in out source destination
0 0 NFQUEUE tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 5/hour burst 5 mode dstip-dstport NFQUEUE num 3
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 NFQUEUE udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 5/hour burst 5 mode dstip-dstport NFQUEUE num 3
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 NFQUEUE icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 5/hour burst 5 mode dstip NFQUEUE num 3
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 5/hour burst 5 mode dstip NFQUEUE num 3
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain MFE_Client_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 22 MARK set 0x133
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 22
0 0 MARK all -- * * 127.0.0.0/8 127.0.0.0/8 MARK set 0x134
0 0 ACCEPT all -- * * 127.0.0.0/8 127.0.0.0/8
0 0 MARK all -- * * 192.168.100.151 192.168.100.151 MARK set 0x136
0 0 MARK all -- * * 192.168.100.151 192.168.100.152 MARK set 0x136
0 0 MARK all -- * * 192.168.100.151 192.168.100.41 MARK set 0x136
0 0 MARK all -- * * 192.168.100.151 192.168.101.41 MARK set 0x136
0 0 MARK all -- * * 192.168.100.152 192.168.100.151 MARK set 0x136
0 0 MARK all -- * * 192.168.100.152 192.168.100.152 MARK set 0x136
0 0 MARK all -- * * 192.168.100.152 192.168.100.41 MARK set 0x136
0 0 MARK all -- * * 192.168.100.152 192.168.101.41 MARK set 0x136
0 0 MARK all -- * * 192.168.100.41 192.168.100.151 MARK set 0x136
0 0 MARK all -- * * 192.168.100.41 192.168.100.152 MARK set 0x136
46 2760 MARK all -- * * 192.168.100.41 192.168.100.41 MARK set 0x136
0 0 MARK all -- * * 192.168.100.41 192.168.101.41 MARK set 0x136
0 0 MARK all -- * * 192.168.101.41 192.168.100.151 MARK set 0x136
0 0 MARK all -- * * 192.168.101.41 192.168.100.152 MARK set 0x136
0 0 MARK all -- * * 192.168.101.41 192.168.100.41 MARK set 0x136
0 0 MARK all -- * * 192.168.101.41 192.168.101.41 MARK set 0x136
0 0 ACCEPT all -- * * 192.168.100.151 192.168.100.151
0 0 ACCEPT all -- * * 192.168.100.151 192.168.100.152
0 0 ACCEPT all -- * * 192.168.100.151 192.168.100.41
0 0 ACCEPT all -- * * 192.168.100.151 192.168.101.41
0 0 ACCEPT all -- * * 192.168.100.152 192.168.100.151
0 0 ACCEPT all -- * * 192.168.100.152 192.168.100.152
0 0 ACCEPT all -- * * 192.168.100.152 192.168.100.41
0 0 ACCEPT all -- * * 192.168.100.152 192.168.101.41
0 0 ACCEPT all -- * * 192.168.100.41 192.168.100.151
0 0 ACCEPT all -- * * 192.168.100.41 192.168.100.152
46 2760 ACCEPT all -- * * 192.168.100.41 192.168.100.41
0 0 ACCEPT all -- * * 192.168.100.41 192.168.101.41
0 0 ACCEPT all -- * * 192.168.101.41 192.168.100.151
0 0 ACCEPT all -- * * 192.168.101.41 192.168.100.152
0 0 ACCEPT all -- * * 192.168.101.41 192.168.100.41
0 0 ACCEPT all -- * * 192.168.101.41 192.168.101.41

Chain MFE_Client_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK all -- * * 127.0.0.0/8 127.0.0.0/8 MARK set 0x134
0 0 ACCEPT all -- * * 127.0.0.0/8 127.0.0.0/8
10 760 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 123 MARK set 0x135
10 760 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 123
0 0 MARK all -- * * 192.168.100.151 192.168.100.151 MARK set 0x136
0 0 MARK all -- * * 192.168.100.151 192.168.100.152 MARK set 0x136
0 0 MARK all -- * * 192.168.100.151 192.168.100.41 MARK set 0x136
0 0 MARK all -- * * 192.168.100.151 192.168.101.41 MARK set 0x136
0 0 MARK all -- * * 192.168.100.152 192.168.100.151 MARK set 0x136
0 0 MARK all -- * * 192.168.100.152 192.168.100.152 MARK set 0x136
0 0 MARK all -- * * 192.168.100.152 192.168.100.41 MARK set 0x136
0 0 MARK all -- * * 192.168.100.152 192.168.101.41 MARK set 0x136
0 0 MARK all -- * * 192.168.100.41 192.168.100.151 MARK set 0x136
0 0 MARK all -- * * 192.168.100.41 192.168.100.152 MARK set 0x136
0 0 MARK all -- * * 192.168.100.41 192.168.100.41 MARK set 0x136
0 0 MARK all -- * * 192.168.100.41 192.168.101.41 MARK set 0x136
0 0 MARK all -- * * 192.168.101.41 192.168.100.151 MARK set 0x136
0 0 MARK all -- * * 192.168.101.41 192.168.100.152 MARK set 0x136
0 0 MARK all -- * * 192.168.101.41 192.168.100.41 MARK set 0x136
0 0 MARK all -- * * 192.168.101.41 192.168.101.41 MARK set 0x136
0 0 ACCEPT all -- * * 192.168.100.151 192.168.100.151
0 0 ACCEPT all -- * * 192.168.100.151 192.168.100.152
0 0 ACCEPT all -- * * 192.168.100.151 192.168.100.41
0 0 ACCEPT all -- * * 192.168.100.151 192.168.101.41
0 0 ACCEPT all -- * * 192.168.100.152 192.168.100.151
0 0 ACCEPT all -- * * 192.168.100.152 192.168.100.152
0 0 ACCEPT all -- * * 192.168.100.152 192.168.100.41
0 0 ACCEPT all -- * * 192.168.100.152 192.168.101.41
0 0 ACCEPT all -- * * 192.168.100.41 192.168.100.151
0 0 ACCEPT all -- * * 192.168.100.41 192.168.100.152
0 0 ACCEPT all -- * * 192.168.100.41 192.168.100.41
0 0 ACCEPT all -- * * 192.168.100.41 192.168.101.41
0 0 ACCEPT all -- * * 192.168.101.41 192.168.100.151
0 0 ACCEPT all -- * * 192.168.101.41 192.168.100.152
0 0 ACCEPT all -- * * 192.168.101.41 192.168.100.41
0 0 ACCEPT all -- * * 192.168.101.41 192.168.101.41

Chain MFE_Group_10_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 3389 MARK set 0x12d
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 3389

Chain MFE_Group_10_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 3389 MARK set 0x12e
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 3389

Chain MFE_Group_1_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination

Chain MFE_Group_1_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
1340 48240 MARK icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 255 MARK set 0x109
1340 48240 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 255
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 53 MARK set 0x10a
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 53
0 0 MARK all -- * * 0.0.0.0/0 255.255.255.255 MARK set 0x10b
565 33900 MARK all -- * * 0.0.0.0/0 127.0.0.1 MARK set 0x10b
0 0 ACCEPT all -- * * 0.0.0.0/0 255.255.255.255
565 33900 ACCEPT all -- * * 0.0.0.0/0 127.0.0.1
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 68 multiport dports 67 MARK set 0x10c
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 68 multiport dports 67

Chain MFE_Group_2_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination

Chain MFE_Group_2_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 8443 MARK set 0x10f
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 8443

Chain MFE_Group_3_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 123 multiport dports 123 MARK set 0x112
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 123 multiport sports 123

Chain MFE_Group_3_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 68 multiport dports 67 MARK set 0x110
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 68 multiport dports 67
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 53 MARK set 0x111
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 53
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 123 multiport dports 123 MARK set 0x112
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 123 multiport dports 123

Chain MFE_Group_4_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 500 MARK set 0x113
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 500
0 0 MARK 47 -- * * 0.0.0.0/0 0.0.0.0/0 MARK set 0x114
0 0 ACCEPT 47 -- * * 0.0.0.0/0 0.0.0.0/0

Chain MFE_Group_4_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK 47 -- * * 0.0.0.0/0 0.0.0.0/0 MARK set 0x114
0 0 ACCEPT 47 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 500 MARK set 0x115
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 500

Chain MFE_Group_5_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination
645 23220 MARK icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 255 MARK set 0x116
645 23220 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 255

Chain MFE_Group_5_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 255 MARK set 0x116
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 255

Chain MFE_Group_6_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 445 MARK set 0x119
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 445
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 445 MARK set 0x11b
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 445

Chain MFE_Group_6_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
8 480 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 389,636,3268:3269 MARK set 0x117
8 480 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 389,636,3268:3269
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 389,636,3268:3269 MARK set 0x118
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 389,636,3268:3269
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 445 MARK set 0x11a
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 445
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 445 MARK set 0x11c
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 445

Chain MFE_Group_7_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK tcp -- * * 192.168.100.0/24 0.0.0.0/0 state NEW multiport dports 135 MARK set 0x11d
0 0 MARK tcp -- * * 192.168.101.0/24 0.0.0.0/0 state NEW multiport dports 135 MARK set 0x11d
0 0 ACCEPT tcp -- * * 192.168.100.0/24 0.0.0.0/0 state NEW multiport dports 135
0 0 ACCEPT tcp -- * * 192.168.101.0/24 0.0.0.0/0 state NEW multiport dports 135
0 0 MARK udp -- * * 0.0.0.0/0 192.168.100.0/24 multiport sports 137 multiport dports 137 MARK set 0x11f
0 0 MARK udp -- * * 0.0.0.0/0 192.168.101.0/24 multiport sports 137 multiport dports 137 MARK set 0x11f
0 0 ACCEPT udp -- * * 192.168.100.0/24 0.0.0.0/0 multiport dports 137 multiport sports 137
0 0 ACCEPT udp -- * * 192.168.101.0/24 0.0.0.0/0 multiport dports 137 multiport sports 137
0 0 MARK udp -- * * 0.0.0.0/0 192.168.100.0/24 multiport sports 138 multiport dports 138 MARK set 0x120
0 0 MARK udp -- * * 0.0.0.0/0 192.168.101.0/24 multiport sports 138 multiport dports 138 MARK set 0x120
0 0 ACCEPT udp -- * * 192.168.100.0/24 0.0.0.0/0 multiport dports 138 multiport sports 138
0 0 ACCEPT udp -- * * 192.168.101.0/24 0.0.0.0/0 multiport dports 138 multiport sports 138
0 0 MARK tcp -- * * 192.168.100.0/24 0.0.0.0/0 state NEW multiport dports 139 MARK set 0x122
0 0 MARK tcp -- * * 192.168.101.0/24 0.0.0.0/0 state NEW multiport dports 139 MARK set 0x122
0 0 ACCEPT tcp -- * * 192.168.100.0/24 0.0.0.0/0 state NEW multiport dports 139
0 0 ACCEPT tcp -- * * 192.168.101.0/24 0.0.0.0/0 state NEW multiport dports 139
0 0 MARK udp -- * * 192.168.100.0/24 0.0.0.0/0 multiport dports 139 MARK set 0x124
0 0 MARK udp -- * * 192.168.101.0/24 0.0.0.0/0 multiport dports 139 MARK set 0x124
0 0 ACCEPT udp -- * * 192.168.100.0/24 0.0.0.0/0 multiport dports 139
0 0 ACCEPT udp -- * * 192.168.101.0/24 0.0.0.0/0 multiport dports 139
0 0 MARK tcp -- * * 192.168.100.0/24 0.0.0.0/0 state NEW multiport dports 139 MARK set 0x125
0 0 MARK tcp -- * * 192.168.101.0/24 0.0.0.0/0 state NEW multiport dports 139 MARK set 0x125
0 0 ACCEPT tcp -- * * 192.168.100.0/24 0.0.0.0/0 state NEW multiport dports 139
0 0 ACCEPT tcp -- * * 192.168.101.0/24 0.0.0.0/0 state NEW multiport dports 139
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 135,137:139 MARK set 0x126
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 135,137:139 LOG flags 0 level 4 prefix "MFE_I_B_Block_untrusted_NetB"
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 135,137:139
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 135,137:139 MARK set 0x127
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,137:139 LOG flags 0 level 4 prefix "MFE_I_B_Block_untrusted_NetB"
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,137:139

Chain MFE_Group_7_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK tcp -- * * 0.0.0.0/0 192.168.100.0/24 state NEW multiport dports 135 MARK set 0x11e
0 0 MARK tcp -- * * 0.0.0.0/0 192.168.101.0/24 state NEW multiport dports 135 MARK set 0x11e
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.100.0/24 state NEW multiport dports 135
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.101.0/24 state NEW multiport dports 135
0 0 MARK udp -- * * 0.0.0.0/0 192.168.100.0/24 multiport sports 137 multiport dports 137 MARK set 0x11f
0 0 MARK udp -- * * 0.0.0.0/0 192.168.101.0/24 multiport sports 137 multiport dports 137 MARK set 0x11f
0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.100.0/24 multiport sports 137 multiport dports 137
0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.101.0/24 multiport sports 137 multiport dports 137
0 0 MARK udp -- * * 0.0.0.0/0 192.168.100.0/24 multiport sports 138 multiport dports 138 MARK set 0x120
0 0 MARK udp -- * * 0.0.0.0/0 192.168.101.0/24 multiport sports 138 multiport dports 138 MARK set 0x120
0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.100.0/24 multiport sports 138 multiport dports 138
0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.101.0/24 multiport sports 138 multiport dports 138
0 0 MARK udp -- * * 0.0.0.0/0 192.168.100.0/24 multiport dports 139 MARK set 0x121
0 0 MARK udp -- * * 0.0.0.0/0 192.168.101.0/24 multiport dports 139 MARK set 0x121
0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.100.0/24 multiport dports 139
0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.101.0/24 multiport dports 139
0 0 MARK tcp -- * * 0.0.0.0/0 192.168.100.0/24 state NEW multiport dports 139 MARK set 0x123
0 0 MARK tcp -- * * 0.0.0.0/0 192.168.101.0/24 state NEW multiport dports 139 MARK set 0x123
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.100.0/24 state NEW multiport dports 139
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.101.0/24 state NEW multiport dports 139
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 135,137:139 MARK set 0x126
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 135,137:139 LOG flags 0 level 4 prefix "MFE_O_B_Block_untrusted_NetB"
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 135,137:139
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 135,137:139 MARK set 0x127
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 135,137:139 LOG flags 0 level 4 prefix "MFE_O_B_Block_untrusted_NetB"
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 135,137:139

Chain MFE_Group_8_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination

Chain MFE_Group_8_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 1024:65535 multiport dports 21 MARK set 0x128
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 1024:65535 multiport dports 21
113 6780 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 80,443 MARK set 0x129
113 6780 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 80,443

Chain MFE_Group_9_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination

Chain MFE_Group_9_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 110,995 MARK set 0x12a
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 110,995
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 143,993 MARK set 0x12b
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 143,993
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 25 MARK set 0x12c
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 25

Chain MFE_INPUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
46597 15M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
13634 8165K MFE_MA_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
13633 8165K MFE_Group_1_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 22,139,389,443,445,5432,8080,8181,18080:18081,29001:29004,29008:29010 MARK set 0x10d
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 29031:29032,29051:29052,29071:29072,51003:51005 MARK set 0x10d
1100 64992 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 22,139,389,443,445,5432,8080,8181,18080:18081,29001:29004,29008:29010
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 29031:29032,29051:29052,29071:29072,51003:51005
1904 170K MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 53,137:138,29002:29003,29006 MARK set 0x10e
6702 1871K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 53,137:138,29002:29003,29006
5831 6230K MFE_Group_2_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
5831 6230K MFE_Group_3_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
5831 6230K MFE_Group_4_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
5831 6230K MFE_Group_5_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
5186 6206K MFE_Group_6_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
5186 6206K MFE_Group_7_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
5186 6206K MFE_Group_8_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
5186 6206K MFE_Group_9_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
5186 6206K MFE_Group_10_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 1024:65535 multiport dports 161 MARK set 0x12f
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 1024:65535 multiport sports 161
468 28080 MARK all -- * * 127.0.0.1 0.0.0.0/0 MARK set 0x132
468 28080 ACCEPT all -- * * 0.0.0.0/0 127.0.0.1
4718 6178K MFE_Client_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
4672 6176K MFE_Adaptive_IN_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0

Chain MFE_MA_IN_868247356 (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK udp -- * * 192.168.100.1 0.0.0.0/0 multiport dports 8083 MARK set 0x103
0 0 ACCEPT udp -- * * 192.168.100.1 0.0.0.0/0 multiport dports 8083
1 104 MARK udp -- * * 192.168.100.1 0.0.0.0/0 multiport dports 8082 MARK set 0x104
1 104 ACCEPT udp -- * * 192.168.100.1 0.0.0.0/0 multiport dports 8082
0 0 MARK tcp -- * * 192.168.100.1 0.0.0.0/0 state NEW multiport dports 8081 MARK set 0x105
0 0 ACCEPT tcp -- * * 192.168.100.1 0.0.0.0/0 state NEW multiport dports 8081
1048 344K MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 68 multiport dports 67 MARK set 0x106
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 68 multiport sports 67

Chain MFE_MA_OUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
6 360 MARK tcp -- * * 0.0.0.0/0 192.168.100.1 state NEW multiport dports 443 MARK set 0x101
6 360 ACCEPT tcp -- * * 0.0.0.0/0 192.168.100.1 state NEW multiport dports 443
0 0 MARK tcp -- * * 0.0.0.0/0 192.168.100.1 state NEW multiport dports 80 MARK set 0x102
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.100.1 state NEW multiport dports 80
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 68 multiport dports 67 MARK set 0x106
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 68 multiport dports 67
44 4276 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 53 MARK set 0x107
44 4276 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 53
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 53 MARK set 0x108
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 53

Chain MFE_OUTPUT_868247356 (1 references)
pkts bytes target prot opt in out source destination
45098 76M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
11316 7669K MFE_MA_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
11266 7664K MFE_Group_1_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 22,139,389,443,445,5432,8080,8181,18080:18081,29001:29004,29008:29010 MARK set 0x10d
0 0 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 29031:29032,29051:29052,29071:29072,51003:51005 MARK set 0x10d
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 22,139,389,443,445,5432,8080,8181,18080:18081,29001:29004,29008:29010
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW multiport sports 29031:29032,29051:29052,29071:29072,51003:51005
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 53,137:138,29002:29003,29006 MARK set 0x10e
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 53,137:138,29002:29003,29006
9361 7582K MFE_Group_2_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
9361 7582K MFE_Group_3_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
9361 7582K MFE_Group_4_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
9361 7582K MFE_Group_5_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
9361 7582K MFE_Group_6_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
9353 7582K MFE_Group_7_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
9353 7582K MFE_Group_8_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
9240 7575K MFE_Group_9_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
9240 7575K MFE_Group_10_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 1024:65535 multiport dports 161 MARK set 0x12f
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 1024:65535 multiport dports 161
936 56160 MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW MARK set 0x130
936 56160 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW
8284 7517K MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 1024:65535 multiport dports 1024:65535 MARK set 0x131
8284 7517K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 1024:65535 multiport dports 1024:65535
0 0 MARK all -- * * 127.0.0.1 0.0.0.0/0 MARK set 0x132
0 0 ACCEPT all -- * * 127.0.0.1 0.0.0.0/0
20 1160 MFE_Client_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
10 400 MFE_Adaptive_OUT_868247356 all -- * * 0.0.0.0/0 0.0.0.0/0
56468 (1) - Time of Last System Startup
-
Synopsis
The system has been started.
Description
Using the supplied credentials, Nessus was able to determine when the host was last started.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2011/10/12, Modified: 2018/06/19
Plugin Output

ipaddr (tcp/0)


reboot system boot 3.10.0-1160.el7. Fri Mar 22 13:39 - 12:43 (31+23:04)
reboot system boot 3.10.0-1160.el7. Thu Mar 21 13:23 - 11:14 (21:51)
reboot system boot 3.10.0-1160.el7. Mon Mar 18 09:14 - 13:21 (3+04:07)
reboot system boot 3.10.0-1160.el7. Thu Feb 22 17:11 - 15:43 (21+22:31)
reboot system boot 3.10.0-1160.el7. Fri Feb 9 17:23 - 15:43 (34+22:19)
reboot system boot 3.10.0-1160.el7. Fri Feb 9 15:26 - 17:22 (01:55)
reboot system boot 3.10.0-1160.el7. Fri Feb 9 14:48 - 15:25 (00:37)
reboot system boot 3.10.0-1160.el7. Fri Feb 9 14:20 - 14:37 (00:16)
reboot system boot 3.10.0-1160.el7. Thu Feb 8 15:39 - 14:18 (22:38)
reboot system boot 3.10.0-1160.el7. Thu Feb 8 14:48 - 15:23 (00:35)
reboot system boot 3.10.0-1160.el7. Wed Feb 7 15:12 - 15:23 (1+00:11)
reboot system boot 3.10.0-1160.el7. Fri Feb 2 19:52 - 15:23 (5+19:31)
reboot system boot 3.10.0-1160.el7. Fri Feb 2 19:28 - 19:39 (00:11)
reboot system boot 3.10.0-1160.el7. Fri Feb 2 18:49 - 19:13 (00:23)
reboot system boot 3.10.0-1160.el7. Tue Jan 30 21:02 - 17:56 (2+20:54)
reboot system boot 3.10.0-1160.el7. Mon Jan 29 17:23 - 17:56 (4+00:33)
reboot system boot 3.10.0-1160.el7. Mon Jan 29 17:06 - 17:21 (00:15)
reboot system boot 3.10.0-1160.el7. Fri Jan 26 10:59 - 17:04 (3+06:04)
reboot system boot 3.10.0-1160.el7. Tue Jan 23 10:24 - 17:04 (6+06:40)
reboot system boot 3.10.0-1160.el7. Wed Jan 10 09:58 - 10:16 (13+00:18)
reboot system boot 3.10.0-1160.el7. Tue Jan 9 10:58 - 10:16 (13+23:17)
reboot system boot 3.10.0-1160.el7. Tue Jan 9 09:09 - 10:16 (14+01:07)
reboot system boot 3.10.0-1160.el7. Thu Dec 21 09:49 - 15:33 (6+05:43)
reboot system boot 3.10.0-1160.el7. Tue Dec 19 09:14 - 15:33 (8+06:19)
reboot system boot 3.10.0-1160.el7. Mon Dec 18 20:33 - 20:42 (00:09)
reboot system boot 3.10.0-1160.el7. Mon Dec 18 20:23 - 20:42 (00:18)
reboot system boot 3.10.0-1160.el7. Mon Dec 18 20:11 - 20:42 (00:31)
reboot system boot 3.10.0-1160.el7. Mon Dec 18 19:55 - 20:04 (00:09)
reboot system boot 3.10.0-1160.el7. Mon Dec 4 13:56 - 10:12 (13+20:16)
reboot system boot 3.10.0-1160.el7. Mon Dec 4 09:40 - 11:56 (02:16)
reboot system boot 3.10.0-1160.el7. Mon Dec 4 09:29 - 11:56 (02:27)
reboot system boot 3.10.0-1160.el7. Thu Nov 30 13:10 - 13:58 (1+00:47)
reboot system boot 3.10.0-1160.el7. Wed Nov 22 14:43 - 13:58 (8+23:15)
reboot system boot 3.10.0-1160.el7. Mon Nov 13 17:13 - 13:58 (17+20:44)
reboot system boot 3.10.0-1160.el7. Tue Nov 7 10:05 - 17:09 (6+07:03)
reboot system boot 3.10.0-1160.el7. Tue Nov 7 02:32 - 17:09 (6+14:36)
reboot system boot 3.10.0-1160.el7. Thu Nov 2 12:08 - 17:09 (11+05:00)
reboot system boot 3.10.0-1160.el7. Thu Oct 26 20:10 - 13:23 (5+17:12)
reboot system boot 3.10.0-1160.el7. Thu Oct 26 19:34 - 20:09 (00:35)
reboot system boot 3.10.0-1160.el7. Tue Oct 24 16:51 - 19:32 (2+02:41)
reboot system boot 3.10.0-1160.el7. Tue Oct 24 16:42 - 19:32 (2+02:49)
reboot system boot 3.10.0-1160.el7. Tue Oct 24 11:58 - 16:41 (04:43)
reboot system boot 3.10.0-1160.el7. Tue Oct 24 11:44 - 11:48 (00:03)
reboot system boot 3.10.0-1160.el7. Tue Oct 24 11:35 - 11:42 (00:06)
reboot system boot 3.10.0-1160.el7. Mon Oct 23 22:37 - 11:42 (13:05)
reboot system boot 3.10.0-1160.el7. Mon Oct 23 22:24 - 22:35 (00:10)
reboot system boot 3.10.0-1160.el7. Mon Oct 23 21:30 - 22:22 (00:52)
reboot system boot 3.10.0-1160.el7. Mon Oct 23 20:57 - 22:22 (01:25)
reboot system boot 3.10.0-1160.el7. Mon Oct 23 20:49 - 20:55 (00:05)
reboot system boot 3.10.0-1160.el7. Mon Oct 23 20:17 - 20:55 (00:37)
reboot system boot 3.10.0-1160.el7. Mon Oct 23 20:08 - 20:55 (00:47)
reboot system boot 3.10.0-1160.el7. Mon Oct 23 19:40 - 20:05 (00:25)
reboot system boot 3.10.0-1160.el7. Mon Oct 23 16:37 - 19:38 (03:01)
reboot system boot 3.10.0-1160.el7. Mon Oct 23 11:48 - 16:35 (04:47)
reboot system boot 3.10.0-1160.el7. Fri Oct 20 11:52 - 09:35 (2+21:43)
reboot system boot 3.10.0-1160.el7. Fri Oct 20 11:29 - 09:35 (2+22:06)
reboot system boot 3.10.0-1160.el7. Thu Oct 19 19:30 - 09:35 (3+14:04)
reboot system boot 3.10.0-1160.el7. Fri Oct 13 09:27 - 19:29 (6+10:02)
reboot system boot 3.10.0-1160.el7. Thu Oct 12 20:47 - 09:25 (12:38)
reboot system boot 3.10.0-1160.el7. Tue Oct 10 21:22 - 09:25 (2+12:03)
reboot system boot 3.10.0-1160.el7. Tue Oct 10 19:08 - 09:25 (2+14:17)
reboot system boot 3.10.0-1160.el7. Tue Oct 10 17:53 - 09:25 (2+15:32)
reboot system boot 3.10.0-1160.el7. Tue Oct 10 16:55 - 17:52 (00:56)
reboot system boot 3.10.0-1160.el7. Fri Oct 6 12:20 - 16:32 (4+04:12)
reboot system boot 3.10.0-1160.el7. Tue Oct 3 10:23 - 12:19 (3+01:56)
reboot system boot 3.10.0-1160.el7. Fri Sep 29 19:38 - 12:19 (6+16:40)
reboot system boot 3.10.0-1160.el7. Tue Sep 26 18:05 - 18:03 (2+23:58)
reboot system boot 3.10.0-1160.el7. Mon Sep 25 14:32 - 17:06 (1+02:34)
reboot system boot 3.10.0-1160.el7. Tue Sep 19 11:07 - 17:06 (7+05:59)
reboot system boot 3.10.0-1160.el7. Thu Sep 14 15:31 - 11:05 (4+19:34)
reboot system boot 3.10.0-1160.el7. Tue Sep 12 16:53 - 11:05 (6+18:12)
reboot system boot 3.10.0-1160.el7. Tue Sep 12 09:44 - 16:47 (07:02)
reboot system boot 3.10.0-1160.el7. Mon Sep 11 11:46 - 16:47 (1+05:01)
reboot system boot 3.10.0-1160.el7. Thu Sep 7 17:49 - 18:12 (00:23)
reboot system boot 3.10.0-1160.el7. Thu Sep 7 16:15 - 16:55 (00:40)
reboot system boot 3.10.0-1160.el7. Thu Aug 31 08:41 - 08:43 (00:01)
reboot system boot 3.10.0-1160.el7. Wed Aug 30 15:53 - 15:54 (00:01)
reboot system boot 3.10.0-1160.el7. Wed Aug 30 15:46 - 15:50 (00:04)
reboot system boot 3.10.0-1160.el7. Thu Aug 17 09:43 - 15:25 (13+05:42)
reboot system boot 3.10.0-1160.el7. Tue Aug 8 14:27 - 14:37 (00:10)
reboot system boot 3.10.0-1160.el7. Tue Aug 8 13:44 - 14:25 (00:40)
reboot system boot 3.10.0-1160.el7. Tue Aug 8 13:26 - 14:25 (00:58)
reboot system boot 3.10.0-1160.el7. Tue Aug 8 11:13 - 13:23 (02:10)
reboot system boot 3.10.0-1160.el7. Tue Aug 8 10:59 - 11:04 (00:05)
reboot system boot 3.10.0-1160.el7. Mon Jul 31 15:59 - 11:04 (7+19:04)
reboot system boot 3.10.0-1160.el7. Wed Jul 26 09:39 - 15:57 (5+06:18)
reboot system boot 3.10.0-1160.el7. Tue Jul 25 09:59 - 08:55 (22:55)
reboot system boot 3.10.0-1160.el7. Fri Jul 21 09:07 - 17:43 (3+08:36)
reboot system boot 3.10.0-1160.el7. Wed Jul 19 16:13 - 17:16 (01:03)
reboot system boot 3.10.0-1160.el7. Wed Jul 19 16:05 - 17:16 (01:11)
reboot system boot 3.10.0-1160.el7. Wed Jul 19 11:24 - 16:04 (04:39)
reboot system boot 3.10.0-1160.el7. Wed Jul 19 09:08 - 11:23 (02:14)
reboot system boot 3.10.0-1160.el7. Tue Jul 18 17:59 - 11:23 (17:23)
reboot system boot 3.10.0-1160.el7. Tue Jul 18 15:52 - 11:23 (19:30)
reboot system boot 3.10.0-1160.el7. Tue Jul 18 14:57 - 15:50 (00:53)

wtmp begins Tue Jul 18 14:57:06 2023
57323 (1) - OpenSSL Version Detection
-
Synopsis
Nessus was able to detect the OpenSSL version.
Description
Nessus was able to extract the OpenSSL version from the web server's banner. Note that security patches in many cases are backported and the displayed version number does not show the patch level. Using it to identify vulnerable software is likely to lead to false detections.
See Also
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0682
Plugin Information
Published: 2011/12/16, Modified: 2023/03/27
Plugin Output

ipaddr (tcp/443/www)


Source : Apache/2.4.57 (CentOS Linux) OpenSSL/1.0.2k-fips mod_auth_gssapi/1.5.1
Reported version : 1.0.2k
Backported version : 1.0.2zzzz
58651 (1) - Netstat Active Connections
-
Synopsis
Active connections are enumerated via the 'netstat' command.
Description
This plugin runs 'netstat' on the remote machine to enumerate all active 'ESTABLISHED' or 'LISTENING' tcp/udp connections.

Note: The output for this plugin can be very long, and is not shown by default. To display it, enable verbose reporting in scan settings.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2012/04/10, Modified: 2021/06/29
Plugin Output

ipaddr (tcp/0)


Netstat output :
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:29031 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:29071 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:29051 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN
tcp 0 0 192.168.101.41:53286 192.168.101.42:29001 TIME_WAIT
tcp 0 0 127.0.0.1:5432 127.0.0.1:60810 ESTABLISHED
tcp 0 0 192.168.101.41:29071 192.168.101.42:40212 ESTABLISHED
tcp 0 0 192.168.101.41:37942 192.168.101.42:29051 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:60910 ESTABLISHED
tcp 0 0 192.168.101.41:34215 192.168.101.42:29001 TIME_WAIT
tcp 0 0 192.168.101.41:53070 192.168.101.42:29031 ESTABLISHED
tcp 0 0 192.168.101.41:29031 192.168.101.42:59378 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:60798 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:33006 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:33284 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:32918 ESTABLISHED
tcp 0 0 192.168.101.41:36886 192.168.101.42:29071 ESTABLISHED
tcp 0 0 192.168.101.41:49446 192.168.101.42:29001 TIME_WAIT
tcp 0 0 127.0.0.1:5432 127.0.0.1:60878 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:32854 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:33018 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:60932 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:60766 ESTABLISHED
tcp 0 0 192.168.101.41:55899 192.168.101.42:29001 TIME_WAIT
tcp 0 0 127.0.0.1:5432 127.0.0.1:60770 ESTABLISHED
tcp 0 0 192.168.101.41:29051 192.168.101.42:51276 ESTABLISHED
tcp 0 0 192.168.101.41:51803 192.168.101.42:29008 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:60882 ESTABLISHED
tcp 0 0 192.168.101.41:54879 192.168.101.41:29004 TIME_WAIT
tcp 0 0 192.168.100.152:37546 192.168.100.1:389 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:60880 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:60936 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:33106 ESTABLISHED
tcp 0 0 127.0.0.1:33278 127.0.0.1:5432 TIME_WAIT
tcp 0 0 127.0.0.1:5432 127.0.0.1:33144 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:32802 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:33258 ESTABLISHED
tcp 0 0 127.0.0.1:5432 127.0.0.1:33068 ESTABLISHED
tcp6 0 0 :::29001 :::* LISTEN
tcp6 0 0 :::29002 :::* LISTEN
tcp6 0 0 :::36171 :::* LISTEN
tcp6 0 0 :::29003 :::* LISTEN
tcp6 0 0 :::139 :::* LISTEN
tcp6 0 0 :::3820 :::* LISTEN
tcp6 0 0 :::29004 :::* LISTEN
tcp6 0 0 :::38478 :::* LISTEN
tcp6 0 0 :::28686 :::* LISTEN
tcp6 0 0 :::8686 :::* LISTEN
tcp6 0 0 :::111 :::* LISTEN
tcp6 0 0 :::3920 :::* LISTEN
tcp6 0 0 :::33456 :::* LISTEN
tcp6 0 0 :::24848 :::* LISTEN
tcp6 0 0 :::9168 :::* LISTEN
tcp6 0 0 :::28080 :::* LISTEN
tcp6 0 0 :::4848 :::* LISTEN
tcp6 0 0 :::8080 :::* LISTEN
tcp6 0 0 :::29008 :::* LISTEN
tcp6 0 0 :::8081 :::* LISTEN
tcp6 0 0 :::42898 :::* LISTEN
tcp6 0 0 :::3700 :::* LISTEN
tcp6 0 0 :::9108 :::* LISTEN
tcp6 0 0 :::33845 :::* LISTEN
tcp6 0 0 :::28181 :::* LISTEN
tcp6 0 0 :::8181 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 :::5432 :::* LISTEN
tcp6 0 0 :::42648 :::* LISTEN
tcp6 0 0 :::35256 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
tcp6 0 0 fd01:e2e2:0:e0c0::51003 :::* LISTEN
tcp6 0 0 :::443 :::* LISTEN
tcp6 0 0 :::27676 :::* LISTEN
tcp6 0 0 :::7676 :::* LISTEN
tcp6 0 0 fd01:e2e2:0:e0c0::51004 :::* LISTEN
tcp6 0 0 :::445 :::* LISTEN
tcp6 0 0 :::7776 :::* LISTEN
tcp6 0 0 :::37664 :::* LISTEN
tcp6 0 0 :::27776 :::* LISTEN
tcp6 0 0 :::18081 :::* LISTEN
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::58821 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55778 ESTABLISHED
tcp6 0 0 127.0.0.1:59558 127.0.0.1:4848 TIME_WAIT
tcp6 0 0 127.0.0.1:33006 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 127.0.0.1:33106 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 127.0.0.1:24848 127.0.0.1:52258 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55743 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0::40934 fd01:e2e2:0:e0c0::51005 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55648 ESTABLISHED
tcp6 0 784 ipaddr:22 fd01:e2e2:0:e0c0::58061 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55787 ESTABLISHED
tcp6 0 0 127.0.0.1:60810 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55956 ESTABLISHED
tcp6 0 0 127.0.0.1:60932 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 192.168.101.41:29004 192.168.101.42:42320 TIME_WAIT
tcp6 0 0 192.168.101.41:29004 192.168.101.41:54879 TIME_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55958 ESTABLISHED
tcp6 1 0 fd01:e2e2:0:e0c0::58548 fd01:e2e2:0:e0c0::28181 CLOSE_WAIT
tcp6 0 0 192.168.101.41:29004 192.168.101.41:40654 TIME_WAIT
tcp6 0 0 192.168.101.41:29008 192.168.101.42:55870 ESTABLISHED
tcp6 0 0 127.0.0.1:60878 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0::1:445 fd01:e2e2:0:e0c0::64074 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::50186 ESTABLISHED
tcp6 0 0 127.0.0.1:32854 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 127.0.0.1:60880 127.0.0.1:5432 ESTABLISHED
tcp6 1 0 fd01:e2e2:0:e0c0::58810 fd01:e2e2:0:e0c0::28181 CLOSE_WAIT
tcp6 0 0 127.0.0.1:33018 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 127.0.0.1:24848 127.0.0.1:52260 ESTABLISHED
tcp6 0 0 127.0.0.1:52260 127.0.0.1:24848 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::50184 ESTABLISHED
tcp6 0 0 192.168.100.41:34924 192.168.100.41:36171 TIME_WAIT
tcp6 0 0 127.0.0.1:32802 127.0.0.1:5432 ESTABLISHED
tcp6 1 0 fd01:e2e2:0:e0c0::59094 fd01:e2e2:0:e0c0::28181 CLOSE_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55740 ESTABLISHED
tcp6 0 0 127.0.0.1:33284 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0::1:445 fd01:e2e2:0:e0c0::55603 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::50093 ESTABLISHED
tcp6 1 0 192.168.100.152:52002 130.81.39.170:443 CLOSE_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::50094 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::58819 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55649 ESTABLISHED
tcp6 0 0 127.0.0.1:60936 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::58824 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::58827 ESTABLISHED
tcp6 0 0 127.0.0.1:60910 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 192.168.101.41:29004 192.168.101.41:60602 TIME_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::50095 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55955 ESTABLISHED
tcp6 0 0 192.168.101.41:29004 192.168.101.42:38808 TIME_WAIT
tcp6 0 0 127.0.0.1:59572 127.0.0.1:4848 TIME_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::58823 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55646 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55651 ESTABLISHED
tcp6 0 0 127.0.0.1:60766 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55957 ESTABLISHED
tcp6 0 0 192.168.101.41:29004 192.168.101.41:49969 TIME_WAIT
tcp6 0 0 127.0.0.1:52258 127.0.0.1:24848 ESTABLISHED
tcp6 0 0 127.0.0.1:33258 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55739 ESTABLISHED
tcp6 1 0 fd01:e2e2:0:e0c0::58814 fd01:e2e2:0:e0c0::28181 CLOSE_WAIT
tcp6 0 0 127.0.0.1:59574 127.0.0.1:4848 TIME_WAIT
tcp6 0 0 127.0.0.1:60722 127.0.0.1:5432 TIME_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55741 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::58826 ESTABLISHED
tcp6 1 0 fd01:e2e2:0:e0c0::59090 fd01:e2e2:0:e0c0::28181 CLOSE_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::58818 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55783 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::50097 ESTABLISHED
tcp6 0 0 127.0.0.1:60798 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55796 ESTABLISHED
tcp6 0 0 192.168.101.41:29004 192.168.101.42:58746 TIME_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0::1:445 fd01:e2e2:0:e0c0::51232 ESTABLISHED
tcp6 0 0 127.0.0.1:59556 127.0.0.1:4848 TIME_WAIT
tcp6 0 0 127.0.0.1:33068 127.0.0.1:5432 ESTABLISHED
tcp6 1 0 fd01:e2e2:0:e0c0::59342 fd01:e2e2:0:e0c0::28181 CLOSE_WAIT
tcp6 1 0 fd01:e2e2:0:e0c0::58544 fd01:e2e2:0:e0c0::28181 CLOSE_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55959 ESTABLISHED
tcp6 0 0 192.168.101.41:29004 192.168.101.41:39826 TIME_WAIT
tcp6 0 0 127.0.0.1:33144 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 127.0.0.1:32918 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::58825 ESTABLISHED
tcp6 0 0 192.168.101.41:29004 192.168.101.42:52260 TIME_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::50183 ESTABLISHED
tcp6 0 0 127.0.0.1:60882 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::50182 ESTABLISHED
tcp6 0 0 192.168.101.41:29004 192.168.101.41:59244 TIME_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55792 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55742 ESTABLISHED
tcp6 0 0 192.168.101.41:29004 192.168.101.42:60208 TIME_WAIT
tcp6 1 0 fd01:e2e2:0:e0c0::59346 fd01:e2e2:0:e0c0::28181 CLOSE_WAIT
tcp6 0 0 127.0.0.1:60770 127.0.0.1:5432 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::50185 ESTABLISHED
tcp6 1 0 192.168.100.152:52004 130.81.39.170:443 CLOSE_WAIT
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::55647 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::58822 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::58820 ESTABLISHED
tcp6 0 0 fd01:e2e2:0:e0c0:::5432 fd01:e2e2:0:e0c0::50096 ESTABLISHED
udp 0 0 0.0.0.0:111 0.0.0.0:*
udp 0 0 0.0.0.0:123 0.0.0.0:*
udp 0 0 127.0.0.1:323 0.0.0.0:*
udp 0 0 0.0.0.0:854 0.0.0.0:*
udp6 0 0 :::15161 :::*
udp6 0 0 :::15161 :::*
udp6 0 0 :::29003 :::*
udp6 0 0 :::29006 :::*
udp6 0 0 :::111 :::*
udp6 0 0 ::1:323 :::*
udp6 0 0 :::854 :::*
udp6 0 0 :::8082 :::*
64582 (1) - Netstat Connection Information
-
Synopsis
Nessus was able to parse the results of the 'netstat' command on the remote host.
Description
The remote host has listening ports or established connections that Nessus was able to extract from the results of the 'netstat' command.

Note: The output for this plugin can be very long, and is not shown by default. To display it, enable verbose reporting in scan settings.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2013/02/13, Modified: 2023/05/23
Plugin Output

ipaddr (tcp/0)

tcp4 (listen)
src: [host=0.0.0.0, port=29031]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=139]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=29071]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=111]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=22]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=5432]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=127.0.0.1, port=25]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=29051]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=445]
dst: [host=0.0.0.0, port=*]

tcp4 (established)
src: [host=192.168.101.41, port=53286]
dst: [host=192.168.101.42, port=29001]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=60810]

tcp4 (established)
src: [host=192.168.101.41, port=29071]
dst: [host=192.168.101.42, port=40212]

tcp4 (established)
src: [host=192.168.101.41, port=37942]
dst: [host=192.168.101.42, port=29051]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=60910]

tcp4 (established)
src: [host=192.168.101.41, port=34215]
dst: [host=192.168.101.42, port=29001]

tcp4 (established)
src: [host=192.168.101.41, port=53070]
dst: [host=192.168.101.42, port=29031]

tcp4 (established)
src: [host=192.168.101.41, port=29031]
dst: [host=192.168.101.42, port=59378]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=60798]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=33006]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=33284]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=32918]

tcp4 (established)
src: [host=192.168.101.41, port=36886]
dst: [host=192.168.101.42, port=29071]

tcp4 (established)
src: [host=192.168.101.41, port=49446]
dst: [host=192.168.101.42, port=29001]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=60878]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=32854]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=33018]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=60932]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=60766]

tcp4 (established)
src: [host=192.168.101.41, port=55899]
dst: [host=192.168.101.42, port=29001]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=60770]

tcp4 (established)
src: [host=192.168.101.41, port=29051]
dst: [host=192.168.101.42, port=51276]

tcp4 (established)
src: [host=192.168.101.41, port=51803]
dst: [host=192.168.101.42, port=29008]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=60882]

tcp4 (established)
src: [host=192.168.101.41, port=54879]
dst: [host=192.168.101.41, port=29004]

tcp4 (established)
src: [host=192.168.100.152, port=37546]
dst: [host=192.168.100.1, port=389]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=60880]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=60936]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=33106]

tcp4 (established)
src: [host=127.0.0.1, port=33278]
dst: [host=127.0.0.1, port=5432]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=33144]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=32802]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=33258]

tcp4 (established)
src: [host=127.0.0.1, port=5432]
dst: [host=127.0.0.1, port=33068]

tcp6 (listen)
src: [host=::, port=29001]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=29002]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=36171]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=29003]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=139]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=3820]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=29004]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=38478]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=28686]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=8686]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=111]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=3920]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=33456]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=24848]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=9168]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=28080]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=4848]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=8080]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=29008]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=8081]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=42898]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=3700]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=9108]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=33845]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=28181]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=8181]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=22]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=5432]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=42648]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=35256]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::1, port=25]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=fd01:e2e2:0:e0c0:, port=51003]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=443]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=27676]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=7676]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=fd01:e2e2:0:e0c0:, port=51004]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=445]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=7776]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=37664]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=27776]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=18081]
dst: [host=::, port=*]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=58821]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55778]

tcp46 (established)
src: [host=127.0.0.1, port=59558]
dst: [host=127.0.0.1, port=4848]

tcp46 (established)
src: [host=127.0.0.1, port=33006]
dst: [host=127.0.0.1, port=5432]

tcp46 (established)
src: [host=127.0.0.1, port=33106]
dst: [host=127.0.0.1, port=5432]

tcp46 (established)
src: [host=127.0.0.1, port=24848]
dst: [host=127.0.0.1, port=52258]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55743]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0:, port=40934]
dst: [host=fd01:e2e2:0:e0c0:, port=51005]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55648]

tcp6 (established)
src: [host=ipaddr, port=22]
dst: [host=fd01:e2e2:0:e0c0:, port=58061]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55787]

tcp46 (established)
src: [host=127.0.0.1, port=60810]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55956]

tcp46 (established)
src: [host=127.0.0.1, port=60932]
dst: [host=127.0.0.1, port=5432]

tcp46 (established)
src: [host=192.168.101.41, port=29004]
dst: [host=192.168.101.42, port=42320]

tcp46 (established)
src: [host=192.168.101.41, port=29004]
dst: [host=192.168.101.41, port=54879]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55958]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0:, port=58548]
dst: [host=fd01:e2e2:0:e0c0:, port=28181]

tcp46 (established)
src: [host=192.168.101.41, port=29004]
dst: [host=192.168.101.41, port=40654]

tcp46 (established)
src: [host=192.168.101.41, port=29008]
dst: [host=192.168.101.42, port=55870]

tcp46 (established)
src: [host=127.0.0.1, port=60878]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::1, port=445]
dst: [host=fd01:e2e2:0:e0c0:, port=64074]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=50186]

tcp46 (established)
src: [host=127.0.0.1, port=32854]
dst: [host=127.0.0.1, port=5432]

tcp46 (established)
src: [host=127.0.0.1, port=60880]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0:, port=58810]
dst: [host=fd01:e2e2:0:e0c0:, port=28181]

tcp46 (established)
src: [host=127.0.0.1, port=33018]
dst: [host=127.0.0.1, port=5432]

tcp46 (established)
src: [host=127.0.0.1, port=24848]
dst: [host=127.0.0.1, port=52260]

tcp46 (established)
src: [host=127.0.0.1, port=52260]
dst: [host=127.0.0.1, port=24848]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=50184]

tcp46 (established)
src: [host=192.168.100.41, port=34924]
dst: [host=192.168.100.41, port=36171]

tcp46 (established)
src: [host=127.0.0.1, port=32802]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0:, port=59094]
dst: [host=fd01:e2e2:0:e0c0:, port=28181]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55740]

tcp46 (established)
src: [host=127.0.0.1, port=33284]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::1, port=445]
dst: [host=fd01:e2e2:0:e0c0:, port=55603]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=50093]

tcp46 (established)
src: [host=192.168.100.152, port=52002]
dst: [host=130.81.39.170, port=443]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=50094]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=58819]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55649]

tcp46 (established)
src: [host=127.0.0.1, port=60936]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=58824]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=58827]

tcp46 (established)
src: [host=127.0.0.1, port=60910]
dst: [host=127.0.0.1, port=5432]

tcp46 (established)
src: [host=192.168.101.41, port=29004]
dst: [host=192.168.101.41, port=60602]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=50095]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55955]

tcp46 (established)
src: [host=192.168.101.41, port=29004]
dst: [host=192.168.101.42, port=38808]

tcp46 (established)
src: [host=127.0.0.1, port=59572]
dst: [host=127.0.0.1, port=4848]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=58823]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55646]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55651]

tcp46 (established)
src: [host=127.0.0.1, port=60766]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55957]

tcp46 (established)
src: [host=192.168.101.41, port=29004]
dst: [host=192.168.101.41, port=49969]

tcp46 (established)
src: [host=127.0.0.1, port=52258]
dst: [host=127.0.0.1, port=24848]

tcp46 (established)
src: [host=127.0.0.1, port=33258]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55739]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0:, port=58814]
dst: [host=fd01:e2e2:0:e0c0:, port=28181]

tcp46 (established)
src: [host=127.0.0.1, port=59574]
dst: [host=127.0.0.1, port=4848]

tcp46 (established)
src: [host=127.0.0.1, port=60722]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55741]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=58826]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0:, port=59090]
dst: [host=fd01:e2e2:0:e0c0:, port=28181]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=58818]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55783]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=50097]

tcp46 (established)
src: [host=127.0.0.1, port=60798]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55796]

tcp46 (established)
src: [host=192.168.101.41, port=29004]
dst: [host=192.168.101.42, port=58746]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::1, port=445]
dst: [host=fd01:e2e2:0:e0c0:, port=51232]

tcp46 (established)
src: [host=127.0.0.1, port=59556]
dst: [host=127.0.0.1, port=4848]

tcp46 (established)
src: [host=127.0.0.1, port=33068]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0:, port=59342]
dst: [host=fd01:e2e2:0:e0c0:, port=28181]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0:, port=58544]
dst: [host=fd01:e2e2:0:e0c0:, port=28181]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55959]

tcp46 (established)
src: [host=192.168.101.41, port=29004]
dst: [host=192.168.101.41, port=39826]

tcp46 (established)
src: [host=127.0.0.1, port=33144]
dst: [host=127.0.0.1, port=5432]

tcp46 (established)
src: [host=127.0.0.1, port=32918]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=58825]

tcp46 (established)
src: [host=192.168.101.41, port=29004]
dst: [host=192.168.101.42, port=52260]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=50183]

tcp46 (established)
src: [host=127.0.0.1, port=60882]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=50182]

tcp46 (established)
src: [host=192.168.101.41, port=29004]
dst: [host=192.168.101.41, port=59244]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55792]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55742]

tcp46 (established)
src: [host=192.168.101.41, port=29004]
dst: [host=192.168.101.42, port=60208]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0:, port=59346]
dst: [host=fd01:e2e2:0:e0c0:, port=28181]

tcp46 (established)
src: [host=127.0.0.1, port=60770]
dst: [host=127.0.0.1, port=5432]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=50185]

tcp46 (established)
src: [host=192.168.100.152, port=52004]
dst: [host=130.81.39.170, port=443]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=55647]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=58822]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=58820]

tcp6 (established)
src: [host=fd01:e2e2:0:e0c0::, port=5432]
dst: [host=fd01:e2e2:0:e0c0:, port=50096]

udp4 (listen)
src: [host=0.0.0.0, port=111]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=123]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=127.0.0.1, port=323]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=854]
dst: [host=0.0.0.0, port=*]

udp6 (listen)
src: [host=::, port=15161]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=15161]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=29003]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=29006]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=111]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::1, port=323]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=854]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=8082]
dst: [host=::, port=*]
66334 (1) - Patch Report
-
Synopsis
The remote host is missing several patches.
Description
The remote host is missing one or more security patches. This plugin lists the newest version of each patch to install to make sure the remote host is up-to-date.

Note: Because the 'Show missing patches that have been superseded' setting in your scan policy depends on this plugin, it will always run and cannot be disabled.
Solution
Install the patches listed below.
Risk Factor
None
Plugin Information
Published: 2013/07/08, Modified: 2024/04/09
Plugin Output

ipaddr (tcp/0)



. You need to take the following 70 actions :


[ Apache Log4j 2.0 < 2.3.2 / 2.4 < 2.12.4 / 2.13 < 2.17.1 RCE (156327) ]

+ Action to take : Upgrade to Apache Log4j version 2.17.1, 2.12.4, or 2.3.2 or later, or apply the vendor mitigation.

Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.

+ Impact : Taking this action will resolve the following 5 different vulnerabilities :
CVE-2021-45105, CVE-2021-45046, CVE-2021-44832, CVE-2021-44228, CVE-2021-4104



[ CentOS 7 : apr-util (RHSA-2023:3145) (178965) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : bind (RHSA-2023:5691) (187264) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 12 different vulnerabilities :
CVE-2023-3341, CVE-2023-2828, CVE-2022-38178, CVE-2022-38177, CVE-2022-2795
CVE-2021-25220, CVE-2021-25215, CVE-2021-25214, CVE-2020-8625, CVE-2020-8624
CVE-2020-8623, CVE-2020-8622


[ CentOS 7 : binutils (CESA-2021:4033) (155548) ]

+ Action to take : Update the affected binutils and / or binutils-devel packages.


[ CentOS 7 : c-ares (RHSA-2023:3741) (178972) ]

+ Action to take : Update the affected c-ares and / or c-ares-devel packages.


[ CentOS 7 : cups (RHSA-2023:4766) (187242) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : curl (CESA-2020:5002) (143057) ]

+ Action to take : Update the affected curl, libcurl and / or libcurl-devel packages.


[ CentOS 7 : cyrus-sasl (CESA-2022:0666) (158439) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : device-mapper-multipath (CESA-2022:7186) (168320) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : dhcp (CESA-2021:2357) (150763) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : dnsmasq (CESA-2021:0153) (145439) ]

+ Action to take : Update the affected dnsmasq and / or dnsmasq-utils packages.

+ Impact : Taking this action will resolve the following 3 different vulnerabilities :
CVE-2020-25686, CVE-2020-25685, CVE-2020-25684


[ CentOS 7 : emacs (RHSA-2023:3481) (178967) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : expat (CESA-2022:6834) (166549) ]

+ Action to take : Update the affected expat, expat-devel and / or expat-static packages.

+ Impact : Taking this action will resolve the following 13 different vulnerabilities :
CVE-2022-40674, CVE-2022-25315, CVE-2022-25236, CVE-2022-25235, CVE-2022-23852
CVE-2022-22827, CVE-2022-22826, CVE-2022-22825, CVE-2022-22824, CVE-2022-22823
CVE-2022-22822, CVE-2021-46143, CVE-2021-45960


[ CentOS 7 : firefox (RHSA-2024:1486) (192540) ]

+ Action to take : Update the affected firefox package.

+ Impact : Taking this action will resolve the following 249 different vulnerabilities :
CVE-2024-29944, CVE-2024-2616, CVE-2024-2614, CVE-2024-2612, CVE-2024-2611
CVE-2024-2610, CVE-2024-2608, CVE-2024-2607, CVE-2024-1553, CVE-2024-1552
CVE-2024-1551, CVE-2024-1550, CVE-2024-1549, CVE-2024-1548, CVE-2024-1547
CVE-2024-1546, CVE-2024-0755, CVE-2024-0753, CVE-2024-0751, CVE-2024-0750
CVE-2024-0749, CVE-2024-0747, CVE-2024-0746, CVE-2024-0743, CVE-2024-0742
CVE-2024-0741, CVE-2023-6867, CVE-2023-6865, CVE-2023-6864, CVE-2023-6863
CVE-2023-6862, CVE-2023-6861, CVE-2023-6860, CVE-2023-6859, CVE-2023-6858
CVE-2023-6857, CVE-2023-6856, CVE-2023-6212, CVE-2023-6209, CVE-2023-6208
CVE-2023-6207, CVE-2023-6206, CVE-2023-6205, CVE-2023-6204, CVE-2023-5732
CVE-2023-5730, CVE-2023-5728, CVE-2023-5725, CVE-2023-5724, CVE-2023-5721
CVE-2023-5388, CVE-2023-5217, CVE-2023-5176, CVE-2023-5171, CVE-2023-5169
CVE-2023-5129, CVE-2023-4863, CVE-2023-4585, CVE-2023-4584, CVE-2023-4583
CVE-2023-4581, CVE-2023-4580, CVE-2023-4578, CVE-2023-4577, CVE-2023-4575
CVE-2023-4574, CVE-2023-4573, CVE-2023-44488, CVE-2023-4057, CVE-2023-4056
CVE-2023-4055, CVE-2023-4053, CVE-2023-4051, CVE-2023-4050, CVE-2023-4049
CVE-2023-4048, CVE-2023-4047, CVE-2023-4046, CVE-2023-4045, CVE-2023-37211
CVE-2023-37208, CVE-2023-37207, CVE-2023-37202, CVE-2023-37201, CVE-2023-3600
CVE-2023-34416, CVE-2023-34414, CVE-2023-32215, CVE-2023-32213, CVE-2023-32212
CVE-2023-32211, CVE-2023-32207, CVE-2023-32206, CVE-2023-32205, CVE-2023-29550
CVE-2023-29548, CVE-2023-29541, CVE-2023-29539, CVE-2023-29536, CVE-2023-29535
CVE-2023-29533, CVE-2023-28176, CVE-2023-28164, CVE-2023-28162, CVE-2023-25752
CVE-2023-25751, CVE-2023-25746, CVE-2023-25744, CVE-2023-25743, CVE-2023-25742
CVE-2023-25739, CVE-2023-25737, CVE-2023-25735, CVE-2023-25732, CVE-2023-25730
CVE-2023-25729, CVE-2023-25728, CVE-2023-23605, CVE-2023-23603, CVE-2023-23602
CVE-2023-23601, CVE-2023-23599, CVE-2023-23598, CVE-2023-1999, CVE-2023-1945
CVE-2022-46877, CVE-2022-46871, CVE-2022-45421, CVE-2022-45420, CVE-2022-45418
CVE-2022-45416, CVE-2022-45412, CVE-2022-45411, CVE-2022-45410, CVE-2022-45409
CVE-2022-45408, CVE-2022-45406, CVE-2022-45405, CVE-2022-45404, CVE-2022-45403
CVE-2022-38478, CVE-2022-38477, CVE-2022-38476, CVE-2022-38473, CVE-2022-38472
CVE-2022-36319, CVE-2022-36318, CVE-2022-34484, CVE-2022-34481, CVE-2022-34479
CVE-2022-34472, CVE-2022-34470, CVE-2022-34468, CVE-2022-31747, CVE-2022-31744
CVE-2022-31742, CVE-2022-31741, CVE-2022-31740, CVE-2022-31738, CVE-2022-31737
CVE-2022-31736, CVE-2022-29917, CVE-2022-29916, CVE-2022-29914, CVE-2022-29912
CVE-2022-29911, CVE-2022-29909, CVE-2022-26486, CVE-2022-26485, CVE-2022-26387
CVE-2022-26386, CVE-2022-26384, CVE-2022-26383, CVE-2022-26381, CVE-2022-25315
CVE-2022-25236, CVE-2022-25235, CVE-2022-2505, CVE-2022-22764, CVE-2022-22763
CVE-2022-22761, CVE-2022-22760, CVE-2022-22759, CVE-2022-22756, CVE-2022-22754
CVE-2022-22751, CVE-2022-22748, CVE-2022-22747, CVE-2022-22745, CVE-2022-22743
CVE-2022-22742, CVE-2022-22741, CVE-2022-22740, CVE-2022-22739, CVE-2022-22738
CVE-2022-22737, CVE-2022-2200, CVE-2021-4140, CVE-2021-38509, CVE-2021-38508
CVE-2021-38507, CVE-2021-38506, CVE-2021-38504, CVE-2021-38503, CVE-2021-38501
CVE-2021-38500, CVE-2021-38498, CVE-2021-38497, CVE-2021-38496, CVE-2021-38493
CVE-2021-32810, CVE-2021-30547, CVE-2021-29989, CVE-2021-29988, CVE-2021-29986
CVE-2021-29985, CVE-2021-29984, CVE-2021-29980, CVE-2021-29976, CVE-2021-29970
CVE-2021-29967, CVE-2021-23987, CVE-2021-23984, CVE-2021-23982, CVE-2021-23981
CVE-2021-23978, CVE-2021-23973, CVE-2021-23969, CVE-2021-23968, CVE-2020-6514
CVE-2020-6463, CVE-2020-26968, CVE-2020-26965, CVE-2020-26961, CVE-2020-26960
CVE-2020-26959, CVE-2020-26958, CVE-2020-26956, CVE-2020-26953, CVE-2020-26951
CVE-2020-26950, CVE-2020-16044, CVE-2020-16012, CVE-2020-15969, CVE-2020-15683
CVE-2020-15669, CVE-2020-15664, CVE-2020-15659, CVE-2020-15652


[ CentOS 7 : flatpak (CESA-2021:4044) (155550) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 3 different vulnerabilities :
CVE-2021-41133, CVE-2021-21381, CVE-2021-21261


[ CentOS 7 : freerdp (CESA-2021:4619) (155540) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 2 different vulnerabilities :
CVE-2021-41160, CVE-2021-41159


[ CentOS 7 : freetype (CESA-2020:4907) (142598) ]

+ Action to take : Update the affected freetype, freetype-demos and / or freetype-devel packages.


[ CentOS 7 : gd (CESA-2020:5443) (144370) ]

+ Action to take : Update the affected gd, gd-devel and / or gd-progs packages.


[ CentOS 7 : gdm / libX11 / libxkbcommon / xorg-x11-drv-ati / xorg-x11-drv-vesa / etc (CESA-2019:2079) (128349) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 13 different vulnerabilities :
CVE-2018-15864, CVE-2018-15863, CVE-2018-15862, CVE-2018-15861, CVE-2018-15859
CVE-2018-15857, CVE-2018-15856, CVE-2018-15855, CVE-2018-15854, CVE-2018-15853
CVE-2018-14600, CVE-2018-14599, CVE-2018-14598


[ CentOS 7 : git (RHSA-2023:3263) (178966) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 4 different vulnerabilities :
CVE-2023-29007, CVE-2023-25652, CVE-2022-41903, CVE-2022-23521


[ CentOS 7 : glib2 (CESA-2021:2147) (150773) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : glibc (CESA-2021:0348) (146097) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 3 different vulnerabilities :
CVE-2020-29573, CVE-2020-10029, CVE-2019-25013


[ CentOS 7 : gstreamer-plugins-bad-free (RHSA-2024:0279) (189765) ]

+ Action to take : Update the affected gstreamer-plugins-bad-free, gstreamer-plugins-bad-free-devel and / or gstreamer-plugins-bad-free- devel-docs packages.


[ CentOS 7 : gstreamer1-plugins-bad-free (RHSA-2024:0013) (187760) ]

+ Action to take : Update the affected gstreamer1-plugins-bad-free, gstreamer1-plugins-bad-free-devel and / or gstreamer1-plugins-bad-free- gtk packages.


[ CentOS 7 : gzip (CESA-2022:2191) (161196) ]

+ Action to take : Update the affected gzip package.


[ CentOS 7 : java-1.8.0-openjdk (RHSA-2024:0223) (189767) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 53 different vulnerabilities :
CVE-2024-20952, CVE-2024-20945, CVE-2024-20926, CVE-2024-20921, CVE-2024-20919
CVE-2024-20918, CVE-2023-22081, CVE-2023-22067, CVE-2023-22049, CVE-2023-22045
CVE-2023-21968, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21938
CVE-2023-21937, CVE-2023-21930, CVE-2023-21843, CVE-2023-21830, CVE-2022-34169
CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619, CVE-2022-21541
CVE-2022-21540, CVE-2022-21496, CVE-2022-21476, CVE-2022-21443, CVE-2022-21434
CVE-2022-21426, CVE-2021-35603, CVE-2021-35588, CVE-2021-35586, CVE-2021-35578
CVE-2021-35567, CVE-2021-35565, CVE-2021-35564, CVE-2021-35561, CVE-2021-35559
CVE-2021-35556, CVE-2021-35550, CVE-2021-2388, CVE-2021-2369, CVE-2021-2341
CVE-2021-2163, CVE-2020-14803, CVE-2020-14797, CVE-2020-14796, CVE-2020-14792
CVE-2020-14782, CVE-2020-14781, CVE-2020-14779


[ CentOS 7 : kernel (RHSA-2024:0346) (189508) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 69 different vulnerabilities :
CVE-2023-42753, CVE-2023-3609, CVE-2023-35001, CVE-2023-32233, CVE-2022-4378
CVE-2022-43750, CVE-2022-42703, CVE-2022-3564, CVE-2022-2964, CVE-2022-22942
CVE-2022-1729, CVE-2022-0492, CVE-2022-0330, CVE-2021-42739, CVE-2021-4155
CVE-2021-37576, CVE-2021-3752, CVE-2021-3715, CVE-2021-3656, CVE-2021-3653
CVE-2021-3573, CVE-2021-3564, CVE-2021-33909, CVE-2021-3347, CVE-2021-33034
CVE-2021-33033, CVE-2021-32399, CVE-2021-29650, CVE-2021-29154, CVE-2021-27365
CVE-2021-27364, CVE-2021-27363, CVE-2021-26401, CVE-2021-22555, CVE-2021-22543
CVE-2021-20265, CVE-2021-0920, CVE-2020-8648, CVE-2020-7053, CVE-2020-36385
CVE-2020-36322, CVE-2020-29661, CVE-2020-28374, CVE-2020-27777, CVE-2020-27170
CVE-2020-25705, CVE-2020-25704, CVE-2020-25656, CVE-2020-25645, CVE-2020-25643
CVE-2020-25212, CVE-2020-25211, CVE-2020-24394, CVE-2020-14385, CVE-2020-14351
CVE-2020-14331, CVE-2020-14314, CVE-2020-12364, CVE-2020-12363, CVE-2020-12362
CVE-2020-11668, CVE-2020-10769, CVE-2020-0466, CVE-2020-0465, CVE-2020-0427
CVE-2019-20934, CVE-2019-20811, CVE-2019-19532, CVE-2019-18282


[ CentOS 7 : krb5 (CESA-2022:8640) (168319) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 2 different vulnerabilities :
CVE-2022-42898, CVE-2021-37750


[ CentOS 7 : libX11 (CESA-2021:3296) (152909) ]

+ Action to take : Update the affected libX11, libX11-common and / or libX11-devel packages.

+ Impact : Taking this action will resolve the following 2 different vulnerabilities :
CVE-2021-31535, CVE-2020-14363


[ CentOS 7 : libXpm (RHSA-2023:0377) (170866) ]

+ Action to take : Update the affected libXpm and / or libXpm-devel packages.


[ CentOS 7 : libcroco (CESA-2020:4072) (142609) ]

+ Action to take : Update the affected libcroco and / or libcroco-devel packages.


[ CentOS 7 : libexif (CESA-2020:5402) (146880) ]

+ Action to take : Update the affected libexif, libexif-devel and / or libexif-doc packages.


[ CentOS 7 : libldb (CESA-2021:1072) (148426) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : libsndfile (CESA-2021:3295) (152910) ]

+ Action to take : Update the affected libsndfile, libsndfile-devel and / or libsndfile-utils packages.


[ CentOS 7 : libssh2 (RHSA-2023:5615) (187229) ]

+ Action to take : Update the affected libssh2, libssh2-devel and / or libssh2-docs packages.


[ CentOS 7 : libvirt (CESA-2020:5040) (143055) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : libwebp (RHSA-2023:2077) (178971) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : libxml2 (CESA-2021:3810) (155543) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : linux-firmware (RHSA-2024:0753) (190366) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 4 different vulnerabilities :
CVE-2023-20593, CVE-2023-20592, CVE-2023-20569, CVE-2020-12321


[ CentOS 7 : log4j (CESA-2022:0442) (157452) ]

+ Action to take : Update the affected log4j, log4j-javadoc and / or log4j-manual packages.

+ Impact : Taking this action will resolve the following 4 different vulnerabilities :
CVE-2022-23307, CVE-2022-23305, CVE-2022-23302, CVE-2021-4104


[ CentOS 7 : microcode_ctl (CESA-2021:3028) (152360) ]

+ Action to take : Update the affected microcode_ctl package.

+ Impact : Taking this action will resolve the following 9 different vulnerabilities :
CVE-2020-8698, CVE-2020-8696, CVE-2020-8695, CVE-2020-24512, CVE-2020-24511
CVE-2020-24489, CVE-2020-0549, CVE-2020-0548, CVE-2020-0543


[ CentOS 7 : net-snmp (CESA-2020:5350) (145444) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : nettle (CESA-2021:1145) (148745) ]

+ Action to take : Update the affected nettle and / or nettle-devel packages.


[ CentOS 7 : nss (RHSA-2023:1332) (173262) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 12 different vulnerabilities :
CVE-2023-0767, CVE-2021-43527, CVE-2020-6829, CVE-2020-12403, CVE-2020-12402
CVE-2020-12401, CVE-2020-12400, CVE-2019-17023, CVE-2019-17006, CVE-2019-11756
CVE-2019-11727, CVE-2019-11719


[ CentOS 7 : open-vm-tools (RHSA-2023:7279) (187243) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 5 different vulnerabilities :
CVE-2023-34059, CVE-2023-34058, CVE-2023-20900, CVE-2023-20867, CVE-2022-31676



[ CentOS 7 : openldap (CESA-2022:0621) (158440) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 2 different vulnerabilities :
CVE-2020-25710, CVE-2020-25709


[ CentOS 7 : openssh (RHSA-2023:4382) (187240) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 2 different vulnerabilities :
CVE-2023-38408, CVE-2021-41617


[ CentOS 7 : openssl (RHSA-2023:1335) (173255) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 5 different vulnerabilities :
CVE-2023-0286, CVE-2022-0778, CVE-2021-23841, CVE-2021-23840, CVE-2020-1971



[ CentOS 7 : perl (CESA-2021:0343) (146100) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 3 different vulnerabilities :
CVE-2020-12723, CVE-2020-10878, CVE-2020-10543


[ CentOS 7 : polkit (CESA-2022:0274) (157138) ]

+ Action to take : Update the affected polkit, polkit-devel and / or polkit-docs packages.


[ CentOS 7 : python (RHSA-2023:6885) (187239) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 6 different vulnerabilities :
CVE-2023-40217, CVE-2023-24329, CVE-2021-3177, CVE-2020-26137, CVE-2020-26116
CVE-2019-20907


[ CentOS 7 : python-rtslib (CESA-2020:5435) (144972) ]

+ Action to take : Update the affected python-rtslib and / or python-rtslib-doc packages.


[ CentOS 7 : python3 (RHSA-2023:6823) (187220) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 4 different vulnerabilities :
CVE-2023-40217, CVE-2023-24329, CVE-2020-14422, CVE-2019-20907


[ CentOS 7 : qemu-kvm (CESA-2021:2322) (150769) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 5 different vulnerabilities :
CVE-2020-29443, CVE-2020-1983, CVE-2020-16092, CVE-2020-14364, CVE-2020-13765



[ CentOS 7 : qt and qt5-qtbase (CESA-2020:5021) (143051) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : rpm (CESA-2021:4785) (155761) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : rsync (CESA-2022:6170) (164624) ]

+ Action to take : Update the affected rsync package.


[ CentOS 7 : samba (RHSA-2023:1090) (172356) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 8 different vulnerabilities :
CVE-2022-38023, CVE-2021-44142, CVE-2021-20254, CVE-2020-25717, CVE-2020-1472
CVE-2020-14323, CVE-2020-14318, CVE-2016-2124


[ CentOS 7 : spice and spice-gtk (CESA-2020:4187) (142604) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : sssd (RHSA-2023:0403) (170864) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 2 different vulnerabilities :
CVE-2022-4254, CVE-2021-3621


[ CentOS 7 : sudo (RHSA-2023:0291) (170859) ]

+ Action to take : Update the affected sudo and / or sudo-devel packages.

+ Impact : Taking this action will resolve the following 2 different vulnerabilities :
CVE-2023-22809, CVE-2021-3156


[ CentOS 7 : systemd (CESA-2022:6160) (164630) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : tigervnc (RHSA-2024:0006) (187752) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 11 different vulnerabilities :
CVE-2023-6478, CVE-2023-6377, CVE-2023-5380, CVE-2023-5367, CVE-2023-1393
CVE-2022-46344, CVE-2022-46343, CVE-2022-46342, CVE-2022-46341, CVE-2022-46340
CVE-2022-4283


[ CentOS 7 : tomcat (CESA-2020:5020) (143056) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : wpa_supplicant (CESA-2021:0808) (147884) ]

+ Action to take : Update the affected wpa_supplicant package.


[ CentOS 7 : xorg-x11-server (RHSA-2024:0320) (189284) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 32 different vulnerabilities :
CVE-2024-21886, CVE-2024-21885, CVE-2024-0409, CVE-2024-0408, CVE-2024-0229
CVE-2023-6816, CVE-2023-6478, CVE-2023-6377, CVE-2023-5367, CVE-2023-0494
CVE-2022-46344, CVE-2022-46343, CVE-2022-46342, CVE-2022-46341, CVE-2022-46340
CVE-2022-4283, CVE-2022-3551, CVE-2022-3550, CVE-2022-2320, CVE-2022-2319
CVE-2021-4011, CVE-2021-4010, CVE-2021-4009, CVE-2021-4008, CVE-2021-3472
CVE-2020-25712, CVE-2020-14362, CVE-2020-14361, CVE-2020-14360, CVE-2020-14347
CVE-2020-14346, CVE-2020-14345


[ CentOS 7 : xz (CESA-2022:5052) (163733) ]

+ Action to take : Update the affected packages.


[ CentOS 7 : zlib (RHSA-2023:1095) (172360) ]

+ Action to take : Update the affected packages.

+ Impact : Taking this action will resolve the following 2 different vulnerabilities :
CVE-2022-37434, CVE-2018-25032


[ SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) (187315) ]

+ Action to take : Contact the vendor for an update with the strict key exchange countermeasures or disable the affected algorithms.


[ Trellix Agent < 5.8.1 Buffer Overflow Vulnerability (SB10416) (187944) ]

+ Action to take : Upgrade to McAfee Agent version 5.8.1 or later.

70657 (1) - SSH Algorithms and Languages Supported
-
Synopsis
An SSH server is listening on this port.
Description
This script detects which algorithms and languages are supported by the remote service for encrypting communications.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2013/10/28, Modified: 2017/08/28
Plugin Output

ipaddr (tcp/22/ssh)


Nessus negotiated the following encryption algorithm with the server :

The server supports the following options for kex_algorithms :

curve25519-sha256
curve25519-sha256@libssh.org
diffie-hellman-group-exchange-sha1
diffie-hellman-group-exchange-sha256
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521

The server supports the following options for server_host_key_algorithms :

ecdsa-sha2-nistp256
rsa-sha2-256
rsa-sha2-512
ssh-ed25519
ssh-rsa

The server supports the following options for encryption_algorithms_client_to_server :

3des-cbc
aes128-cbc
aes128-ctr
aes128-gcm@openssh.com
aes192-cbc
aes192-ctr
aes256-cbc
aes256-ctr
aes256-gcm@openssh.com
blowfish-cbc
cast128-cbc
chacha20-poly1305@openssh.com

The server supports the following options for encryption_algorithms_server_to_client :

3des-cbc
aes128-cbc
aes128-ctr
aes128-gcm@openssh.com
aes192-cbc
aes192-ctr
aes256-cbc
aes256-ctr
aes256-gcm@openssh.com
blowfish-cbc
cast128-cbc
chacha20-poly1305@openssh.com

The server supports the following options for mac_algorithms_client_to_server :

hmac-sha1
hmac-sha1-etm@openssh.com
hmac-sha2-256
hmac-sha2-256-etm@openssh.com
hmac-sha2-512
hmac-sha2-512-etm@openssh.com
umac-128-etm@openssh.com
umac-128@openssh.com
umac-64-etm@openssh.com
umac-64@openssh.com

The server supports the following options for mac_algorithms_server_to_client :

hmac-sha1
hmac-sha1-etm@openssh.com
hmac-sha2-256
hmac-sha2-256-etm@openssh.com
hmac-sha2-512
hmac-sha2-512-etm@openssh.com
umac-128-etm@openssh.com
umac-128@openssh.com
umac-64-etm@openssh.com
umac-64@openssh.com

The server supports the following options for compression_algorithms_client_to_server :

none
zlib@openssh.com

The server supports the following options for compression_algorithms_server_to_client :

none
zlib@openssh.com
72663 (1) - SFTP Supported
-
Synopsis
The remote SSH service supports SFTP.
Description
The remote SSH service supports the SFTP subsystem. SFTP is a protocol for generalized file access, file transfer, and file management functionalities, typically over SSH.

Note that valid credentials are required to determine if SFTP is supported and also that SFTP support can be enabled selectively for certain accounts.
See Also
Solution
Make sure that use of this facility agrees with your organization's acceptable use and security policies.
Risk Factor
None
Plugin Information
Published: 2014/02/24, Modified: 2022/04/11
Plugin Output

ipaddr (tcp/22/ssh)


Nessus was able to access the SFTP service using the following
account :

root

And it was able to collect the following listing of '/' :

dr-xr-xr-x 19 root root 4096 Mar 22 13:42 .
dr-xr-xr-x 19 root root 4096 Mar 22 13:42 ..
dr-xr-xr-x 5 root root 4096 Jul 19 2023 boot
drwxr-xr-x 20 root root 3740 Mar 22 16:07 dev
drwxr-xr-x 160 root root 12288 Mar 22 13:39 etc
dr-xr-xr-x 787 root root 0 Mar 22 13:39 proc
dr-xr-x--- 24 root root 4096 Apr 23 11:22 root
drwxr-xr-x 45 root root 1340 Apr 23 11:16 run
dr-xr-xr-x 13 root root 0 Mar 22 13:53 sys
drwxr-xr-x 24 root root 4096 Jul 25 2023 var

Note that this listing is incomplete and limited to 10 entries. To
list all files, set the 'Report verbosity' preference in the scan
policy to 'Verbose' and re-scan.
83303 (1) - Unix / Linux - Local Users Information : Passwords Never Expire
-
Synopsis
At least one local user has a password that never expires.
Description
Using the supplied credentials, Nessus was able to list local users that are enabled and whose passwords never expire.
Solution
Allow or require users to change their passwords regularly.
Risk Factor
None
Plugin Information
Published: 2015/05/10, Modified: 2023/11/27
Plugin Output

ipaddr (tcp/0)


Nessus found the following unlocked users with passwords that do not expire :
- root
- user
- postgres
- glassfish
86420 (1) - Ethernet MAC Addresses
-
Synopsis
This plugin gathers MAC addresses from various sources and consolidates them into a list.
Description
This plugin gathers MAC addresses discovered from both remote probing of the host (e.g. SNMP and Netbios) and from running local checks (e.g. ifconfig). It then consolidates the MAC addresses into a single, unique, and uniform list.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2015/10/16, Modified: 2020/05/13
Plugin Output

ipaddr (tcp/0)

The following is a consolidated list of detected MAC addresses:
- D4:F5:EF:A8:83:1E
- D4:F5:EF:A8:83:1D
- D4:F5:EF:8C:84:AC
- D4:F5:EF:8C:84:AE
- D4:F5:EF:A8:83:1C
- D4:F5:EF:8C:84:AF
- D4:F5:EF:8C:84:AD
- D4:F5:EF:A8:83:1F
87989 (1) - McAfee Agent Detection (Linux/MacOS)
-
Synopsis
A security management agent is installed on the remote host.
Description
The McAfee Agent, formerly McAfee ePolicy Orchestrator (ePO) Agent, is installed on the remote host. This agent facilitates remote security management of the host via McAfee ePO.
See Also
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0873
Plugin Information
Published: 2016/01/19, Modified: 2024/03/19
Plugin Output

ipaddr (tcp/0)


Path : /opt/McAfee/cma/
Version : 5.8.0.161
Agent GUID : {d15c9e6c-513f-11ee-36fc-d4f5efa8831c}
88145 (1) - Host Unique Identifiers
-
Synopsis
The remote host has one or more unique identifiers used by various endpoint management systems.
Description
Nessus has discovered one or more unique identifiers used to tag or track the remote system.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2016/01/25, Modified: 2016/01/27
Plugin Output

ipaddr (tcp/0)

The following Identifiers were discovered :

Product : McAfee ePO
Identity : {d15c9e6c-513f-11ee-36fc-d4f5efa8831c}
90707 (1) - SSH SCP Protocol Detection
-
Synopsis
The remote host supports the SCP protocol over SSH.
Description
The remote host supports the Secure Copy (SCP) protocol over SSH.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2016/04/26, Modified: 2023/11/27
Plugin Output

ipaddr (tcp/22/ssh)

95928 (1) - Linux User List Enumeration
-
Synopsis
Nessus was able to enumerate local users and groups on the remote Linux host.
Description
Using the supplied credentials, Nessus was able to enumerate the local users and groups on the remote Linux host.
Solution
None
Risk Factor
None
Plugin Information
Published: 2016/12/19, Modified: 2024/03/13
Plugin Output

ipaddr (tcp/0)


-----------[ User Accounts ]-----------

User : user
Home folder : /home/user
Start script : /bin/bash
Groups : user

User : glassfish
Home folder : /home/glassfish
Start script : /bin/bash
Groups : glassfish

----------[ System Accounts ]----------

User : root
Home folder : /root
Start script : /bin/bash
Groups : root

User : bin
Home folder : /bin
Start script : /sbin/nologin
Groups : bin

User : daemon
Home folder : /sbin
Start script : /sbin/nologin
Groups : daemon

User : adm
Home folder : /var/adm
Start script : /sbin/nologin
Groups : adm

User : lp
Home folder : /var/spool/lpd
Start script : /sbin/nologin
Groups : lp

User : sync
Home folder : /sbin
Start script : /bin/sync
Groups : root

User : shutdown
Home folder : /sbin
Start script : /sbin/shutdown
Groups : root

User : halt
Home folder : /sbin
Start script : /sbin/halt
Groups : root

User : mail
Home folder : /var/spool/mail
Start script : /sbin/nologin
Groups : mail

User : operator
Home folder : /root
Start script : /sbin/nologin
Groups : root

User : games
Home folder : /usr/games
Start script : /sbin/nologin
Groups : users

User : ftp
Home folder : /var/ftp
Start script : /sbin/nologin
Groups : ftp

User : nobody
Home folder : /
Start script : /sbin/nologin
Groups : nobody

User : pegasus
Home folder : /var/lib/Pegasus
Start script : /sbin/nologin
Groups : pegasus

User : systemd-network
Home folder : /
Start script : /sbin/nologin
Groups : systemd-network

User : dbus
Home folder : /
Start script : /sbin/nologin
Groups : dbus

User : polkitd
Home folder : /
Start script : /sbin/nologin
Groups : polkitd

User : libstoragemgmt
Home folder : /var/run/lsm
Start script : /sbin/nologin
Groups : libstoragemgmt

User : colord
Home folder : /var/lib/colord
Start script : /sbin/nologin
Groups : colord

User : rpc
Home folder : /var/lib/rpcbind
Start script : /sbin/nologin
Groups : rpc

User : gluster
Home folder : /run/gluster
Start script : /sbin/nologin
Groups : gluster

User : saned
Home folder : /usr/share/sane
Start script : /sbin/nologin
Groups : saned

User : saslauth
Home folder : /run/saslauthd
Start script : /sbin/nologin
Groups : saslauth

User : abrt
Home folder : /etc/abrt
Start script : /sbin/nologin
Groups : abrt

User : setroubleshoot
Home folder : /var/lib/setroubleshoot
Start script : /sbin/nologin
Groups : setroubleshoot

User : rtkit
Home folder : /proc
Start script : /sbin/nologin
Groups : rtkit

User : pulse
Home folder : /var/run/pulse
Start script : /sbin/nologin
Groups : pulse

User : radvd
Home folder : /
Start script : /sbin/nologin
Groups : radvd

User : chrony
Home folder : /var/lib/chrony
Start script : /sbin/nologin
Groups : chrony

User : unbound
Home folder : /etc/unbound
Start script : /sbin/nologin
Groups : unbound

User : qemu
Home folder : /
Start script : /sbin/nologin
Groups : kvm
qemu

User : tss
Home folder : /dev/null
Start script : /sbin/nologin
Groups : tss

User : geoclue
Home folder : /var/lib/geoclue
Start script : /sbin/nologin
Groups : geoclue

User : usbmuxd
Home folder : /
Start script : /sbin/nologin
Groups : usbmuxd

User : cockpit-ws
Home folder : /nonexisting
Start script : /sbin/nologin
Groups : cockpit-ws

User : gdm
Home folder : /var/lib/gdm
Start script : /sbin/nologin
Groups : gdm

User : rpcuser
Home folder : /var/lib/nfs
Start script : /sbin/nologin
Groups : rpcuser

User : nfsnobody
Home folder : /var/lib/nfs
Start script : /sbin/nologin
Groups : nfsnobody

User : gnome-initial-setup
Home folder : /run/gnome-initial-setup/
Start script : /sbin/nologin
Groups : gnome-initial-setup

User : pcp
Home folder : /var/lib/pcp
Start script : /sbin/nologin
Groups : pcp

User : sshd
Home folder : /var/empty/sshd
Start script : /sbin/nologin
Groups : sshd

User : avahi
Home folder : /var/run/avahi-daemon
Start script : /sbin/nologin
Groups : avahi

User : postfix
Home folder : /var/spool/postfix
Start script : /sbin/nologin
Groups : mail
postfix

User : ntp
Home folder : /etc/ntp
Start script : /sbin/nologin
Groups : ntp

User : tcpdump
Home folder : /
Start script : /sbin/nologin
Groups : tcpdump

User : oprofile
Home folder : /var/lib/oprofile
Start script : /sbin/nologin
Groups : oprofile

User : postgres
Home folder : /home/postgres
Start script : /bin/bash
Groups : postgres

User : sssd
Home folder : /
Start script : /sbin/nologin
Groups : sssd

User : apache
Home folder : /usr/share/httpd
Start script : /sbin/nologin
Groups : apache

User : mfe
Home folder : /var/McAfee/agent/ma_home
Start script : /sbin/nologin
Groups : mfe

User : EWCPX
Home folder : /home/EWCPX
Start script : /sbin/nologin
Groups : EWCPX
96982 (1) - Server Message Block (SMB) Protocol Version 1 Enabled (uncredentialed check)
-
Synopsis
The remote Windows host supports the SMBv1 protocol.
Description
The remote Windows host supports Server Message Block Protocol version 1 (SMBv1). Microsoft recommends that users discontinue the use of SMBv1 due to the lack of security features that were included in later SMB versions. Additionally, the Shadow Brokers group reportedly has an exploit that affects SMB; however, it is unknown if the exploit affects SMBv1 or another version. In response to this, US-CERT recommends that users disable SMBv1 per SMB best practices to mitigate these potential issues.
See Also
Solution
Disable SMBv1 according to the vendor instructions in Microsoft KB2696547. Additionally, block SMB directly by blocking TCP port 445 on all network boundary devices. For SMB over the NetBIOS API, block TCP ports 137 / 139 and UDP ports 137 / 138 on all network boundary devices.
Risk Factor
None
References
XREF IAVT:0001-T-0710
Plugin Information
Published: 2017/02/03, Modified: 2020/09/22
Plugin Output

ipaddr (tcp/445/cifs)


The remote host supports SMBv1.
97993 (1) - OS Identification and Installed Software Enumeration over SSH v2 (Using New SSH Library)
-
Synopsis
Information about the remote host can be disclosed via an authenticated session.
Description
Nessus was able to login to the remote host using SSH or local commands and extract the list of installed packages.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2017/05/30, Modified: 2024/03/19
Plugin Output

ipaddr (tcp/0)


It was possible to log into the remote host via SSH using 'password' authentication.

The output of "uname -a" is :
Linux masked_hostname 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Local checks have been enabled for this host.
The remote CentOS system is :
CentOS Linux release 7.9.2009 (Core)

OS Security Patch Assessment is available for this host.
Runtime : 92.230439 seconds
100871 (1) - Microsoft Windows SMB Versions Supported (remote check)
-
Synopsis
It was possible to obtain information about the version of SMB running on the remote host.
Description
Nessus was able to obtain the version of SMB running on the remote host by sending an authentication request to port 139 or 445.

Note that this plugin is a remote check and does not work on agents.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2017/06/19, Modified: 2019/11/22
Plugin Output

ipaddr (tcp/445/cifs)


The remote host supports the following versions of SMB :
SMBv1
SMBv2
104410 (1) - Target Credential Status by Authentication Protocol - Failure for Provided Credentials
-
Synopsis
Nessus was unable to log into the detected authentication protocol, using the provided credentials, in order to perform credentialed checks.
Description
Nessus failed to successfully authenticate directly to the remote target on an available authentication protocol. Nessus was able to connect to the remote port and identify that the service running on the port supports an authentication protocol, but Nessus failed to authenticate to the remote service using the provided credentials.

There may have been a failure in protocol negotiation or communication that prevented authentication from being attempted or all of the provided credentials for the authentication protocol may have been invalid. A protocol failure may indicate a compatibility issue with the protocol configuration. A protocol failure due to an environmental issue such as resource or congestion issues may also prevent valid credentials from being identified. See plugin output for error details.

Please note the following :

- This plugin reports per protocol, so it is possible for valid credentials to be provided for one protocol and not another. For example, authentication may succeed via SSH but fail via SMB, while no credentials were provided for an available SNMP service.

- Providing valid credentials for all available authentication protocols may improve scan coverage, but the value of successful authentication for a given protocol may vary from target to target depending upon what data (if any) is gathered from the target via that protocol. For example, successful authentication via SSH is more valuable for Linux targets than for Windows targets, and likewise successful authentication via SMB is more valuable for Windows targets than for Linux targets.
Solution
Address the reported problem(s) so that credentialed checks can be executed.
Risk Factor
None
References
XREF IAVB:0001-B-0503
Plugin Information
Published: 2017/11/06, Modified: 2020/10/19
Plugin Output

ipaddr (tcp/445/cifs)


Nessus was unable to log into the following host for which
credentials have been provided :

Protocol : SMB
Port : 445
Failure details :

- User : EMSOCCS1\Administrator

- Plugin : smb_login.nasl
Plugin ID : 10394
Plugin Name : Microsoft Windows SMB Log In Possible
Message :
Failed to authenticate using the supplied credentials.
104887 (1) - Samba Version
-
Synopsis
It was possible to obtain the samba version from the remote operating system.
Description
Nessus was able to obtain the samba version from the remote operating by sending an authentication request to port 139 or 445. Note that this plugin requires SMB1 to be enabled on the host.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2017/11/30, Modified: 2019/11/22
Plugin Output

ipaddr (tcp/445/cifs)


The remote Samba Version is : Samba 4.10.16
106716 (1) - Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check)
-
Synopsis
It was possible to obtain information about the dialects of SMB2 and SMB3 available on the remote host.
Description
Nessus was able to obtain the set of SMB2 and SMB3 dialects running on the remote host by sending an authentication request to port 139 or 445.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2018/02/09, Modified: 2020/03/11
Plugin Output

ipaddr (tcp/445/cifs)


The remote host supports the following SMB dialects :
_version_ _introduced in windows version_
2.0.2 Windows 2008
2.1 Windows 7
2.2.2 Windows 8 Beta
2.2.4 Windows 8 Beta
3.0 Windows 8
3.0.2 Windows 8.1
3.1 Windows 10
3.1.1 Windows 10
110095 (1) - Target Credential Issues by Authentication Protocol - No Issues Found
-
Synopsis
Nessus was able to log in to the remote host using the provided credentials. No issues were reported with access, privilege, or intermittent failure.
Description
Valid credentials were provided for an authentication protocol on the remote target and Nessus did not log any subsequent errors or failures for the authentication protocol.

When possible, Nessus tracks errors or failures related to otherwise valid credentials in order to highlight issues that may result in incomplete scan results or limited scan coverage. The types of issues that are tracked include errors that indicate that the account used for scanning did not have sufficient permissions for a particular check, intermittent protocol failures which are unexpected after the protocol has been negotiated successfully earlier in the scan, and intermittent authentication failures which are unexpected after a credential set has been accepted as valid earlier in the scan. This plugin reports when none of the above issues have been logged during the course of the scan for at least one authenticated protocol. See plugin output for details, including protocol, port, and account.

Please note the following :

- This plugin reports per protocol, so it is possible for issues to be encountered for one protocol and not another.
For example, authentication to the SSH service on the remote target may have consistently succeeded with no privilege errors encountered, while connections to the SMB service on the remote target may have failed intermittently.

- Resolving logged issues for all available authentication protocols may improve scan coverage, but the value of resolving each issue for a particular protocol may vary from target to target depending upon what data (if any) is gathered from the target via that protocol and what particular check failed. For example, consistently successful checks via SSH are more critical for Linux targets than for Windows targets, and likewise consistently successful checks via SMB are more critical for Windows targets than for Linux targets.
Solution
n/a
Risk Factor
None
References
XREF IAVB:0001-B-0520
Plugin Information
Published: 2018/05/24, Modified: 2024/03/25
Plugin Output

ipaddr (tcp/22/ssh)


Nessus was able to log into the remote host with no privilege or access
problems via the following :

User: 'root'
Port: 22
Proto: SSH
Method: password
110483 (1) - Unix / Linux Running Processes Information
-
Synopsis
Uses /bin/ps auxww command to obtain the list of running processes on the target machine at scan time.
Description
Generated report details the running processes on the target machine at scan time.
This plugin is informative only and could be used for forensic investigation, malware detection, and to confirm that your system processes conform to your system policies.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2018/06/12, Modified: 2023/11/27
Plugin Output

ipaddr (tcp/0)

USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.1 0.0 191444 4448 ? Ss 3月22 89:11 /usr/lib/systemd/systemd --switched-root --system --deserialize 22
root 2 0.0 0.0 0 0 ? S 3月22 0:05 [kthreadd]
root 4 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/0:0H]
root 5 0.0 0.0 0 0 ? S 3月22 0:00 [kworker/u128:0]
root 6 0.0 0.0 0 0 ? S 3月22 2:09 [ksoftirqd/0]
root 7 0.0 0.0 0 0 ? S 3月22 0:01 [migration/0]
root 8 0.0 0.0 0 0 ? S 3月22 0:00 [rcu_bh]
root 9 0.1 0.0 0 0 ? S 3月22 84:04 [rcu_sched]
root 10 0.0 0.0 0 0 ? S< 3月22 0:00 [lru-add-drain]
root 11 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/0]
root 12 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/1]
root 13 0.0 0.0 0 0 ? S 3月22 0:01 [migration/1]
root 14 0.0 0.0 0 0 ? S 3月22 0:08 [ksoftirqd/1]
root 16 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/1:0H]
root 18 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/2]
root 19 0.0 0.0 0 0 ? S 3月22 0:01 [migration/2]
root 20 0.0 0.0 0 0 ? S 3月22 0:02 [ksoftirqd/2]
root 22 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/2:0H]
root 23 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/3]
root 24 0.0 0.0 0 0 ? S 3月22 0:01 [migration/3]
root 25 0.0 0.0 0 0 ? S 3月22 0:01 [ksoftirqd/3]
root 27 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/3:0H]
root 28 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/4]
root 29 0.0 0.0 0 0 ? S 3月22 0:00 [migration/4]
root 30 0.0 0.0 0 0 ? S 3月22 0:01 [ksoftirqd/4]
root 32 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/4:0H]
root 33 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/5]
root 34 0.0 0.0 0 0 ? S 3月22 0:00 [migration/5]
root 35 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/5]
root 37 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/5:0H]
root 38 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/6]
root 39 0.0 0.0 0 0 ? S 3月22 0:00 [migration/6]
root 40 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/6]
root 42 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/6:0H]
root 43 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/7]
root 44 0.0 0.0 0 0 ? S 3月22 0:00 [migration/7]
root 45 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/7]
root 47 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/7:0H]
root 48 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/8]
root 49 0.0 0.0 0 0 ? S 3月22 0:00 [migration/8]
root 50 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/8]
root 52 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/8:0H]
root 53 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/9]
root 54 0.0 0.0 0 0 ? S 3月22 0:00 [migration/9]
root 55 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/9]
root 57 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/9:0H]
root 58 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/10]
root 59 0.0 0.0 0 0 ? S 3月22 0:00 [migration/10]
root 60 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/10]
root 62 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/10:0H]
root 63 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/11]
root 64 0.0 0.0 0 0 ? S 3月22 0:00 [migration/11]
root 65 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/11]
root 67 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/11:0H]
root 68 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/12]
root 69 0.0 0.0 0 0 ? S 3月22 0:00 [migration/12]
root 70 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/12]
root 72 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/12:0H]
root 73 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/13]
root 74 0.0 0.0 0 0 ? S 3月22 0:00 [migration/13]
root 75 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/13]
root 77 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/13:0H]
root 78 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/14]
root 79 0.0 0.0 0 0 ? S 3月22 0:00 [migration/14]
root 80 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/14]
root 82 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/14:0H]
root 83 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/15]
root 84 0.0 0.0 0 0 ? S 3月22 0:00 [migration/15]
root 85 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/15]
root 87 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/15:0H]
root 88 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/16]
root 89 0.0 0.0 0 0 ? S 3月22 0:00 [migration/16]
root 90 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/16]
root 92 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/16:0H]
root 94 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/17]
root 95 0.0 0.0 0 0 ? S 3月22 0:00 [migration/17]
root 96 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/17]
root 98 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/17:0H]
root 99 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/18]
root 100 0.0 0.0 0 0 ? S 3月22 0:01 [migration/18]
root 101 0.0 0.0 0 0 ? S 3月22 0:01 [ksoftirqd/18]
root 103 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/18:0H]
root 104 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/19]
root 105 0.0 0.0 0 0 ? S 3月22 0:01 [migration/19]
root 106 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/19]
root 108 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/19:0H]
root 109 0.0 0.0 0 0 ? S 3月22 0:08 [watchdog/20]
root 110 0.0 0.0 0 0 ? S 3月22 0:00 [migration/20]
root 111 0.0 0.0 0 0 ? S 3月22 0:01 [ksoftirqd/20]
root 113 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/20:0H]
root 114 0.0 0.0 0 0 ? S 3月22 0:09 [watchdog/21]
root 115 0.0 0.0 0 0 ? S 3月22 0:00 [migration/21]
root 116 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/21]
root 118 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/21:0H]
root 119 0.0 0.0 0 0 ? S 3月22 0:09 [watchdog/22]
root 120 0.0 0.0 0 0 ? S 3月22 0:00 [migration/22]
root 121 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/22]
root 123 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/22:0H]
root 124 0.0 0.0 0 0 ? S 3月22 0:09 [watchdog/23]
root 125 0.0 0.0 0 0 ? S 3月22 0:00 [migration/23]
root 126 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/23]
root 128 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/23:0H]
root 129 0.0 0.0 0 0 ? S 3月22 0:10 [watchdog/24]
root 130 0.0 0.0 0 0 ? S 3月22 0:00 [migration/24]
root 131 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/24]
root 133 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/24:0H]
root 134 0.0 0.0 0 0 ? S 3月22 0:10 [watchdog/25]
root 135 0.0 0.0 0 0 ? S 3月22 0:00 [migration/25]
root 136 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/25]
root 138 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/25:0H]
root 139 0.0 0.0 0 0 ? S 3月22 0:10 [watchdog/26]
root 140 0.0 0.0 0 0 ? S 3月22 0:00 [migration/26]
root 141 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/26]
root 143 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/26:0H]
root 144 0.0 0.0 0 0 ? S 3月22 0:10 [watchdog/27]
root 145 0.0 0.0 0 0 ? S 3月22 0:00 [migration/27]
root 146 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/27]
root 148 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/27:0H]
root 149 0.0 0.0 0 0 ? S 3月22 0:10 [watchdog/28]
root 150 0.0 0.0 0 0 ? S 3月22 0:00 [migration/28]
root 151 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/28]
root 153 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/28:0H]
root 154 0.0 0.0 0 0 ? S 3月22 0:11 [watchdog/29]
root 155 0.0 0.0 0 0 ? S 3月22 0:00 [migration/29]
root 156 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/29]
root 158 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/29:0H]
root 159 0.0 0.0 0 0 ? S 3月22 0:11 [watchdog/30]
root 160 0.0 0.0 0 0 ? S 3月22 0:00 [migration/30]
root 161 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/30]
root 163 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/30:0H]
root 164 0.0 0.0 0 0 ? S 3月22 0:11 [watchdog/31]
root 165 0.0 0.0 0 0 ? S 3月22 0:00 [migration/31]
root 166 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/31]
root 168 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/31:0H]
root 169 0.0 0.0 0 0 ? S 3月22 0:06 [watchdog/32]
root 170 0.0 0.0 0 0 ? S 3月22 0:01 [migration/32]
root 171 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/32]
root 173 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/32:0H]
root 174 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/33]
root 175 0.0 0.0 0 0 ? S 3月22 0:39 [migration/33]
root 176 0.0 0.0 0 0 ? S 3月22 0:06 [ksoftirqd/33]
root 178 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/33:0H]
root 179 0.0 0.0 0 0 ? S 3月22 0:06 [watchdog/34]
root 180 0.0 0.0 0 0 ? S 3月22 0:08 [migration/34]
root 181 0.0 0.0 0 0 ? S 3月22 0:01 [ksoftirqd/34]
root 183 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/34:0H]
root 184 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/35]
root 185 0.0 0.0 0 0 ? S 3月22 0:02 [migration/35]
root 186 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/35]
root 188 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/35:0H]
root 189 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/36]
root 190 0.0 0.0 0 0 ? S 3月22 0:03 [migration/36]
root 191 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/36]
root 193 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/36:0H]
root 194 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/37]
root 195 0.0 0.0 0 0 ? S 3月22 0:02 [migration/37]
root 196 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/37]
root 198 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/37:0H]
root 199 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/38]
root 200 0.0 0.0 0 0 ? S 3月22 0:02 [migration/38]
root 201 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/38]
root 203 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/38:0H]
root 204 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/39]
root 205 0.0 0.0 0 0 ? S 3月22 0:01 [migration/39]
root 206 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/39]
root 208 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/39:0H]
root 209 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/40]
root 210 0.0 0.0 0 0 ? S 3月22 0:01 [migration/40]
root 211 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/40]
root 213 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/40:0H]
root 214 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/41]
root 215 0.0 0.0 0 0 ? S 3月22 0:01 [migration/41]
root 216 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/41]
root 218 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/41:0H]
root 219 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/42]
root 220 0.0 0.0 0 0 ? S 3月22 0:01 [migration/42]
root 221 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/42]
root 223 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/42:0H]
root 224 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/43]
root 225 0.0 0.0 0 0 ? S 3月22 0:01 [migration/43]
root 226 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/43]
root 228 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/43:0H]
root 229 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/44]
root 230 0.0 0.0 0 0 ? S 3月22 0:01 [migration/44]
root 231 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/44]
root 233 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/44:0H]
root 234 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/45]
root 235 0.0 0.0 0 0 ? S 3月22 0:00 [migration/45]
root 236 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/45]
root 238 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/45:0H]
root 239 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/46]
root 240 0.0 0.0 0 0 ? S 3月22 0:01 [migration/46]
root 241 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/46]
root 243 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/46:0H]
root 244 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/47]
root 245 0.0 0.0 0 0 ? S 3月22 0:00 [migration/47]
root 246 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/47]
root 248 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/47:0H]
root 249 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/48]
root 250 0.0 0.0 0 0 ? S 3月22 0:00 [migration/48]
root 251 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/48]
root 253 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/48:0H]
root 254 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/49]
root 255 0.0 0.0 0 0 ? S 3月22 1:07 [migration/49]
root 256 0.0 0.0 0 0 ? S 3月22 0:03 [ksoftirqd/49]
root 258 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/49:0H]
root 259 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/50]
root 260 0.0 0.0 0 0 ? S 3月22 0:04 [migration/50]
root 261 0.0 0.0 0 0 ? S 3月22 0:02 [ksoftirqd/50]
root 263 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/50:0H]
root 264 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/51]
root 265 0.0 0.0 0 0 ? S 3月22 0:02 [migration/51]
root 266 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/51]
root 268 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/51:0H]
root 269 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/52]
root 270 0.0 0.0 0 0 ? S 3月22 0:02 [migration/52]
root 271 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/52]
root 273 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/52:0H]
root 274 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/53]
root 275 0.0 0.0 0 0 ? S 3月22 0:02 [migration/53]
root 276 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/53]
root 278 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/53:0H]
root 279 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/54]
root 280 0.0 0.0 0 0 ? S 3月22 0:01 [migration/54]
root 281 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/54]
root 283 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/54:0H]
root 284 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/55]
root 285 0.0 0.0 0 0 ? S 3月22 0:01 [migration/55]
root 286 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/55]
root 288 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/55:0H]
root 289 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/56]
root 290 0.0 0.0 0 0 ? S 3月22 0:00 [migration/56]
root 291 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/56]
root 293 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/56:0H]
root 294 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/57]
root 295 0.0 0.0 0 0 ? S 3月22 0:00 [migration/57]
root 296 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/57]
root 298 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/57:0H]
root 299 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/58]
root 300 0.0 0.0 0 0 ? S 3月22 0:00 [migration/58]
root 301 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/58]
root 303 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/58:0H]
root 304 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/59]
root 305 0.0 0.0 0 0 ? S 3月22 0:00 [migration/59]
root 306 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/59]
root 308 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/59:0H]
root 309 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/60]
root 310 0.0 0.0 0 0 ? S 3月22 0:00 [migration/60]
root 311 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/60]
root 313 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/60:0H]
root 314 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/61]
root 315 0.0 0.0 0 0 ? S 3月22 0:00 [migration/61]
root 316 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/61]
root 318 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/61:0H]
root 319 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/62]
root 320 0.0 0.0 0 0 ? S 3月22 0:00 [migration/62]
root 321 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/62]
root 323 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/62:0H]
root 324 0.0 0.0 0 0 ? S 3月22 0:07 [watchdog/63]
root 325 0.0 0.0 0 0 ? S 3月22 0:00 [migration/63]
root 326 0.0 0.0 0 0 ? S 3月22 0:00 [ksoftirqd/63]
root 328 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/63:0H]
root 331 0.0 0.0 0 0 ? S 3月22 0:00 [kdevtmpfs]
root 332 0.0 0.0 0 0 ? S< 3月22 0:00 [netns]
root 333 0.0 0.0 0 0 ? S 3月22 0:10 [khungtaskd]
root 334 0.0 0.0 0 0 ? S< 3月22 0:00 [writeback]
root 335 0.0 0.0 0 0 ? S< 3月22 0:00 [kintegrityd]
root 336 0.0 0.0 0 0 ? S< 3月22 0:00 [bioset]
root 337 0.0 0.0 0 0 ? S< 3月22 0:00 [bioset]
root 338 0.0 0.0 0 0 ? S< 3月22 0:00 [bioset]
root 339 0.0 0.0 0 0 ? S< 3月22 0:00 [kblockd]
root 340 0.0 0.0 0 0 ? S< 3月22 0:00 [md]
root 341 0.0 0.0 0 0 ? S< 3月22 0:00 [edac-poller]
root 342 0.0 0.0 0 0 ? S< 3月22 0:00 [watchdogd]
root 350 0.0 0.0 0 0 ? S 3月22 0:00 [kswapd0]
root 351 0.0 0.0 0 0 ? S 3月22 0:00 [kswapd1]
root 352 0.0 0.0 0 0 ? SN 3月22 0:00 [ksmd]
root 353 0.0 0.0 0 0 ? SN 3月22 0:15 [khugepaged]
root 355 0.0 0.0 0 0 ? S< 3月22 0:00 [crypto]
root 363 0.0 0.0 0 0 ? S< 3月22 0:00 [kthrotld]
root 366 0.0 0.0 0 0 ? S< 3月22 0:00 [kmpath_rdacd]
root 367 0.0 0.0 0 0 ? S< 3月22 0:00 [kaluad]
root 375 0.0 0.0 0 0 ? S< 3月22 0:00 [kpsmoused]
root 376 0.0 0.0 0 0 ? S 3月22 0:00 [kworker/u128:1]
root 377 0.0 0.0 0 0 ? S< 3月22 0:00 [ipv6_addrconf]
root 390 0.0 0.0 0 0 ? S< 3月22 0:00 [deferwq]
root 394 0.0 0.0 0 0 ? S 4月17 0:00 [kworker/61:2]
root 428 0.0 0.0 0 0 ? S 3月22 1:10 [kauditd]
root 585 0.0 0.0 0 0 ? S< 3月22 0:00 [ata_sff]
root 617 0.0 0.0 0 0 ? S< 3月22 0:00 [ttm_swap]
root 618 0.0 0.0 0 0 ? S 3月22 0:00 [scsi_eh_0]
root 619 0.0 0.0 0 0 ? S< 3月22 0:00 [scsi_tmf_0]
root 620 0.0 0.0 0 0 ? S 3月22 0:00 [scsi_eh_1]
root 621 0.0 0.0 0 0 ? S< 3月22 0:00 [scsi_tmf_1]
root 622 0.0 0.0 0 0 ? S 3月22 0:00 [scsi_eh_2]
root 623 0.0 0.0 0 0 ? S< 3月22 0:00 [scsi_tmf_2]
root 624 0.0 0.0 0 0 ? S 3月22 0:00 [scsi_eh_3]
root 625 0.0 0.0 0 0 ? S< 3月22 0:00 [scsi_tmf_3]
root 626 0.0 0.0 0 0 ? S 3月22 0:00 [scsi_eh_4]
root 627 0.0 0.0 0 0 ? S< 3月22 0:00 [scsi_tmf_4]
root 628 0.0 0.0 0 0 ? S 3月22 0:00 [scsi_eh_5]
root 629 0.0 0.0 0 0 ? S< 3月22 0:00 [scsi_tmf_5]
root 690 0.0 0.0 0 0 ? S< 3月22 0:43 [kworker/0:1H]
root 693 0.0 0.0 0 0 ? S 3月22 0:00 [scsi_eh_6]
root 694 0.0 0.0 0 0 ? S< 3月22 0:00 [scsi_tmf_6]
root 724 0.0 0.0 0 0 ? S< 3月22 0:00 [bioset]
root 725 0.0 0.0 0 0 ? S< 3月22 0:00 [xfsalloc]
root 726 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs_mru_cache]
root 727 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-buf/sda4]
root 728 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-data/sda4]
root 729 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-conv/sda4]
root 730 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-cil/sda4]
root 731 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-reclaim/sda]
root 732 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-log/sda4]
root 733 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-eofblocks/s]
root 734 0.0 0.0 0 0 ? S 3月22 18:05 [xfsaild/sda4]
root 836 0.0 0.0 84336 36188 ? Ss 3月22 15:42 /usr/lib/systemd/systemd-journald
root 857 0.0 0.0 0 0 ? S< 3月22 0:00 [rpciod]
root 859 0.0 0.0 0 0 ? S< 3月22 0:00 [xprtiod]
root 871 0.0 0.0 116644 1256 ? Ss 3月22 0:00 /usr/sbin/lvmetad -f
root 875 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/32:1H]
root 883 0.0 0.0 46320 2656 ? Ss 3月22 12:09 /usr/lib/systemd/systemd-udevd
root 885 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/1:1H]
root 948 0.0 0.0 0 0 ? S 4月22 0:12 [kworker/24:1]
root 1028 0.0 0.0 0 0 ? S 3月22 0:00 [irq/194-mei_me]
root 1083 0.0 0.0 0 0 ? S< 3月22 0:00 [kvm-irqfd-clean]
root 1145 0.0 0.0 0 0 ? S 01:38 0:04 [kworker/30:1]
root 1274 0.0 0.0 0 0 ? S< 3月22 0:00 [nfit]
root 1318 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-buf/sda2]
root 1319 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-data/sda2]
root 1320 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-conv/sda2]
root 1321 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-cil/sda2]
root 1322 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-reclaim/sda]
root 1323 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-log/sda2]
root 1324 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-eofblocks/s]
root 1325 0.0 0.0 0 0 ? S 3月22 0:00 [xfsaild/sda2]
root 1338 0.0 0.0 0 0 ? S< 3月22 0:04 [loop0]
root 1477 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/29:1H]
root 1478 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/30:1H]
root 1479 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/31:1H]
root 1480 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/16:1H]
root 1481 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/17:1H]
root 1483 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/18:1H]
root 1484 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/19:1H]
root 1485 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/20:1H]
root 1486 0.0 0.0 0 0 ? S< 3月22 0:02 [kworker/21:1H]
root 1487 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/22:1H]
root 1488 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/23:1H]
root 1489 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/24:1H]
root 1490 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/25:1H]
root 1491 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/26:1H]
root 1492 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/27:1H]
root 1493 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/28:1H]
root 1500 0.0 0.0 55532 1096 ? S<sl 3月22 3:36 /sbin/auditd
root 1502 0.0 0.0 84556 1004 ? S<sl 3月22 4:04 /sbin/audispd
root 1503 0.0 0.0 55620 1604 ? S< 3月22 2:54 /usr/sbin/sedispatch
root 1506 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/3:1H]
polkitd 1528 0.1 0.0 630748 16776 ? Ssl 3月22 85:44 /usr/lib/polkit-1/polkitd --no-debug
rpc 1531 0.0 0.0 69332 1500 ? Ss 3月22 0:06 /sbin/rpcbind -w
root 1532 0.0 0.0 262904 1532 ? Ssl 3月22 0:00 /usr/sbin/gssproxy -D
rtkit 1541 0.0 0.0 198784 1784 ? SNsl 3月22 0:42 /usr/libexec/rtkit-daemon
root 1547 0.0 0.0 516960 6832 ? Ssl 3月22 18:19 /usr/libexec/udisks2/udisksd
root 1553 0.0 0.0 269296 5620 ? Ss 3月22 0:10 /usr/sbin/sssd -i --logger=files
dbus 1554 0.1 0.0 71900 3408 ? Ss 3月22 58:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
chrony 1569 0.0 0.0 22536 1356 ? S 3月22 0:03 /usr/sbin/chronyd
root 1593 0.0 0.0 479668 11620 ? Ssl 3月22 7:16 /usr/sbin/NetworkManager --no-daemon
root 1594 0.0 0.0 228216 5684 ? Ss 3月22 0:00 /usr/sbin/abrtd -d -s
root 1595 0.0 0.0 225924 4888 ? Ss 3月22 0:00 /usr/bin/abrt-watch-log -F Backtrace /var/log/Xorg.0.log -- /usr/bin/abrt-dump-xorg -xD
root 1596 0.0 0.0 225924 4896 ? Ss 3月22 0:16 /usr/bin/abrt-watch-log -F BUG: WARNING: at WARNING: CPU: INFO: possible recursive locking detected ernel BUG at list_del corruption list_add corruption do_IRQ: stack overflow: ear stack overflow (cur: eneral protection fault nable to handle kernel ouble fault: RTNL: assertion failed eek! page_mapcount(page) went negative! adness at NETDEV WATCHDOG ysctl table check failed : nobody cared IRQ handler type mismatch Kernel panic - not syncing: Machine Check Exception: Machine check events logged divide error: bounds: coprocessor segment overrun: invalid TSS: segment not present: invalid opcode: alignment check: stack segment: fpu exception: simd exception: iret exception: /var/log/messages -- /usr/bin/abrt-dump-oops -xtD
libstor+ 1598 0.0 0.0 8580 828 ? Ss 3月22 0:09 /usr/bin/lsmd -d
root 1643 0.0 0.0 542348 14208 ? S 3月22 1:04 /usr/libexec/sssd/sssd_be --domain gcc.EMSOCCS.gsdf.mods.go.jp --uid 0 --gid 0 --logger=files
root 1648 0.0 0.0 90568 3268 ? Ss 3月22 2:27 /sbin/rngd -f
root 1650 0.0 0.0 52852 2820 ? Ss 3月22 0:00 /usr/sbin/smartd -n -q never
root 1661 0.0 0.0 978884 24376 ? Ssl 3月22 6:12 /opt/McAfee/ens/fw/bin/mfefwd
root 1663 0.0 0.0 6612 276 ? Ss 3月22 0:00 /usr/sbin/mcelog --ignorenodev --daemon --syslog
root 1702 0.0 0.0 42464 1684 ? Ss 3月22 0:00 /usr/sbin/rpc.gssd
root 1704 0.0 0.0 116064 1540 ? S 3月22 2:26 /bin/bash /usr/sbin/ksmtuned
root 1710 0.0 0.0 1380308 28084 ? SLsl 3月22 8:33 /opt/McAfee/agent/bin/masvc self_start
root 1718 0.0 0.0 743316 13460 ? Ssl 3月22 0:53 /opt/McAfee/ens/esp/bin/mfeespd
root 1720 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/35:1H]
root 1721 0.0 0.0 277356 30860 ? S 3月22 7:11 /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --logger=files
root 1722 0.0 0.0 255808 4736 ? S 3月22 1:22 /usr/libexec/sssd/sssd_pam --uid 0 --gid 0 --logger=files
root 1729 0.0 0.0 407828 5300 ? Ssl 3月22 4:53 /usr/libexec/accounts-daemon
root 1731 0.0 0.0 26436 1840 ? Ss 3月22 25:48 /usr/lib/systemd/systemd-logind
root 1741 0.0 0.0 25908 948 ? Ss 3月22 0:00 /usr/sbin/atd -f
root 1752 0.0 0.0 126388 1620 ? Ss 3月22 0:08 /usr/sbin/crond -n
root 1753 0.0 0.0 481536 4640 ? Ssl 3月22 0:00 /usr/sbin/gdm
root 1824 1.6 0.0 2213656 86600 ? Ssl 3月22 750:08 /opt/McAfee/ens/tp/bin/mfetpd
root 1840 0.0 0.0 0 0 ? S 3月22 0:00 [AAC_reporter_Th]
root 1908 0.0 0.0 454772 40400 tty1 Ssl+ 3月22 0:15 /usr/bin/X :0 -background none -noreset -audit 4 -verbose -auth /run/gdm/auth-for-gdm-MgCfc7/database -seat seat0 -nolisten tcp vt1
mfe 1956 0.0 0.0 106556 7700 ? SLs 3月22 0:47 /opt/McAfee/agent/bin/macmnsvc self_start
root 2010 0.0 0.0 380544 7000 ? Sl 3月22 0:00 gdm-session-worker [pam/gdm-launch-environment]
root 2014 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/6:1H]
gdm 2015 0.0 0.0 671408 13252 ? Ssl 3月22 7:26 /usr/libexec/gnome-session-binary --autostart /usr/share/gdm/greeter/autostart
gdm 2020 0.0 0.0 59016 964 ? S 3月22 0:00 dbus-launch --exit-with-session /usr/libexec/gnome-session-binary --autostart /usr/share/gdm/greeter/autostart
gdm 2021 0.0 0.0 71244 1872 ? Ss 3月22 0:00 /usr/bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session
gdm 2040 0.0 0.0 346780 5732 ? Sl 3月22 0:00 /usr/libexec/at-spi-bus-launcher
gdm 2045 0.0 0.0 70840 2316 ? S 3月22 0:00 /usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2/accessibility.conf --nofork --print-address 3
gdm 2047 0.0 0.0 233104 3944 ? Sl 3月22 0:00 /usr/libexec/at-spi2-registryd --use-gnome-session
root 2080 0.0 0.0 0 0 ? S 4月22 0:08 [kworker/21:1]
gdm 2126 0.2 0.0 8190388 149880 ? Sl 3月22 117:07 /usr/bin/gnome-shell
root 2225 0.0 0.0 430460 5420 ? Ssl 3月22 3:13 /usr/libexec/upowerd
root 2260 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/4:1H]
gdm 2264 0.0 0.0 1171760 3744 ? S<l 3月22 0:00 /usr/bin/pulseaudio --start --log-target=syslog
gdm 2354 0.0 0.0 453384 5536 ? Sl 3月22 0:40 ibus-daemon --xim --panel disable
gdm 2458 0.0 0.0 376228 3588 ? Sl 3月22 0:00 /usr/libexec/ibus-dconf
gdm 2461 0.0 0.0 465172 15820 ? Sl 3月22 0:00 /usr/libexec/ibus-x11 --kill-daemon
gdm 2463 0.0 0.0 376208 3480 ? Sl 3月22 0:00 /usr/libexec/ibus-portal
gdm 2522 0.0 0.0 365112 2888 ? Sl 3月22 0:00 /usr/libexec/xdg-permission-store
root 2563 0.0 0.0 398932 4376 ? Ssl 3月22 4:56 /usr/libexec/boltd
root 2576 0.0 0.0 410960 5720 ? Ssl 3月22 13:48 /usr/libexec/packagekitd
root 2577 0.0 0.0 78660 3468 ? Ss 3月22 0:15 /usr/sbin/wpa_supplicant -u -f /var/log/wpa_supplicant.log -c /etc/wpa_supplicant/wpa_supplicant.conf -P /var/run/wpa_supplicant.pid
gdm 2587 0.0 0.0 615636 17200 ? Sl 3月22 0:00 /usr/libexec/gsd-xsettings
gdm 2590 0.0 0.0 376796 3432 ? Sl 3月22 0:00 /usr/libexec/gsd-a11y-settings
gdm 2591 0.0 0.0 464864 13636 ? Sl 3月22 0:00 /usr/libexec/gsd-clipboard
gdm 2593 0.1 0.0 649428 22720 ? Sl 3月22 59:40 /usr/libexec/gsd-color
gdm 2594 0.0 0.0 465668 7996 ? Sl 3月22 0:00 /usr/libexec/gsd-datetime
gdm 2597 0.0 0.0 380896 3132 ? Sl 3月22 0:00 /usr/libexec/gsd-housekeeping
gdm 2601 0.0 0.0 614584 13720 ? Sl 3月22 0:00 /usr/libexec/gsd-keyboard
gdm 2602 0.0 0.0 1143560 18004 ? Sl 3月22 3:42 /usr/libexec/gsd-media-keys
gdm 2606 0.0 0.0 300632 2868 ? Sl 3月22 0:00 /usr/libexec/gsd-mouse
gdm 2607 0.0 0.0 632108 15048 ? Sl 3月22 3:45 /usr/libexec/gsd-power
gdm 2610 0.0 0.0 363360 4548 ? Sl 3月22 0:00 /usr/libexec/gsd-print-notifications
gdm 2613 0.0 0.0 317860 3112 ? Sl 3月22 0:00 /usr/libexec/gsd-rfkill
gdm 2616 0.0 0.0 374368 2904 ? Sl 3月22 0:00 /usr/libexec/gsd-screensaver-proxy
gdm 2617 0.0 0.0 411812 4088 ? Sl 3月22 0:00 /usr/libexec/gsd-sharing
gdm 2620 0.0 0.0 472536 7224 ? Sl 3月22 0:00 /usr/libexec/gsd-smartcard
gdm 2629 0.0 0.0 455296 4924 ? Sl 3月22 0:00 /usr/libexec/gsd-sound
gdm 2632 0.0 0.0 625728 16652 ? Sl 3月22 0:00 /usr/libexec/gsd-wacom
root 2650 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/9:1H]
gdm 2663 0.0 0.0 187400 2828 ? Sl 3月22 0:00 /usr/libexec/dconf-service
colord 2672 0.0 0.0 419840 6472 ? Ssl 3月22 0:00 /usr/libexec/colord
root 2721 0.0 0.0 112900 4360 ? Ss 3月22 1:09 /usr/sbin/sshd -D
root 2724 0.0 0.0 574284 17700 ? Ssl 3月22 6:52 /usr/bin/python2 -Es /usr/sbin/tuned -l -P
root 2726 0.0 0.0 52708 2236 ? Ss 3月22 0:00 /usr/sbin/oddjobd -n -p /var/run/oddjobd.pid -t 300
root 2730 0.0 0.0 930692 21932 ? Ssl 3月22 6:58 /usr/sbin/rsyslogd -n
root 2739 9.8 0.0 7239168 75948 ? Sl 3月22 4537:59 McnMon -envfilepath /usr/local/newscp/mac/McnMon/config/env.ini
root 2786 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/44:1H]
root 3105 0.0 0.0 33232 1560 ? Ss 3月22 1:11 ./clpmonp --event -a 2 -r 0 -w 0
root 3106 0.1 0.0 37720 3116 ? S 3月22 62:32 clpevent
root 3181 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/41:1H]
root 3229 0.0 0.0 0 0 ? S 11:48 0:02 [kworker/7:0]
root 3293 0.0 0.0 91792 2260 ? Ss 3月22 0:10 /usr/libexec/postfix/master -w
postfix 3298 0.0 0.0 102848 4328 ? S 3月22 0:03 qmgr -l -t unix -u
root 3465 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/55:2]
root 3577 0.0 0.0 0 0 ? S< 3月22 0:03 [kworker/2:1H]
root 3581 0.0 0.0 33224 1668 ? Ss 3月22 1:12 ./clpmonp --nm -a 5 -r 0 -w 0
root 3582 0.0 0.0 518412 5480 ? Sl 3月22 4:29 clpnm
root 3650 0.0 0.0 164752 3036 ? S<l 3月22 3:07 clplankhb
root 3682 0.0 0.1 1387036 367400 ? Sl 3月22 0:15 /opt/McAfee/ens/tp/bin/mfetpd
root 3722 0.0 0.0 0 0 ? S 3月22 1:41 [clpkhb_recv]
root 3725 0.0 0.0 0 0 ? S 3月22 2:31 [clpkhb_send]
root 3732 0.0 0.0 33364 1844 ? Ss 3月22 1:12 ./clpmonp --trnsv -a 2 -r 0 -w 0
root 3733 0.0 0.0 62680 18352 ? SLs 3月22 0:27 /opt/McAfee/agent/bin/macompatsvc self_start
root 3734 0.0 0.0 652268 6044 ? Sl 3月22 39:32 clptrnsv
root 3756 0.0 0.0 62680 18352 ? SL 3月22 0:43 /opt/McAfee/agent/bin/macompatsvc self_start
root 3757 0.0 0.0 62680 18352 ? SL 3月22 0:38 /opt/McAfee/agent/bin/macompatsvc self_start
root 3758 0.0 0.0 62680 18352 ? SL 3月22 1:28 /opt/McAfee/agent/bin/macompatsvc self_start
root 3768 0.0 0.0 62680 18352 ? SL 3月22 0:03 /opt/McAfee/agent/bin/macompatsvc self_start
root 3770 0.0 0.0 62680 18352 ? SL 3月22 0:03 /opt/McAfee/agent/bin/macompatsvc self_start
root 3773 0.0 0.0 62680 18352 ? SL 3月22 0:03 /opt/McAfee/agent/bin/macompatsvc self_start
root 3775 0.0 0.0 62680 18352 ? SL 3月22 0:03 /opt/McAfee/agent/bin/macompatsvc self_start
gdm 3836 0.0 0.0 302412 3428 ? Sl 3月22 0:00 /usr/libexec/ibus-engine-simple
root 3914 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/62:2]
root 3931 0.0 0.0 33224 1664 ? Ss 3月22 1:14 ./clpmonp --ibsv -a 2 -r 0 -w 0
root 3933 0.3 0.0 449052 39064 ? Sl 3月22 174:06 clpibsv
root 4071 0.0 0.0 33308 1792 ? Ss 3月22 1:14 ./clpmonp --webmgr -a 2 -o -start -r 0 -w 0
root 4073 0.3 0.0 331344 8340 ? Sl 3月22 179:55 clpwebmc -start
root 4156 0.0 0.0 0 0 ? S 10:23 0:04 [kworker/11:1]
root 4158 0.0 0.0 33224 1668 ? Ss 3月22 1:12 ./clpmonp --webalert -a 2 -r 0 -w 0
root 4159 0.0 0.0 38668 4068 ? Sl 3月22 16:09 clpaltd
glassfi+ 4191 0.6 0.4 36280712 1118072 ? Sl 3月22 294:58 /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -client -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/domains/domain1/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish5/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--domaindir,,,/opt/glassfish5/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish5/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain
root 5258 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/60:1H]
glassfi+ 5265 0.5 0.4 36260864 1260028 ? Sl 3月22 238:10 /usr/lib/jvm/jre-1.8.0-openjdk/bin/java -cp /opt/glassfish5/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -server -javaagent:/opt/glassfish5/glassfish/lib/monitor/flashlight-agent.jar -Djavax.net.ssl.trustStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/cacerts.jks -Djdk.tls.rejectClientInitiatedRenegotiation=true -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish5/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish5/glassfish -Dfelix.fileinstall.poll=5000 -DSERVICENAME=sfcf -Djava.endorsed.dirs=/opt/glassfish5/glassfish/modules/endorsed:/opt/glassfish5/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=3 -DMNUV_DIR_PATH=/var/opt/scs/config/ -DF_SFCF=/var/opt/scs/config/EMSEnv.xml -Djavax.net.ssl.keyStore=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -DINCLUDE_LOG=/var/opt/scs/config/logback_include.xml -DAUDIT_LOG_ENV_PATH=/var/opt/scs/config/AuditLog/AuditLog.cfg -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -Dosgi.shell.telnet.port=26666 -Dgosh.args=--noshutdown -c noop=true -DF_CMN=/var/opt/scs/config/CMNEnv.xml -Dlogging.config=/var/opt/scs/config/logback.xml -DBASECODE=2Bgccs900001 -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -DLOGOUTDIR=/var/log/scs/log/ -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -DSERVICEID=F_SFCF -Djava.awt.headless=true -Djava.ext.dirs=/usr/lib/jvm/jre-1.8.0-openjdk/lib/ext:/usr/lib/jvm/jre-1.8.0-openjdk/jre/lib/ext:/opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/lib/ext -DSERVNAME=scsv -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Dspring.config.location=/var/opt/scs/config/application.properties -Djava.library.path=/opt/glassfish5/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--user,,,admin,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-local-instance,,,--verbose=false,,,--watchdog=false,,,--debug=false,,,--node,,,localhost-domain1,,,inst_ems_sfcf -instancename inst_ems_sfcf -type INSTANCE -verbose false -instancedir /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf -asadmin-classpath /opt/glassfish5/glassfish/modules/admin-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain
root 5686 0.0 0.1 1460800 369772 ? Sl 3月22 0:00 /opt/McAfee/ens/tp/bin/mfetpd
root 5729 8.7 0.1 1464912 377228 ? Sl 3月22 4044:32 /opt/McAfee/ens/tp/bin/mfetpd
root 5756 0.0 0.0 0 0 ? S< 3月22 0:00 [nl_queue]
root 5759 0.1 0.0 0 0 ? S 3月22 75:36 [Netlink_Scan_Re]
root 5844 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/11:1H]
root 5862 0.0 0.0 0 0 ? S 4月21 0:00 [kworker/60:1]
root 5991 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/5:1H]
root 6005 0.0 0.0 0 0 ? S 4月21 0:14 [kworker/22:0]
root 6018 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/34:1H]
root 6019 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/48:1H]
root 6482 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/54:1H]
root 6708 0.0 0.0 0 0 ? S 4月17 0:00 [kworker/59:1]
root 6712 0.0 0.0 0 0 ? S 10:26 0:04 [kworker/2:0]
root 6944 0.0 0.0 0 0 ? S 08:59 0:00 [kworker/37:2]
root 7203 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/7:1H]
apache 7345 0.0 0.0 324764 9100 ? Sl 4月22 0:21 /usr/sbin/httpd -DFOREGROUND
root 7352 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/10:1H]
apache 7362 0.0 0.0 324764 9088 ? Sl 4月22 0:21 /usr/sbin/httpd -DFOREGROUND
root 7467 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/13:1H]
root 7525 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/33:1H]
root 7593 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/8:1H]
root 7606 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/63:1]
root 7696 0.0 0.0 0 0 ? S 4月19 0:02 [kworker/39:2]
root 7699 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/62:3]
root 8017 0.0 0.0 0 0 ? S 10:27 0:05 [kworker/3:1]
root 8166 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/40:1H]
root 8200 0.0 0.0 0 0 ? S 04:40 0:00 [kworker/30:2]
root 8207 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/39:1H]
root 8585 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/57:1H]
root 8731 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/58:1H]
root 9003 0.0 0.0 0 0 ? S 4月22 0:00 [kworker/55:1]
root 9210 0.0 0.0 0 0 ? S 00:20 0:00 [kworker/54:2]
root 9235 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/12:1H]
root 9260 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/49:1H]
root 9266 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/42:1]
root 9335 0.0 0.0 0 0 ? S 11:55 0:00 [kworker/14:1]
root 9492 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/15:1H]
root 9813 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/14:1H]
root 11076 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/59:1H]
root 11132 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/61:1H]
root 11284 0.0 0.0 0 0 ? S 4月21 0:15 [kworker/27:2]
root 11553 0.0 0.0 0 0 ? S 01:50 0:00 [kworker/41:1]
root 11954 0.0 0.0 0 0 ? S 10:33 0:00 [kworker/32:2]
root 12089 0.0 0.0 0 0 ? S 00:24 0:00 [kworker/59:0]
root 12333 0.0 0.0 0 0 ? S 11:59 0:00 [kworker/u130:2]
root 12374 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/62:1H]
root 12474 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/63:1H]
root 12734 0.0 0.0 0 0 ? S 12:00 0:00 [kworker/23:0]
root 12911 0.0 0.0 0 0 ? S 12:00 0:00 [kworker/6:1]
root 13022 0.0 0.0 0 0 ? S 12:00 0:00 [kworker/25:1]
root 14028 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/53:1H]
root 15076 0.0 0.0 0 0 ? S 12:03 0:00 [kworker/38:0]
root 15559 0.0 0.0 0 0 ? S 4月22 0:00 [kworker/44:0]
root 16213 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/42:1H]
root 16475 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/53:0]
root 17555 0.0 0.0 0 0 ? S 10:40 0:04 [kworker/9:2]
root 17858 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/47:1H]
root 17987 0.0 0.0 0 0 ? S 12:07 0:00 [kworker/49:0]
root 18229 0.0 0.0 0 0 ? S 06:20 0:00 [kworker/12:1]
root 18690 0.0 0.0 0 0 ? S 12:08 0:00 [kworker/24:2]
root 18951 0.0 0.0 0 0 ? S 4月21 0:13 [kworker/29:1]
root 19006 0.0 0.0 0 0 ? S 10:42 0:04 [kworker/10:1]
root 19199 0.0 0.0 33364 1768 ? Ss 3月22 1:13 ./clpmonp --mdagent -a 5 -r 0 -w 60
root 19200 0.0 0.0 125728 4700 ? S 3月22 4:47 clpmdagent
root 19210 0.0 0.0 0 0 ? S 3月22 0:50 [liscal_common_1]
root 19211 0.0 0.0 0 0 ? S 3月22 0:11 [liscal_common_2]
root 19212 0.0 0.0 0 0 ? S 3月22 0:00 [liscal_common_4]
root 19213 0.0 0.0 0 0 ? S 3月22 0:49 [liscal_common_3]
root 19214 0.0 0.0 0 0 ? S 3月22 0:00 [liscal_nmp01_01]
root 19215 0.0 0.0 0 0 ? S 3月22 1:08 [liscal_nmp01_07]
root 19216 0.0 0.0 0 0 ? S 3月22 0:10 [liscal_nmp01_02]
root 19217 0.0 0.0 0 0 ? S 3月22 0:37 [liscal_nmp01_03]
root 19218 0.8 0.0 0 0 ? S 3月22 410:06 [liscal_nmp01_04]
root 19219 0.8 0.0 0 0 ? S 3月22 407:20 [liscal_nmp01_06]
root 19220 0.0 0.0 0 0 ? S 3月22 1:22 [liscal_nmp01_05]
root 19221 0.0 0.0 0 0 ? S 3月22 0:50 [liscal_nmp01_09]
root 19222 0.0 0.0 0 0 ? S 3月22 0:50 [liscal_nmp01_10]
root 19223 0.0 0.0 0 0 ? S 3月22 0:49 [liscal_nmp01_11]
root 19232 0.0 0.0 184312 4920 ? Ssl 3月22 0:37 clpmdperf --start -n all
root 19240 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/36:1H]
root 19246 0.1 0.0 125872 3248 ? S 3月22 70:32 clpmdagent
root 19248 0.0 0.0 125872 3364 ? S 3月22 9:42 clpmdagent
root 19304 0.0 0.0 69768 3172 ? Ssl 3月22 2:36 /opt/nec/clusterpro/bin/clppm
root 19314 0.0 0.0 831024 9336 ? Sl 3月22 11:40 clprc
root 19326 0.1 0.0 1206448 9232 ? Sl 3月22 88:04 clprm
root 19333 0.0 0.0 194448 3844 ? Sl 3月22 13:04 clpnm --np
root 20054 0.0 0.0 0 0 ? S 07:50 0:07 [kworker/12:0]
root 20925 0.0 0.0 0 0 ? S 12:11 0:00 [kworker/33:1]
root 21373 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-buf/NMP1]
root 21374 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-data/NMP1]
root 21375 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-conv/NMP1]
root 21376 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-cil/NMP1]
root 21377 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-reclaim/NMP]
root 21378 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-log/NMP1]
root 21379 0.0 0.0 0 0 ? S< 3月22 0:00 [xfs-eofblocks/N]
root 21380 0.0 0.0 0 0 ? S 3月22 12:49 [xfsaild/NMP1]
postgres 21428 0.0 0.0 399140 17236 ? Ss 3月22 3:36 /usr/pgsql-15/bin/postgres -D /sharedata/pgsql/data
postgres 21429 0.0 0.0 253096 2152 ? Ss 3月22 0:01 postgres: logger
postgres 21430 0.0 0.0 399284 79504 ? Ss 3月22 1:34 postgres: checkpointer
postgres 21431 0.0 0.0 399276 7796 ? Ss 3月22 0:28 postgres: background writer
postgres 21433 0.0 0.0 399276 6500 ? Ss 3月22 2:02 postgres: walwriter
postgres 21434 0.0 0.0 400748 3444 ? Ss 3月22 0:11 postgres: autovacuum launcher
postgres 21435 0.0 0.0 400732 3060 ? Ss 3月22 0:01 postgres: logical replication launcher
root 21455 0.0 0.0 288416 9416 ? Ss 3月22 2:02 /usr/sbin/httpd -DFOREGROUND
root 21464 0.0 0.0 198032 4020 ? Ssl 3月22 5:57 clp_psqlw --monitor -n psqlw
root 21554 0.1 0.4 40938952 1286152 ? Sl 3月22 76:11 java -DENV_DIR=/var/opt/scs/sfcu/env -DEND_FILE_DIR=/var/opt/scs/sfcu/env/endfile -DMNUV_CODE=g010100000 -DSRH_TIME=20240321161303198 -jar /var/opt/scs/sfcu/jar/sfcu.jar execution_time=2024-03-22_16:13:03.222
root 21782 0.0 0.0 0 0 ? S 4月21 0:13 [kworker/28:1]
root 21937 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/45:1H]
root 21966 0.0 0.0 475832 12860 ? Ss 3月22 1:21 /usr/sbin/smbd --foreground --no-process-group
root 21968 0.0 0.0 450352 4044 ? S 3月22 0:04 /usr/sbin/smbd --foreground --no-process-group
root 21969 0.0 0.0 450812 4016 ? S 3月22 0:04 /usr/sbin/smbd --foreground --no-process-group
root 21974 0.0 0.0 475816 4100 ? S 3月22 0:06 /usr/sbin/smbd --foreground --no-process-group
root 22012 6.8 0.0 7091672 75548 ? Sl 3月22 3164:00 /usr/local/newscp/mac/StartMon/bin/StartMon -envfilepath /usr/local/newscp/mac/StartMon/config/env.ini
root 22152 0.2 0.0 127168 4924 ? Ssl 3月22 127:30 clppsw --monitor -n psw_samba
root 22179 0.2 0.0 127168 4944 ? Ssl 3月22 131:48 clppsw --monitor -n psw_app
root 22187 0.2 0.0 127168 4936 ? Ssl 3月22 127:24 clppsw --monitor -n psw_glassfish
root 22189 0.2 0.0 127168 4932 ? Ssl 3月22 127:26 clppsw --monitor -n psw_postgresql
root 22191 0.2 0.0 127168 4936 ? Ssl 3月22 126:40 clppsw --monitor -n psw_httpd
root 22242 0.2 0.0 127168 4940 ? Ssl 3月22 126:37 clppsw --monitor -n psw_startmon
root 22596 0.0 0.0 0 0 ? S 07:53 0:00 [kworker/48:1]
root 22691 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/50:1H]
root 22965 0.0 0.0 0 0 ? S 12:13 0:01 [kworker/13:0]
root 23366 0.0 0.0 0 0 ? S 4月21 0:00 [kworker/45:2]
root 23672 0.0 0.0 0 0 ? S 4月22 0:00 [kworker/51:0]
postfix 24002 0.0 0.0 102672 4096 ? S 12:15 0:00 pickup -l -t unix -u
root 24586 0.0 0.0 0 0 ? S 10:50 0:05 [kworker/6:0]
root 24814 0.0 0.0 0 0 ? S 4月19 0:00 [kworker/47:1]
root 24861 0.0 0.0 0 0 ? S 4月13 0:01 [kworker/56:0]
postgres 25047 0.0 0.0 401168 5040 ? Ss 12:16 0:00 postgres: postgres db1 127.0.0.1(32918) idle
root 25108 0.0 0.0 0 0 ? S 03:35 0:00 [kworker/21:0]
root 25975 0.0 0.0 0 0 ? S 12:17 0:00 [kworker/9:1]
root 26141 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/43:1H]
postgres 27566 0.0 0.0 401168 5036 ? Ss 12:20 0:00 postgres: postgres db1 127.0.0.1(33006) idle
postgres 27936 0.0 0.0 402072 10304 ? Ss 12:20 0:00 postgres: postgres db1 127.0.0.1(33018) idle
root 28588 0.0 0.0 0 0 ? S 12:21 0:00 [kworker/1:2]
postgres 29338 0.0 0.0 401168 5084 ? Ss 12:22 0:00 postgres: postgres db1 127.0.0.1(33068) idle
root 29341 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/46:1H]
root 29858 0.0 0.0 0 0 ? S 12:23 0:00 [kworker/35:1]
root 30284 0.0 0.0 0 0 ? S 4月19 0:00 [kworker/58:0]
root 30306 0.0 0.0 0 0 ? S 4月12 0:02 [kworker/46:1]
postgres 30394 0.0 0.0 401168 5060 ? Ss 12:24 0:00 postgres: postgres db1 127.0.0.1(33106) idle
root 30421 0.0 0.0 488940 7604 ? S 4月12 0:03 /usr/sbin/smbd --foreground --no-process-group
postgres 31278 0.0 0.0 401168 5068 ? Ss 12:25 0:00 postgres: postgres db1 127.0.0.1(33144) idle
root 31313 0.0 0.0 0 0 ? S 4月22 0:00 [kworker/40:2]
root 31461 0.0 0.0 0 0 ? S 10:59 0:00 [kworker/49:1]
root 31761 0.0 0.0 0 0 ? S 12:25 0:00 [kworker/5:0]
root 32406 0.0 0.0 0 0 ? S 11:00 0:02 [kworker/1:0]
root 32409 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/52:1H]
root 32680 0.0 0.0 0 0 ? S 12:27 0:00 [kworker/36:0]
apache 33301 0.0 0.0 521376 11368 ? Sl 4月21 0:49 /usr/sbin/httpd -DFOREGROUND
apache 33302 0.0 0.0 324704 9080 ? Sl 4月21 0:53 /usr/sbin/httpd -DFOREGROUND
apache 33303 0.0 0.0 324704 9104 ? Sl 4月21 0:53 /usr/sbin/httpd -DFOREGROUND
apache 33304 0.0 0.0 324704 9108 ? Sl 4月21 0:53 /usr/sbin/httpd -DFOREGROUND
apache 33305 0.0 0.0 324704 9128 ? Sl 4月21 0:53 /usr/sbin/httpd -DFOREGROUND
root 33384 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/38:1H]
root 33557 0.0 0.0 0 0 ? S 12:28 0:00 [kworker/u130:0]
root 33617 0.0 0.0 0 0 ? S 4月18 0:01 [kworker/47:2]
root 33766 0.0 0.0 0 0 ? S 12:28 0:00 [kworker/22:1]
root 33822 0.0 0.0 0 0 ? S 12:28 0:00 [kworker/2:1]
postgres 34460 0.0 0.0 401168 5036 ? Ss 12:29 0:00 postgres: postgres db1 127.0.0.1(33258) idle
root 34491 0.0 0.0 0 0 ? S 12:29 0:00 [kworker/18:1]
root 35102 0.0 0.0 0 0 ? S 12:30 0:00 [kworker/0:2]
root 35323 0.0 0.0 0 0 ? S 12:30 0:00 [kworker/u129:1]
postgres 35326 0.0 0.0 401168 5060 ? Ss 12:30 0:00 postgres: postgres db1 127.0.0.1(33284) idle
root 35585 0.0 0.0 0 0 ? S 12:31 0:00 [kworker/u129:2]
root 36596 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/57:2]
postgres 36641 0.0 0.0 401168 5040 ? Ss 12:32 0:00 postgres: postgres db1 127.0.0.1(33318) idle
postgres 36691 0.0 0.0 401168 5048 ? Ss 12:32 0:00 postgres: postgres db1 127.0.0.1(33324) idle
root 36995 0.0 0.0 0 0 ? S 11:06 0:03 [kworker/8:2]
root 37217 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/56:1H]
postgres 37475 0.0 0.0 401168 5064 ? Ss 12:33 0:00 postgres: postgres db1 127.0.0.1(33348) idle
root 37513 0.0 0.0 0 0 ? S 12:33 0:00 [kworker/7:1]
postgres 37874 0.0 0.0 401168 5060 ? Ss 12:33 0:00 postgres: postgres db1 127.0.0.1(33360) idle
root 37961 0.0 0.0 0 0 ? S 12:34 0:00 [kworker/35:2]
root 38255 0.0 0.0 0 0 ? S 12:34 0:00 [kworker/36:1]
root 38282 0.0 0.0 0 0 ? S 12:34 0:00 [kworker/2:2]
root 38396 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/61:1]
root 39011 0.0 0.0 0 0 ? S 12:35 0:00 [kworker/4:0]
apache 39144 0.0 0.0 324704 9104 ? Sl 4月21 0:53 /usr/sbin/httpd -DFOREGROUND
root 39483 0.0 0.0 0 0 ? S 06:49 0:00 [kworker/57:0]
root 39668 0.0 0.0 0 0 ? S 12:36 0:00 [kworker/8:0]
postgres 39738 0.0 0.0 401168 5084 ? Ss 12:36 0:00 postgres: postgres db1 127.0.0.1(33428) idle
postgres 39852 0.0 0.0 401168 5044 ? Ss 12:36 0:00 postgres: postgres db1 127.0.0.1(33430) idle
root 39911 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/51:1H]
root 40035 0.0 0.0 0 0 ? S 08:17 0:00 [kworker/16:0]
root 40036 0.0 0.0 0 0 ? S 4月22 0:01 [kworker/50:2]
root 40274 0.0 0.0 0 0 ? S 12:36 0:00 [kworker/0:1]
postgres 40337 0.0 0.0 401168 5060 ? Ss 12:37 0:00 postgres: postgres db1 127.0.0.1(33442) idle
postgres 40828 0.0 0.0 401168 5036 ? Ss 12:37 0:00 postgres: postgres db1 127.0.0.1(33468) idle
postgres 41405 0.0 0.0 401168 5036 ? Ss 12:38 0:00 postgres: postgres db1 127.0.0.1(33484) idle
postgres 41419 0.0 0.0 401740 5988 ? Ss 12:38 0:00 postgres: postgres db1 127.0.0.1(33486) idle
root 41603 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/46:0]
root 41758 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/55:1H]
root 41809 0.0 0.0 0 0 ? S 08:19 0:12 [kworker/4:1]
root 42025 0.0 0.0 0 0 ? S 09:46 0:00 [kworker/26:1]
root 42223 0.0 0.0 0 0 ? S 08:20 0:00 [kworker/48:2]
root 42296 0.0 0.0 0 0 ? S 12:39 0:00 [kworker/35:0]
root 42593 0.0 0.0 0 0 ? S 12:39 0:00 [kworker/14:0]
root 42971 0.0 0.0 0 0 ? S 12:40 0:00 [kworker/33:2]
root 43448 0.0 0.0 0 0 ? S 11:15 0:00 [kworker/44:2]
root 43473 0.0 0.0 0 0 ? S 11:15 0:00 [kworker/17:2]
root 43492 0.0 0.0 0 0 ? S 11:15 0:00 [kworker/39:1]
root 43738 0.0 0.0 0 0 ? S 12:41 0:00 [kworker/4:2]
root 43894 0.0 0.0 0 0 ? S 11:15 0:00 [kworker/33:0]
root 44140 0.0 0.0 0 0 ? S 09:49 0:00 [kworker/16:2]
root 44502 0.0 0.0 0 0 ? S 09:50 0:00 [kworker/13:2]
root 44765 0.0 0.0 0 0 ? S 11:16 0:00 [kworker/40:0]
postgres 44792 0.0 0.0 401168 5032 ? Ss 12:42 0:00 postgres: postgres db1 127.0.0.1(33592) idle
root 44798 0.0 0.0 0 0 ? S 05:29 0:08 [kworker/10:2]
root 44991 0.0 0.0 0 0 ? S 4月22 0:00 [kworker/37:1]
root 45004 0.0 0.0 0 0 ? S 12:42 0:00 [kworker/0:0]
root 45184 0.0 0.0 0 0 ? S 12:42 0:00 [kworker/u129:0]
root 45223 0.0 0.0 0 0 ? S 09:51 0:00 [kworker/45:1]
root 45293 0.0 0.0 0 0 ? S 4月09 0:01 [kworker/60:2]
root 45827 0.0 0.0 0 0 ? S 12:43 0:00 [kworker/u129:3]
root 46154 0.0 0.0 0 0 ? S 09:52 0:00 [kworker/17:0]
root 46552 0.0 0.0 0 0 ? S 11:19 0:00 [kworker/34:1]
root 46676 0.0 0.0 108052 352 ? S 12:43 0:00 sleep 60
root 46948 0.0 0.0 0 0 ? S 12:43 0:00 [kworker/3:2]
root 47327 0.0 0.0 0 0 ? S 4月16 0:01 [kworker/41:2]
postgres 47676 0.0 0.0 401168 5040 ? Ss 12:43 0:00 postgres: postgres db1 127.0.0.1(33640) idle
root 47705 0.0 0.0 0 0 ? S 09:54 0:05 [kworker/15:0]
root 47730 0.0 0.0 0 0 ? S< 3月22 0:00 [kworker/37:1H]
root 47861 2.3 0.0 177004 6384 ? Ss 12:43 0:00 sshd: root@notty
root 48192 0.0 0.0 177004 6444 ? Ss 12:43 0:00 sshd: root@notty
root 48221 0.0 0.0 113280 1576 ? Ss 12:43 0:00 bash -c /bin/ps auxww 2>/dev/null
root 48239 0.0 0.0 155448 1884 ? R 12:43 0:00 /bin/ps auxww
root 48274 0.0 0.0 0 0 ? S 4月21 0:00 [kworker/51:2]
root 48714 0.0 0.0 0 0 ? S 05:35 0:00 [kworker/19:1]
root 48716 0.0 0.0 0 0 ? S 02:41 0:00 [kworker/52:2]
root 48794 0.0 0.0 0 0 ? S 11:22 0:00 [kworker/3:0]
root 49880 0.0 0.0 0 0 ? S 4月22 0:00 [kworker/34:2]
root 50193 0.0 0.0 0 0 ? S 08:31 0:00 [kworker/50:0]
root 50454 0.0 0.0 0 0 ? S 4月22 0:00 [kworker/43:2]
root 51580 0.0 0.0 0 0 ? S 05:39 0:03 [kworker/19:3]
root 53190 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/42:0]
root 53240 0.0 0.0 0 0 ? S 4月22 0:05 [kworker/38:1]
root 53594 0.0 0.0 0 0 ? S 11:28 0:00 [kworker/15:1]
root 54435 0.0 0.0 0 0 ? S 11:30 0:00 [kworker/31:2]
root 54665 0.0 0.0 489072 7704 ? S 3月22 0:11 /usr/sbin/smbd --foreground --no-process-group
root 54666 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/53:2]
root 55151 0.0 0.0 0 0 ? S 02:49 0:00 [kworker/27:0]
root 55196 0.0 0.0 0 0 ? S 4月22 0:11 [kworker/31:0]
root 55464 0.0 0.0 0 0 ? S 4月17 0:00 [kworker/63:2]
root 55617 0.0 0.0 0 0 ? S 4月21 0:15 [kworker/25:2]
root 55894 0.0 0.0 488912 7580 ? S 3月22 0:11 /usr/sbin/smbd --foreground --no-process-group
postgres 57081 0.0 0.0 401312 6716 ? Ss 3月22 0:33 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55646) idle
postgres 57082 0.0 0.0 401312 6728 ? Ss 3月22 0:23 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55647) idle
postgres 57083 0.0 0.0 401312 6720 ? Ss 3月22 0:21 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55648) idle
postgres 57084 0.0 0.0 401312 6720 ? Ss 3月22 0:20 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55649) idle
postgres 57085 0.0 0.0 401312 6716 ? Ss 3月22 0:21 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55651) idle
postgres 57136 0.0 0.0 401312 6720 ? Ss 3月22 0:33 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55739) idle
postgres 57137 0.0 0.0 401312 6728 ? Ss 3月22 0:22 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55740) idle
postgres 57139 0.0 0.0 401312 6724 ? Ss 3月22 0:19 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55741) idle
postgres 57143 0.0 0.0 401312 6728 ? Ss 3月22 0:20 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55742) idle
postgres 57144 0.0 0.0 401312 6728 ? Ss 3月22 0:20 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55743) idle
postgres 57171 0.0 0.0 401312 6724 ? Ss 3月22 0:33 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55778) idle
postgres 57172 0.0 0.0 401312 6728 ? Ss 3月22 0:23 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55783) idle
postgres 57173 0.0 0.0 401312 6720 ? Ss 3月22 0:21 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55787) idle
postgres 57174 0.0 0.0 401312 6716 ? Ss 3月22 0:21 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55792) idle
postgres 57175 0.0 0.0 401312 6724 ? Ss 3月22 0:20 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55796) idle
postgres 57392 0.0 0.0 401312 6716 ? Ss 3月22 0:33 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55955) idle
postgres 57393 0.0 0.0 401272 6716 ? Ss 3月22 0:23 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55956) idle
postgres 57394 0.0 0.0 401272 6720 ? Ss 3月22 0:20 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55957) idle
postgres 57395 0.0 0.0 401272 6728 ? Ss 3月22 0:20 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55958) idle
postgres 57396 0.0 0.0 401272 6716 ? Ss 3月22 0:20 postgres: postgres db1 fd01:e2e2:0:e0c0::21(55959) idle
root 57865 0.0 0.0 0 0 ? S 11:34 0:00 [kworker/18:2]
root 58567 0.0 0.0 0 0 ? S 11:35 0:01 [kworker/14:2]
root 58952 0.0 0.0 0 0 ? S 11:36 0:00 [kworker/32:1]
root 59075 0.0 0.0 0 0 ? S 00:01 0:00 [kworker/29:2]
root 59370 0.0 0.0 0 0 ? S 4月19 0:00 [kworker/43:0]
postgres 59375 0.0 0.0 402240 8696 ? Ss 3月22 0:42 postgres: postgres db1 fd01:e2e2:0:e0c0::43(58818) idle
postgres 59376 0.0 0.0 401272 6700 ? Ss 3月22 0:25 postgres: postgres db1 fd01:e2e2:0:e0c0::43(58819) idle
postgres 59377 0.0 0.0 401272 6712 ? Ss 3月22 0:33 postgres: postgres db1 fd01:e2e2:0:e0c0::43(58820) idle
postgres 59378 0.0 0.0 401272 6700 ? Ss 3月22 0:24 postgres: postgres db1 fd01:e2e2:0:e0c0::43(58821) idle
postgres 59379 0.0 0.0 401272 6708 ? Ss 3月22 0:27 postgres: postgres db1 fd01:e2e2:0:e0c0::43(58822) idle
postgres 59380 0.0 0.0 401272 6700 ? Ss 3月22 0:24 postgres: postgres db1 fd01:e2e2:0:e0c0::43(58823) idle
postgres 59381 0.0 0.0 401272 6704 ? Ss 3月22 0:25 postgres: postgres db1 fd01:e2e2:0:e0c0::43(58824) idle
postgres 59382 0.0 0.0 401272 6700 ? Ss 3月22 0:23 postgres: postgres db1 fd01:e2e2:0:e0c0::43(58825) idle
postgres 59383 0.0 0.0 401272 6704 ? Ss 3月22 0:25 postgres: postgres db1 fd01:e2e2:0:e0c0::43(58826) idle
postgres 59384 0.0 0.0 401272 6708 ? Ss 3月22 0:26 postgres: postgres db1 fd01:e2e2:0:e0c0::43(58827) idle
root 59932 0.0 0.0 0 0 ? S 4月22 0:06 [kworker/23:2]
root 60662 0.0 0.0 0 0 ? S 4月22 0:10 [kworker/20:0]
root 60973 0.0 0.0 0 0 ? S 11:39 0:00 [kworker/11:0]
root 61619 0.0 0.0 0 0 ? S 4月21 0:14 [kworker/26:2]
postgres 61977 0.0 0.0 401272 6676 ? Ss 3月22 0:32 postgres: postgres db1 fd01:e2e2:0:e0c0::45(50093) idle
postgres 61978 0.0 0.0 401272 6684 ? Ss 3月22 0:27 postgres: postgres db1 fd01:e2e2:0:e0c0::45(50094) idle
postgres 61979 0.0 0.0 401272 6684 ? Ss 3月22 0:25 postgres: postgres db1 fd01:e2e2:0:e0c0::45(50095) idle
postgres 61985 0.0 0.0 401272 6688 ? Ss 3月22 0:24 postgres: postgres db1 fd01:e2e2:0:e0c0::45(50096) idle
postgres 61986 0.0 0.0 401272 6684 ? Ss 3月22 0:23 postgres: postgres db1 fd01:e2e2:0:e0c0::45(50097) idle
postgres 62188 0.0 0.0 402440 66436 ? Ss 3月22 3:59 postgres: postgres db1 fd01:e2e2:0:e0c0::45(50182) idle
postgres 62189 0.0 0.0 401272 6680 ? Ss 3月22 0:28 postgres: postgres db1 fd01:e2e2:0:e0c0::45(50183) idle
postgres 62190 0.0 0.0 401272 6680 ? Ss 3月22 0:26 postgres: postgres db1 fd01:e2e2:0:e0c0::45(50184) idle
postgres 62191 0.0 0.0 401272 6684 ? Ss 3月22 0:25 postgres: postgres db1 fd01:e2e2:0:e0c0::45(50185) idle
postgres 62192 0.0 0.0 401272 6684 ? Ss 3月22 0:25 postgres: postgres db1 fd01:e2e2:0:e0c0::45(50186) idle
root 62309 0.0 0.0 0 0 ? S 4月14 0:02 [kworker/52:1]
root 63035 0.0 0.0 0 0 ? S 4月22 0:00 [kworker/56:1]
root 63751 0.0 0.0 0 0 ? S 08:49 0:00 [kworker/28:0]
root 64126 0.0 0.0 0 0 ? S 4月20 0:00 [kworker/54:1]
root 64495 0.0 0.0 0 0 ? S 10:17 0:07 [kworker/5:2]
root 65235 0.0 0.0 0 0 ? S 10:18 0:00 [kworker/20:1]
root 65400 0.0 0.0 0 0 ? S 4月22 0:00 [kworker/58:2]
117887 (1) - OS Security Patch Assessment Available
-
Synopsis
Nessus was able to log in to the remote host using the provided credentials and enumerate OS security patch levels.
Description
Nessus was able to determine OS security patch levels by logging into the remote host and running commands to determine the version of the operating system and its components. The remote host was identified as an operating system or device that Nessus supports for patch and update assessment. The necessary information was obtained to perform these checks.
Solution
n/a
Risk Factor
None
References
XREF IAVB:0001-B-0516
Plugin Information
Published: 2018/10/02, Modified: 2021/07/12
Plugin Output

ipaddr (tcp/0)

OS Security Patch Assessment is available.

Account : root
Protocol : SSH
123685 (1) - Oracle Glassfish Installed (Linux/UNIX)
-
Synopsis
An application server is installed on the remote host.
Description
Oracle Glassfish, an application server, is installed on the remote host.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2019/04/04, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Path : /opt/glassfish5/
Version : 5.1
Build : default-private
State : Running
135860 (1) - WMI Not Available
-
Synopsis
WMI queries could not be made against the remote host.
Description
WMI (Windows Management Instrumentation) is not available on the remote host over DCOM. WMI queries are used to gather information about the remote host, such as its current state, network interface configuration, etc.

Without this information Nessus may not be able to identify installed software or security vunerabilities that exist on the remote host.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2020/04/21, Modified: 2024/03/26
Plugin Output

ipaddr (tcp/445/cifs)

Can't connect to the 'root\CIMV2' WMI namespace.
138014 (1) - kpatch : Installed Patches
-
Synopsis
The remote host is using kpatch to maintain the OS kernel.
Description
kpatch is being used to maintain the remote host's operating system kernel without requiring reboots.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2020/07/01, Modified: 2021/05/10
Plugin Output

ipaddr (tcp/0)

kpatch is installed, but no loaded patch modules appear to cover any CVEs.
kpatch list output:

Loaded patch modules:

Installed patch modules:
141118 (1) - Target Credential Status by Authentication Protocol - Valid Credentials Provided
-
Synopsis
Valid credentials were provided for an available authentication protocol.
Description
Nessus was able to determine that valid credentials were provided for an authentication protocol available on the remote target because it was able to successfully authenticate directly to the remote target using that authentication protocol at least once. Authentication was successful because the authentication protocol service was available remotely, the service was able to be identified, the authentication protocol was able to be negotiated successfully, and a set of credentials provided in the scan policy for that authentication protocol was accepted by the remote service. See plugin output for details, including protocol, port, and account.

Please note the following :

- This plugin reports per protocol, so it is possible for valid credentials to be provided for one protocol and not another. For example, authentication may succeed via SSH but fail via SMB, while no credentials were provided for an available SNMP service.

- Providing valid credentials for all available authentication protocols may improve scan coverage, but the value of successful authentication for a given protocol may vary from target to target depending upon what data (if any) is gathered from the target via that protocol. For example, successful authentication via SSH is more valuable for Linux targets than for Windows targets, and likewise successful authentication via SMB is more valuable for Windows targets than for Linux targets.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2020/10/15, Modified: 2024/03/25
Plugin Output

ipaddr (tcp/22/ssh)


Nessus was able to log in to the remote host via the following :

User: 'root'
Port: 22
Proto: SSH
Method: password
141394 (1) - Apache HTTP Server Installed (Linux)
-
Synopsis
The remote host has Apache HTTP Server software installed.
Description
Apache HTTP Server is installed on the remote Linux host.
See Also
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0530
Plugin Information
Published: 2020/10/12, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Path : /usr/sbin/httpd
Version : 2.4.57
Associated Package : httpd-core-2.4.57-1a.el7.x86_64
Managed by OS : True
Running : no

Configs found :
- /etc/httpd/conf/httpd.conf

Loaded modules :
- mod_access_compat
- mod_actions
- mod_alias
- mod_allowmethods
- mod_auth_basic
- mod_auth_digest
- mod_auth_gssapi
- mod_authn_anon
- mod_authn_core
- mod_authn_dbd
- mod_authn_dbm
- mod_authn_file
- mod_authn_socache
- mod_authnz_fcgi
- mod_authz_core
- mod_authz_dbd
- mod_authz_dbm
- mod_authz_groupfile
- mod_authz_host
- mod_authz_owner
- mod_authz_user
- mod_autoindex
- mod_brotli
- mod_cache
- mod_cache_disk
- mod_cache_socache
- mod_cgi
- mod_cgid
- mod_data
- mod_dav
- mod_dav_fs
- mod_dav_lock
- mod_dbd
- mod_deflate
- mod_dir
- mod_dumpio
- mod_echo
- mod_env
- mod_expires
- mod_ext_filter
- mod_filter
- mod_headers
- mod_include
- mod_info
- mod_lbmethod_bybusyness
- mod_lbmethod_byrequests
- mod_lbmethod_bytraffic
- mod_lbmethod_heartbeat
- mod_log_config
- mod_logio
- mod_lua
- mod_macro
- mod_mime
- mod_mime_magic
- mod_mpm_prefork
- mod_negotiation
- mod_proxy
- mod_proxy_ajp
- mod_proxy_balancer
- mod_proxy_connect
- mod_proxy_express
- mod_proxy_fcgi
- mod_proxy_fdpass
- mod_proxy_ftp
- mod_proxy_hcheck
- mod_proxy_http
- mod_proxy_scgi
- mod_proxy_uwsgi
- mod_proxy_wstunnel
- mod_remoteip
- mod_reqtimeout
- mod_request
- mod_rewrite
- mod_setenvif
- mod_slotmem_plain
- mod_slotmem_shm
- mod_socache_dbm
- mod_socache_memcache
- mod_socache_redis
- mod_socache_shmcb
- mod_ssl
- mod_status
- mod_substitute
- mod_suexec
- mod_systemd
- mod_unique_id
- mod_unixd
- mod_userdir
- mod_version
- mod_vhost_alias
- mod_watchdog
142640 (1) - Apache HTTP Server Site Enumeration
-
Synopsis
The remote host is hosting websites using Apache HTTP Server.
Description
Domain names and IP addresses from Apache HTTP Server configuration file were retrieved from the remote host. Apache HTTP Server is a webserver environment written in C. Note: Only Linux- and Unix-based hosts are currently supported by this plugin.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2020/11/09, Modified: 2024/03/19
Plugin Output

ipaddr (tcp/0)

Sites and configs present in /usr/sbin/httpd Apache installation:
- following sites are present in /etc/httpd/conf/httpd.conf Apache config file:
+ - *:443
147817 (1) - Java Detection and Identification (Linux / Unix)
-
Synopsis
Java is installed on the remote Linux / Unix host.
Description
One or more instances of Java are installed on the remote Linux / Unix host. This may include private JREs bundled with the Java Development Kit (JDK).
Notes:

- This plugin attempts to detect Oracle and non-Oracle JRE instances such as Zulu Java, Amazon Corretto, AdoptOpenJDK, IBM Java, etc
- To discover instances of JRE that are not in PATH, or installed via a package manager, 'Perform thorough tests' setting must be enabled.
See Also
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0690
Plugin Information
Published: 2021/03/16, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Path : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/
Version : 1.8.0_262
Binary Location : /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64/jre/bin/java
Details : This Java install may be openjdk, as neither "Oracle" nor "Sun" are
found in the binary (low confidence).
Note - This install was discovered by checking the currently
running processes on the system, and it may not always
be reported in future scans.
Detection Method : "locate" utility
Managed by OS : True
149334 (1) - SSH Password Authentication Accepted
-
Synopsis
The SSH server on the remote host accepts password authentication.
Description
The SSH server on the remote host accepts password authentication.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2021/05/07, Modified: 2021/05/07
Plugin Output

ipaddr (tcp/22/ssh)

151883 (1) - Libgcrypt Installed (Linux/UNIX)
-
Synopsis
Libgcrypt is installed on this host.
Description
Libgcrypt, a cryptography library, was found on the remote host.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2021/07/21, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Nessus detected 2 installs of Libgcrypt:

Path : /usr/lib64/libgcrypt.so.11
Version : 1.5.3

Path : /usr/lib64/libgcrypt.so.11.8.2
Version : 1.5.3
152742 (1) - Unix Software Discovery Commands Available
-
Synopsis
Nessus was able to log in to the remote host using the provided credentials and is able to execute all commands used to find unmanaged software.
Description
Nessus was able to determine that it is possible for plugins to find and identify versions of software on the target host. Software that is not managed by the operating system is typically found and characterized using these commands. This was measured by running commands used by unmanaged software plugins and validating their output against expected results.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2021/08/23, Modified: 2021/08/23
Plugin Output

ipaddr (tcp/0)

Unix software discovery checks are available.

Account : root
Protocol : SSH
153588 (1) - SSH SHA-1 HMAC Algorithms Enabled
-
Synopsis
The remote SSH server is configured to enable SHA-1 HMAC algorithms.
Description
The remote SSH server is configured to enable SHA-1 HMAC algorithms.

Although NIST has formally deprecated use of SHA-1 for digital signatures, SHA-1 is still considered secure for HMAC as the security of HMAC does not rely on the underlying hash function being resistant to collisions.

Note that this plugin only checks for the options of the remote SSH server.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2021/09/23, Modified: 2022/04/05
Plugin Output

ipaddr (tcp/22/ssh)


The following client-to-server SHA-1 Hash-based Message Authentication Code (HMAC) algorithms are supported :

hmac-sha1
hmac-sha1-etm@openssh.com

The following server-to-client SHA-1 Hash-based Message Authentication Code (HMAC) algorithms are supported :

hmac-sha1
hmac-sha1-etm@openssh.com
156000 (1) - Apache Log4j Installed (Linux / Unix)
-
Synopsis
Apache Log4j, a logging API, is installed on the remote Linux / Unix host.
Description
One or more instances of Apache Log4j, a logging API, are installed on the remote Linux / Unix Host.

The plugin timeout can be set to a custom value other than the plugin's default of 45 minutes via the 'timeout.156000' scanner setting in Nessus 8.15.1 or later.

Please see https://docs.tenable.com/nessus/Content/SettingsAdvanced.htm#Custom for more information.
See Also
Solution
n/a
Risk Factor
None
References
XREF IAVA:0001-A-0650
XREF IAVT:0001-T-0941
Plugin Information
Published: 2021/12/10, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Nessus detected 10 installs of Apache Log4j:

Path : /opt/glassfish5/glassfish/domains/domain1/applications/__internal/sfcf/sfcf.war
Version : 2.8.2
Archive Location : WEB-INF/lib/log4j-core-2.8.2.jar
JMSAppender.class association : Not Found
JdbcAppender.class association : Not Found
JndiLookup.class association : Not Found
Method : log4j-core dependency search

Path : /home/glassfish/new/sfcf.war
Version : 2.8.2
Archive Location : WEB-INF/lib/log4j-core-2.8.2.jar
JMSAppender.class association : Not Found
JdbcAppender.class association : Not Found
JndiLookup.class association : Not Found
Method : log4j-core dependency search

Path : /opt/glassfish5/glassfish/nodes/localhost-domain1/inst_ems_sfcf/applications/sfcf/WEB-INF/lib/log4j-core-2.8.2.jar
Version : 2.8.2
JMSAppender.class association : Found
JdbcAppender.class association : Found
JndiLookup.class association : Found
Method : log4j-core file search

Path : /opt/glassfish5/glassfish/domains/domain1/applications/sfcf/WEB-INF/lib/log4j-core-2.8.2.jar
Version : 2.8.2
JMSAppender.class association : Found
JdbcAppender.class association : Found
JndiLookup.class association : Found
Method : log4j-core file search

Path : /var/opt/scs/sfcu/jar/sfcu.jar
Version : 2.17.1
Archive Location : BOOT-INF/lib/log4j-core-2.17.1.jar
JMSAppender.class association : Found
JdbcAppender.class association : Found
JndiLookup.class association : Found
Method : log4j-core dependency search

Path : /sharedata/samba/sfcu.jar
Version : 2.17.1
Archive Location : BOOT-INF/lib/log4j-core-2.17.1.jar
JMSAppender.class association : Found
JdbcAppender.class association : Found
JndiLookup.class association : Found
Method : log4j-core dependency search

Path : /sharedata/samba/sfcf.war
Version : 2.8.2
Archive Location : WEB-INF/lib/log4j-core-2.8.2.jar
JMSAppender.class association : Not Found
JdbcAppender.class association : Not Found
JndiLookup.class association : Not Found
Method : log4j-core dependency search

Path : /home/glassfish/backup/sfcf.war
Version : 2.8.2
Archive Location : WEB-INF/lib/log4j-core-2.8.2.jar
JMSAppender.class association : Not Found
JdbcAppender.class association : Not Found
JndiLookup.class association : Not Found
Method : log4j-core dependency search

Path : /home/user/sfcf.war
Version : 2.8.2
Archive Location : WEB-INF/lib/log4j-core-2.8.2.jar
JMSAppender.class association : Not Found
JdbcAppender.class association : Not Found
JndiLookup.class association : Not Found
Method : log4j-core dependency search

Path : /usr/share/java/log4j.jar
Version : 1.2.17
JMSAppender.class association : Found
JdbcAppender.class association : Found
JndiLookup.class association : Not Found
Method : Package manager
157358 (1) - Linux Mounted Devices
-
Synopsis
Use system commands to obtain the list of mounted devices on the target machine at scan time.
Description
Report the mounted devices information on the target machine at scan time using the following commands.
/bin/df -h /bin/lsblk /bin/mount -l

This plugin only reports on the tools available on the system and omits any tool that did not return information when the command was ran.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2022/02/03, Modified: 2023/11/27
Plugin Output

ipaddr (tcp/0)

$ df -h
ファイルシス サイズ 使用 残り 使用% マウント位置
devtmpfs 126G 0 126G 0% /dev
tmpfs 126G 1.3M 126G 1% /dev/shm
tmpfs 126G 2.9M 126G 1% /run
tmpfs 126G 0 126G 0% /sys/fs/cgroup
/dev/sda4 177G 32G 146G 18% /
/dev/sda2 1014M 165M 850M 17% /boot
/dev/sda1 200M 12M 189M 6% /boot/efi
/dev/loop0 4.4G 4.4G 0 100% /media/CentOS
tmpfs 26G 0 26G 0% /run/user/985
tmpfs 26G 24K 26G 1% /run/user/42
/dev/NMP1 651G 578M 651G 1% /sharedata
tmpfs 26G 0 26G 0% /run/user/26
tmpfs 26G 0 26G 0% /run/user/0


$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 186.3G 0 disk
├─sda1 8:1 0 200M 0 part /boot/efi
├─sda2 8:2 0 1G 0 part /boot
├─sda3 8:3 0 8G 0 part [SWAP]
└─sda4 8:4 0 177.1G 0 part /
sdb 8:16 0 652.1G 0 disk
├─sdb1 8:17 0 1G 0 part
└─sdb2 8:18 0 651.1G 0 part
sr0 11:0 1 1024M 0 rom
NMP1 218:1 0 651.1G 0 disk /sharedata
loop0 7:0 0 4.4G 1 loop /media/CentOS


$ mount -l
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
devtmpfs on /dev type devtmpfs (rw,nosuid,size=131792888k,nr_inodes=32948222,mode=755)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
efivarfs on /sys/firmware/efi/efivars type efivarfs (rw,nosuid,nodev,noexec,relatime)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_prio,net_cls)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
configfs on /sys/kernel/config type configfs (rw,relatime)
/dev/sda4 on / type xfs (rw,relatime,attr2,inode64,logbsize=256k,sunit=512,swidth=512,noquota)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=35,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=59489)
mqueue on /dev/mqueue type mqueue (rw,relatime)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)
fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
/dev/sda2 on /boot type xfs (rw,relatime,attr2,inode64,logbsize=256k,sunit=512,swidth=512,noquota)
/dev/sda1 on /boot/efi type vfat (rw,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=ascii,shortname=winnt,errors=remount-ro)
/media/iso/CentOS-7-x86_64-DVD-2009.iso on /media/CentOS type iso9660 (ro,relatime) [CentOS 7 x86_64]
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
tmpfs on /run/user/985 type tmpfs (rw,nosuid,nodev,relatime,size=26361736k,mode=700,uid=985,gid=1102)
tmpfs on /run/user/42 type tmpfs (rw,nosuid,nodev,relatime,size=26361736k,mode=700,uid=42,gid=42)
/dev/NMP1 on /sharedata type xfs (rw,relatime,attr2,inode64,logbsize=256k,sunit=512,swidth=512,noquota)
tmpfs on /run/user/26 type tmpfs (rw,nosuid,nodev,relatime,size=26361736k,mode=700,uid=26,gid=1101)
tmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=26361736k,mode=700)

168007 (1) - OpenSSL Installed (Linux)
-
Synopsis
OpenSSL was detected on the remote Linux host.
Description
OpenSSL was detected on the remote Linux host.

The plugin timeout can be set to a custom value other than the plugin's default of 15 minutes via the 'timeout.168007' scanner setting in Nessus 8.15.1 or later.

Please see https://docs.tenable.com/nessus/Content/SettingsAdvanced.htm#Custom for more information.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2022/11/21, Modified: 2024/04/03
Plugin Output

ipaddr (tcp/0)


Nessus detected 7 installs of OpenSSL:

Path : /usr/bin/openssl
Version : 1.0.2k
Associated Package : openssl-1.0.2k-19.el7
Managed by OS : True

Path : /opt/McAfee/agent/lib/tools/libcrypto.so.1.0.0
Version : 1.0.2zg
Associated Package : MFEcma-5.8.0-161.x86_64

Path : /opt/McAfee/ens/esp/lib/libcrypto.so.1.0.0
Version : 1.0.2z
Associated Package : McAfeeESP-10.7.16-843.x86_64

Path : /opt/McAfee/agent/lib/tools/libssl.so.1.0.0
Version : 1.0.2zg
Associated Package : MFEcma-5.8.0-161.x86_64

Path : /usr/lib64/libssl.so.1.0.2k
Version : 1.0.2k
Associated Package : openssl-libs-1.0.2k-19.el7.x86_64

Path : /opt/McAfee/ens/esp/lib/libssl.so.1.0.0
Version : 1.0.2zi
Associated Package : McAfeeESP-10.7.16-843.x86_64

Path : /usr/lib64/libcrypto.so.1.0.2k
Version : 1.0.2k
Associated Package : openssl-libs-1.0.2k-19.el7.x86_64

We are unable to retrieve version info from the following list of OpenSSL files. However, these installs may include their version within the filename or the filename of the Associated Package.

e.g. libssl.so.3 (OpenSSL 3.x), libssl.so.1.1 (OpenSSL 1.1.x)

/usr/lib64/openssl/engines/lib4758cca.so
/usr/lib64/openssl/engines/libubsec.so
/usr/lib64/openssl/engines/libaep.so
/usr/lib64/openssl/engines/libcapi.so
/usr/lib64/openssl/engines/libsureware.so
/usr/lib64/openssl/engines/libpadlock.so
/usr/lib64/openssl/engines/libgmp.so
/usr/lib64/openssl/engines/libatalla.so
/usr/lib64/openssl/engines/libchil.so
/usr/lib64/openssl/engines/libcswift.so
/usr/lib64/openssl/engines/libnuron.so
168980 (1) - Enumerate the PATH Variables
-
Synopsis
Enumerates the PATH variable of the current scan user.
Description
Enumerates the PATH variables of the current scan user.
Solution
Ensure that directories listed here are in line with corporate policy.
Risk Factor
None
Plugin Information
Published: 2022/12/21, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)

Nessus has enumerated the path of the current scan user :

/usr/local/sbin
/usr/local/bin
/usr/sbin
/usr/bin
170170 (1) - Enumerate the Network Interface configuration via SSH
-
Synopsis
Nessus was able to parse the Network Interface data on the remote host.
Description
Nessus was able to parse the Network Interface data on the remote host.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2023/01/19, Modified: 2023/11/17
Plugin Output

ipaddr (tcp/0)

ens1f3:
MAC : d4:f5:ef:a8:83:1f
eno8:
MAC : d4:f5:ef:8c:84:af
ens1f0:
MAC : d4:f5:ef:a8:83:1c
IPv4:
- Address : 192.168.101.41
Netmask : 255.255.255.0
Broadcast : 192.168.101.255
IPv6:
- Address : fe80::d6f5:efff:fea8:831c
Prefixlen : 64
Scope : link
ScopeID : 0x20
eno6:
MAC : d4:f5:ef:8c:84:ad
IPv6:
- Address : fe80::311d:a8a9:5575:76f6
Prefixlen : 64
Scope : link
ScopeID : 0x20
- Address : ipaddr
Prefixlen : 64
Scope : global
ScopeID : 0x0
eno7:
MAC : d4:f5:ef:8c:84:ae
eno5:1:
MAC : d4:f5:ef:8c:84:ac
IPv4:
- Address : 192.168.100.151
Netmask : 255.255.255.0
Broadcast : 192.168.100.255
ens1f1:
MAC : d4:f5:ef:a8:83:1d
ens1f2:
MAC : d4:f5:ef:a8:83:1e
lo:
IPv4:
- Address : 127.0.0.1
Netmask : 255.0.0.0
IPv6:
- Address : ::1
Prefixlen : 128
Scope : host
ScopeID : 0x10
eno5:
MAC : d4:f5:ef:8c:84:ac
IPv4:
- Address : 192.168.100.41
Netmask : 255.255.255.0
Broadcast : 192.168.100.255
IPv6:
- Address : fe80::d6f5:efff:fe8c:84ac
Prefixlen : 64
Scope : link
ScopeID : 0x20
- Address : fd01:e2e2:0:e0c0:d6f5:efff:fe8c:84ac
Prefixlen : 64
Scope : global
ScopeID : 0x0
- Address : fd01:e2e2:0:e0c0::141
Prefixlen : 64
Scope : global
ScopeID : 0x0
- Address : fd01:e2e2:0:e0c0::142
Prefixlen : 64
Scope : global
ScopeID : 0x0
eno5:0:
MAC : d4:f5:ef:8c:84:ac
IPv4:
- Address : 192.168.100.152
Netmask : 255.255.255.0
Broadcast : 192.168.100.255
171410 (1) - IP Assignment Method Detection
-
Synopsis
Enumerates the IP address assignment method(static/dynamic).
Description
Enumerates the IP address assignment method(static/dynamic).
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2023/02/14, Modified: 2024/03/26
Plugin Output

ipaddr (tcp/0)

+ lo
+ IPv4
- Address : 127.0.0.1
Assign Method : static
+ IPv6
- Address : ::1
Assign Method : static
+ ens1f0
+ IPv4
- Address : 192.168.101.41
Assign Method : static
+ IPv6
- Address : fe80::d6f5:efff:fea8:831c
Assign Method : static
+ ens1f1
+ ens1f2
+ ens1f3
+ eno5
+ IPv4
- Address : 192.168.100.41
Assign Method : static
- Address : 192.168.100.152
Assign Method : static
- Address : 192.168.100.151
Assign Method : static
+ IPv6
- Address : fd01:e2e2:0:e0c0::141
Assign Method : static
- Address : fd01:e2e2:0:e0c0::142
Assign Method : static
- Address : fd01:e2e2:0:e0c0:d6f5:efff:fe8c:84ac
Assign Method : dynamic
- Address : fe80::d6f5:efff:fe8c:84ac
Assign Method : static
+ eno6
+ IPv6
- Address : ipaddr
Assign Method : static
- Address : fe80::311d:a8a9:5575:76f6
Assign Method : static
+ eno7
+ eno8
174788 (1) - SQLite Local Detection (Linux)
-
Synopsis
The remote Linux host has SQLite Database software installed.
Description
Version information for SQLite was retrieved from the remote host. SQLite is an embedded database written in C.

- To discover instances of SQLite that are not in PATH, or installed via a package manager, 'Perform thorough tests' setting must be enabled.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2023/04/26, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Nessus detected 2 installs of SQLite:

Path : /usr/bin/sqlite3
Version : 3.7.17

Path : /bin/sqlite3
Version : 3.7.17

Version reported by the package manager.

179200 (1) - Enumerate the Network Routing configuration via SSH
-
Synopsis
Nessus was able to retrieve network routing information from the remote host.
Description
Nessus was able to retrieve network routing information the remote host.
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2023/08/02, Modified: 2023/08/02
Plugin Output

ipaddr (tcp/0)

Gateway Routes:
eno5:
ipv4_gateways:
192.168.100.254:
subnets:
- 0.0.0.0/0
- 0.0.0.0/0
ipv6_gateways:
fe80::4206:d5ff:fe5f:a647:
subnets:
- ::/0
Interface Routes:
eno5:
ipv4_subnets:
- 192.168.100.0/24
- 192.168.100.0/24
ipv6_subnets:
- fd01:e2e2:0:e0c0::/64
- fe80::/64
eno6:
ipv6_subnets:
- fd01:e2e2:0:e0c0::/64
- fe80::/64
ens1f0:
ipv4_subnets:
- 192.168.101.0/24
ipv6_subnets:
- fe80::/64
181418 (1) - OpenSSH Detection
-
Synopsis
An OpenSSH-based SSH server was detected on the remote host.
Description
An OpenSSH-based SSH server was detected on the remote host.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2023/09/14, Modified: 2024/03/27
Plugin Output

ipaddr (tcp/22/ssh)


Service : ssh
Version : 7.4
Banner : SSH-2.0-OpenSSH_7.4
182155 (1) - WebM Project WebP Image Library Installed (Linux)
-
Synopsis
WebM Project WebP Image Library is installed on the remote Linux host.
Description
WebM Project WebP Image Library is installed on the remote Linux host.
Note: Thorough Tests is required for this plugin to run.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2023/09/28, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Path : libwebp (via package manager)
Version : 0.3.0-7
Managed by OS : True
182774 (1) - Curl Installed (Linux / Unix)
-
Synopsis
Curl is installed on the remote Linux / Unix host.
Description
Curl (also known as curl and cURL) is installed on the remote Linux / Unix host.

Additional information:

- More paths will be searched and the timeout for the search will be increased if 'Perform thorough tests' setting is enabled.

- The plugin timeout can be set to a custom value other than the plugin's default of 30 minutes via the 'timeout.182774' scanner setting in Nessus 8.15.1 or later.

Please see https://docs.tenable.com/nessus/Content/SettingsAdvanced.htm#Custom for more information.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2023/10/09, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Path : /usr/bin/curl
Version : 7.29.0
Associated Package : curl-7.29.0-59.el7
Managed by OS : True
182848 (1) - libcurl Installed (Linux / Unix)
-
Synopsis
libcurl is installed on the remote Linux / Unix host.
Description
libcurl is installed on the remote Linux / Unix host.

Additional information:

- More paths will be searched and the timeout for the search will be increased if 'Perform thorough tests' setting is enabled.

- The plugin timeout can be set to a custom value other than the plugin's default of 30 minutes via the 'timeout.182774' scanner setting in Nessus 8.15.1 or later.

Please see https://docs.tenable.com/nessus/Content/SettingsAdvanced.htm#Custom for more information.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2023/10/10, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Nessus detected 3 installs of libcurl:

Path : /opt/McAfee/agent/lib/tools/libcurl.so.4.7.0
Version : 7.80.0
Associated Package : MFEcma-5.8.0-161.x86_64

Path : /usr/lib64/libcurl.so.4.3.0
Version : 7.29.0
Associated Package : libcurl-7.29.0-59.el7
Managed by OS : True

Path : /opt/McAfee/ens/esp/lib/libcurl.so.4.8.0
Version : 8.0.1
Associated Package : McAfeeESP-10.7.16-843.x86_64
186361 (1) - VMWare Tools or Open VM Tools Installed (Linux)
-
Synopsis
VMWare Tools or Open VM Tools were detected on the remote Linux host.
Description
VMWare Tools or Open VM Tools were detected on the remote Linux host.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2023/11/28, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Path : /usr/bin/vmtoolsd
Version : 11.0.5
189731 (1) - Vim Installed (Linux)
-
Synopsis
Vim is installed on the remote Linux host.
Description
Vim is installed on the remote Linux host.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2024/01/29, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Path : /usr/bin/vim
Version : 7.4
192709 (1) - Tukaani XZ Utils Installed (Linux / Unix)
-
Synopsis
Tukaani XZ Utils is installed on the remote Linux / Unix host.
Description
Tukaani XZ Utils is installed on the remote Linux / Unix host.

XZ Utils consists of several components, including:
- liblzma
- xz

Additional information:

- More paths will be searched and the timeout for the search will be increased if 'Perform thorough tests' setting is enabled.

- The plugin timeout can be set to a custom value other than the plugin's default of 30 minutes via the 'timeout.182774' scanner setting in Nessus 8.15.1 or later.

Please see https://docs.tenable.com/nessus/Content/SettingsAdvanced.htm#Custom for more information.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2024/03/29, Modified: 2024/04/02
Plugin Output

ipaddr (tcp/0)


Nessus detected 2 installs of XZ Utils:

Path : /usr/lib64/liblzma.so.5.2.2
Version : 5.2.2
Associated Package : xz-libs-5.2.2-1.el7.x86_64

Path : /usr/bin/xz
Version : 5.2.2
Associated Package : xz-5.2.2-1.el7.x86_64
193143 (1) - Linux Time Zone Information
-
Synopsis
Nessus was able to collect and report time zone information from the remote host.
Description
Nessus was able to collect time zone information from the remote Linux host.
Solution
None
Risk Factor
None
Plugin Information
Published: 2024/04/10, Modified: 2024/04/10
Plugin Output

ipaddr (tcp/0)

Via date: JST +0900
Via timedatectl: Time zone: Asia/Tokyo (JST, +0900)
Via /etc/localtime: JST-9
193272 (1) - Open Information Security Foundation Suricata Installed (Linux)
-
Synopsis
Open Information Security Foundation Suricata is installed on the remote Linux host.
Description
Open Information Security Foundation Suricata is installed on the remote Linux host.
See Also
Solution
n/a
Risk Factor
None
Plugin Information
Published: 2024/04/12, Modified: 2024/04/12
Plugin Output

ipaddr (tcp/0)


Path : /usr/bin/
Version : unknown
Compliance 'FAILED'
Compliance 'SKIPPED'
Compliance 'PASSED'
Compliance 'INFO', 'WARNING', 'ERROR'
Remediations
Suggested Remediations
Taking the following actions across 1 hosts would resolve 94% of the vulnerabilities on the network.
Action to take Vulns Hosts
CentOS 7 : firefox (RHSA-2024:1486): Update the affected firefox package. 249 1
CentOS 7 : kernel (RHSA-2024:0346): Update the affected packages. 69 1
CentOS 7 : java-1.8.0-openjdk (RHSA-2024:0223): Update the affected packages. 53 1
CentOS 7 : xorg-x11-server (RHSA-2024:0320): Update the affected packages. 32 1
CentOS 7 : expat (CESA-2022:6834): Update the affected expat, expat-devel and / or expat-static packages. 13 1
CentOS 7 : gdm / libX11 / libxkbcommon / xorg-x11-drv-ati / xorg-x11-drv-vesa / etc (CESA-2019:2079): Update the affected packages. 13 1
CentOS 7 : bind (RHSA-2023:5691): Update the affected packages. 12 1
CentOS 7 : nss (RHSA-2023:1332): Update the affected packages. 12 1
CentOS 7 : tigervnc (RHSA-2024:0006): Update the affected packages. 11 1
CentOS 7 : microcode_ctl (CESA-2021:3028): Update the affected microcode_ctl package. 9 1
CentOS 7 : samba (RHSA-2023:1090): Update the affected packages. 8 1
CentOS 7 : python (RHSA-2023:6885): Update the affected packages. 6 1
Apache Log4j 2.0 < 2.3.2 / 2.4 < 2.12.4 / 2.13 < 2.17.1 RCE: Upgrade to Apache Log4j version 2.17.1, 2.12.4, or 2.3.2 or later, or apply the vendor mitigation. Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions. 5 1
CentOS 7 : open-vm-tools (RHSA-2023:7279): Update the affected packages. 5 1
CentOS 7 : openssl (RHSA-2023:1335): Update the affected packages. 5 1
CentOS 7 : qemu-kvm (CESA-2021:2322): Update the affected packages. 5 1
CentOS 7 : git (RHSA-2023:3263): Update the affected packages. 4 1
CentOS 7 : linux-firmware (RHSA-2024:0753): Update the affected packages. 4 1
CentOS 7 : log4j (CESA-2022:0442): Update the affected log4j, log4j-javadoc and / or log4j-manual packages. 4 1
CentOS 7 : python3 (RHSA-2023:6823): Update the affected packages. 4 1
CentOS 7 : dnsmasq (CESA-2021:0153): Update the affected dnsmasq and / or dnsmasq-utils packages. 3 1
CentOS 7 : flatpak (CESA-2021:4044): Update the affected packages. 3 1
CentOS 7 : glibc (CESA-2021:0348): Update the affected packages. 3 1
CentOS 7 : perl (CESA-2021:0343): Update the affected packages. 3 1
CentOS 7 : freerdp (CESA-2021:4619): Update the affected packages. 2 1
CentOS 7 : krb5 (CESA-2022:8640): Update the affected packages. 2 1
CentOS 7 : libX11 (CESA-2021:3296): Update the affected libX11, libX11-common and / or libX11-devel packages. 2 1
CentOS 7 : openldap (CESA-2022:0621): Update the affected packages. 2 1
CentOS 7 : openssh (RHSA-2023:4382): Update the affected packages. 2 1
CentOS 7 : sssd (RHSA-2023:0403): Update the affected packages. 2 1
CentOS 7 : sudo (RHSA-2023:0291): Update the affected sudo and / or sudo-devel packages. 2 1
CentOS 7 : zlib (RHSA-2023:1095): Update the affected packages. 2 1
CentOS 7 : apr-util (RHSA-2023:3145): Update the affected packages. 1 1
CentOS 7 : binutils (CESA-2021:4033): Update the affected binutils and / or binutils-devel packages. 1 1
CentOS 7 : c-ares (RHSA-2023:3741): Update the affected c-ares and / or c-ares-devel packages. 1 1
CentOS 7 : cups (RHSA-2023:4766): Update the affected packages. 1 1
CentOS 7 : curl (CESA-2020:5002): Update the affected curl, libcurl and / or libcurl-devel packages. 1 1
CentOS 7 : cyrus-sasl (CESA-2022:0666): Update the affected packages. 1 1
CentOS 7 : device-mapper-multipath (CESA-2022:7186): Update the affected packages. 1 1
CentOS 7 : dhcp (CESA-2021:2357): Update the affected packages. 1 1
CentOS 7 : emacs (RHSA-2023:3481): Update the affected packages. 1 1
CentOS 7 : freetype (CESA-2020:4907): Update the affected freetype, freetype-demos and / or freetype-devel packages. 1 1
CentOS 7 : gd (CESA-2020:5443): Update the affected gd, gd-devel and / or gd-progs packages. 1 1
CentOS 7 : glib2 (CESA-2021:2147): Update the affected packages. 1 1
CentOS 7 : gstreamer-plugins-bad-free (RHSA-2024:0279): Update the affected gstreamer-plugins-bad-free, gstreamer-plugins-bad-free-devel and / or gstreamer-plugins-bad-free- devel-docs packages. 1 1
CentOS 7 : gstreamer1-plugins-bad-free (RHSA-2024:0013): Update the affected gstreamer1-plugins-bad-free, gstreamer1-plugins-bad-free-devel and / or gstreamer1-plugins-bad-free- gtk packages. 1 1
CentOS 7 : gzip (CESA-2022:2191): Update the affected gzip package. 1 1
CentOS 7 : libXpm (RHSA-2023:0377): Update the affected libXpm and / or libXpm-devel packages. 1 1
CentOS 7 : libcroco (CESA-2020:4072): Update the affected libcroco and / or libcroco-devel packages. 1 1
CentOS 7 : libexif (CESA-2020:5402): Update the affected libexif, libexif-devel and / or libexif-doc packages. 1 1
CentOS 7 : libldb (CESA-2021:1072): Update the affected packages. 1 1
CentOS 7 : libsndfile (CESA-2021:3295): Update the affected libsndfile, libsndfile-devel and / or libsndfile-utils packages. 1 1
CentOS 7 : libssh2 (RHSA-2023:5615): Update the affected libssh2, libssh2-devel and / or libssh2-docs packages. 1 1
CentOS 7 : libvirt (CESA-2020:5040): Update the affected packages. 1 1
CentOS 7 : libwebp (RHSA-2023:2077): Update the affected packages. 1 1
CentOS 7 : libxml2 (CESA-2021:3810): Update the affected packages. 1 1
CentOS 7 : net-snmp (CESA-2020:5350): Update the affected packages. 1 1
CentOS 7 : nettle (CESA-2021:1145): Update the affected nettle and / or nettle-devel packages. 1 1
CentOS 7 : polkit (CESA-2022:0274): Update the affected polkit, polkit-devel and / or polkit-docs packages. 1 1
CentOS 7 : python-rtslib (CESA-2020:5435): Update the affected python-rtslib and / or python-rtslib-doc packages. 1 1
CentOS 7 : qt and qt5-qtbase (CESA-2020:5021): Update the affected packages. 1 1
CentOS 7 : rpm (CESA-2021:4785): Update the affected packages. 1 1
CentOS 7 : rsync (CESA-2022:6170): Update the affected rsync package. 1 1
CentOS 7 : spice and spice-gtk (CESA-2020:4187): Update the affected packages. 1 1
CentOS 7 : systemd (CESA-2022:6160): Update the affected packages. 1 1
CentOS 7 : tomcat (CESA-2020:5020): Update the affected packages. 1 1
CentOS 7 : wpa_supplicant (CESA-2021:0808): Update the affected wpa_supplicant package. 1 1
SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795): Contact the vendor for an update with the strict key exchange countermeasures or disable the affected algorithms. 1 1
Trellix Agent < 5.8.1 Buffer Overflow Vulnerability (SB10416): Upgrade to McAfee Agent version 5.8.1 or later. 1 1
CentOS 7 : xz (CESA-2022:5052): Update the affected packages. 0 1
© 2024 Tenable™, Inc. All rights reserved.