検出

XZ Utils SSH バックドアへのサイバーエクスポージャーの可能性 (CVE-2024-3094)

critical Nessus プラグイン ID 192708

Language:

バージョン 1.53

Oct 23, 2024, 3:47 PM

  • Plugin metadata (update thorough_tests attribute)

Plugin Feed: 202410231547

バージョン 1.49

Oct 10, 2024, 11:57 PM

  • New

Plugin Feed: 202410102357

バージョン 1.48

Oct 10, 2024, 4:58 AM

  • Detection (Change dir to $HOME before find commands to handle weird find behavior with escalation.)

Plugin Feed: 202410100458

バージョン 1.47

Oct 9, 2024, 5:56 PM

  • Logic Changes (Corrects vulnerability-finding structured data tags to include the port.)

Plugin Feed: 202410091756

バージョン 1.43

Oct 3, 2024, 6:29 PM

  • Detection (Adding hardware constraint support to VCF and UCF)

Plugin Feed: 202410031829

バージョン 1.42

Oct 2, 2024, 4:10 PM

  • Logic Changes (Adds structured data reports to a subset of manual plugins.)

Plugin Feed: 202410021610

バージョン 1.41

Sep 26, 2024, 4:34 PM

  • Detection (adding package association overrides)

Plugin Feed: 202409261634

バージョン 1.40

Sep 25, 2024, 3:12 PM

  • Detection (Adding support for user-supplied timeout value for the find command.)

Plugin Feed: 202409251512

バージョン 1.37

Sep 11, 2024, 5:35 PM

  • New (Detects QUIC servers running on the target. Implement a NASL QUIC library to support detection of HTTP/3 and possibly more)

Plugin Feed: 202409111735

バージョン 1.36

Sep 10, 2024, 4:59 PM

  • New

Plugin Feed: 202409101659

バージョン 1.35

Sep 3, 2024, 11:47 PM

  • Logic Changes (additional data collection for runtime scanning. fixed logic bug causing potential false negatives. fixed logic bug causing potential false positives. fixed logic bug with potential to break cyberark logins)

Plugin Feed: 202409032347

バージョン 1.33

Sep 3, 2024, 5:26 PM

  • Detection (Support for Aruba CPPM SSH based local checks)

Plugin Feed: 202409031726

バージョン 1.32

Aug 14, 2024, 8:33 PM

  • Logic Changes (Endianness fix in Kerberos authentication for SCAP scanning)

Plugin Feed: 202408142033

バージョン 1.31

Aug 14, 2024, 2:40 AM

  • New
  • Plugin requirements (Trusted)

Plugin Feed: 202408140240

バージョン 1.29

Aug 8, 2024, 4:43 PM

  • Logic Changes (Support OpenSSH private key formats for authentication.)

Plugin Feed: 202408081643

バージョン 1.25

Jul 24, 2024, 6:31 PM

  • Logic Changes (Modernize SSH usage to optimize behavior on Nessus Agents.. adding AI family)

Plugin Feed: 202407241831

バージョン 1.24

Jul 23, 2024, 9:24 PM

  • New

Plugin Feed: 202407232124

バージョン 1.22

Jul 17, 2024, 11:02 PM

  • Logic Changes

Plugin Feed: 202407172302

バージョン 1.21

Jul 6, 2024, 12:22 AM

  • Detection (Changes to support Juniper Session Smart Router)

Plugin Feed: 202407060022

バージョン 1.20

Jul 5, 2024, 9:04 PM

  • Detection (Adding detection of Juniper SSR devices)

Plugin Feed: 202407052104

バージョン 1.19

Jun 27, 2024, 9:09 PM

  • New (Deploy nessus_utils binaries on the Nessus Agent)

Plugin Feed: 202406272109

バージョン 1.16

Jun 21, 2024, 6:31 PM

  • Detection (updated detection for SonicOS devices)

Plugin Feed: 202406211831

バージョン 1.15

Jun 21, 2024, 2:16 PM

  • Logic Changes

Plugin Feed: 202406211416

バージョン 1.14

Jun 14, 2024, 7:07 PM

  • Logic Changes (added additional check for command failures.)

Plugin Feed: 202406141907

バージョン 1.12

Jun 7, 2024, 12:28 PM

  • IAVM reference
  • STIG Severity

Plugin Feed: 202406071228

バージョン 1.10

May 20, 2024, 10:13 AM

  • Logic Changes

Plugin Feed: 202405201013

バージョン 1.9

May 9, 2024, 6:10 PM

  • New

Plugin Feed: 202405091810

バージョン 1.6

Apr 3, 2024, 1:48 PM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C")
  • Exploit attributes ("Exploited by malware" set to "True")

Plugin Feed: 202404031348

バージョン 1.5

Apr 2, 2024, 10:16 PM

  • Detection (added alternative commands for IOC detection)

Plugin Feed: 202404022216

バージョン 1.3

Apr 1, 2024, 3:13 PM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True". "Exploitability ease" set to "Exploits are available")

Plugin Feed: 202404011513

バージョン 1.2

Mar 31, 2024, 9:46 PM

  • Detection (tightening of the check for return conditions from the hexdump command)

Plugin Feed: 202403312146

バージョン 1.1

Mar 30, 2024, 4:20 PM

  • New

Plugin Feed: 202403301620

バージョン 1.0

Mar 30, 2024, 1:01 AM

  • New

Plugin Feed: 202403300101

* Changelogs are generally available for changes made after Nov 1, 2022