VULHUB ™

Nessus has reported that various flaws have been discovered in the 'libnasl' library used by the Nessus application. As a result, a malicious NASL script may be able to break outside of the established sandbox environment and execute arbitrary commands on the local system. Note that this malicious script must be a legitimate plugin that has been uploaded to the Nessus server. Furthermore, the affected Nessus application must have enabled the 'plugins_upload' option (which is disabled by default).

Nessus has reported that various flaws have been discovered in the 'libnasl' library used by the Nessus application. As a result, a malicious NASL script may be able to break outside of the established sandbox environment and execute arbitrary commands on the local system. Note that this malicious script must be a legitimate plugin that has been uploaded to the Nessus server. Furthermore, the affected Nessus application must have enabled the 'plugins_upload' option (which is disabled by default).