VULHUB ™

Nessus is reported to be vulnerable to an insecure temporary file creation vulnerability. This vulnerability presents itself in the 'nessus-adduser' script. This script is used to add users to the Nessus application. These users are independent of the system user database, and are used to define access roles and limits in the application. When creating new users, Nessus insecurely creates a temporary file. A non-privileged user with interactive access could overwrite any file on the system with superuser privileges. The attacker does not control the data being written, just the location of the file. An attacker could also exploit this issue to modify the rules assigned to the new nessus user, allowing or denying access to scan hosts within Nessus. Versions of 2.0.x prior to 2.0.12 and the experimental version 2.1.0 are reported to be vulnerable to this issue.

Nessus is reported to be vulnerable to an insecure temporary file creation vulnerability. This vulnerability presents itself in the 'nessus-adduser' script. This script is used to add users to the Nessus application. These users are independent of the system user database, and are used to define access roles and limits in the application. When creating new users, Nessus insecurely creates a temporary file. A non-privileged user with interactive access could overwrite any file on the system with superuser privileges. The attacker does not control the data being written, just the location of the file. An attacker could also exploit this issue to modify the rules assigned to the new nessus user, allowing or denying access to scan hosts within Nessus. Versions of 2.0.x prior to 2.0.12 and the experimental version 2.1.0 are reported to be vulnerable to this issue.