Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2017-7199

Nessus was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode. This may allow an attacker to gain administrative privileges on the system hosting a Nessus agent. This is tracked internally as NES-6023.

Source

Tenable has released Nessus version 6.10.4 that corresponds to the supported operating systems and architectures. To update your Nessus installation, follow these steps:

Download the appropriate installation file to the system hosting Nessus Professional or Nessus Manager, available at the Tenable Support Portal (https://support.tenable.com/support-center/index.php?x=&mod_id=200)
Stop the Nessus service.
Install according to your operating system procedures.
Restart the Nessus service.

Note that only agents are impacted by this vulnerability, not scanners. If Nessus Manager is updated then auto updates will be deployed to the agents as well. If the agent is on Tenable.io then all of the agents will receive the updates.

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

[R3] Nessus 6.10.4 Fixes One Vulnerability

Synopsis

Solution

Vulmon Search

About

Products

Connect