97952

https://www.tenable.com/security/tns-2017-10

The version of Nessus Agent installed on the remote host is 6.10.x prior to 6.10.5. It is, therefore, affected by the following vulnerabilities :

  - A denial of service vulnerability exists in the agent     mode functionality due to insecure permissions. An     authenticated, remote attacker can exploit this, via a     specially crafted sequence of events, to prevent the     agent from conducting scans. (CVE-2017-7849)

  - A local privilege escalation vulnerability exists in the     agent mode functionality due to insecure permissions. A     local attacker can exploit this, via a specially crafted     sequence of events, to gain elevated privileges.
    (CVE-2017-7850)

CVE-2017-7850

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins