NetSupport Manager < 11.00.0005

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by an
information disclosure vulnerability.

Description :

The installed version of NetSupport Manager is prior to 11.00.0005. It
is, therefore, affected by an information disclosure vulnerability due
to bundled vulnerable versions of NetSupport Manager clients, and
controls that reveal sensitive information such as IP and MAC
addresses in cleartext HTTP headers while communicating with
NetSupport Manager Gateway. By monitoring traffic between NetSuppor
Manager clients and NetSupport Manager Gateway, an attacker can gain
sensitive information about the client machine.

See also :

http://www.nessus.org/u?92cb9630

Solution :

Upgrade to NetSupport Manager 11.00.0005 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.6
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 50547 ()

Bugtraq ID: 44629

CVE ID: CVE-2010-4184

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now