Potentially Dangerous PATH Variables

medium Nessus Plugin ID 172180

Language:

Version 1.84 Mar 30, 2024, 4:20 PM New Plugin Feed: 202403301620
Version 1.83 Mar 30, 2024, 1:01 AM New Plugin Feed: 202403300101
Version 1.81 Mar 19, 2024, 6:40 PM Logic Changes (Improving logging to reduce disk space usage) Plugin Feed: 202403191840
Version 1.77 Mar 5, 2024, 2:40 PM Detection (improved file verification for Windows Agents) Plugin Feed: 202403051440
Version 1.76 Mar 5, 2024, 1:15 AM Logic Changes (Report structured data for Microsoft Exchange checks.. Report structured data for RPM version checks.) Plugin Feed: 202403050115
Version 1.71 Feb 9, 2024, 11:22 AM New Plugin Feed: 202402091122
Version 1.70 Jan 16, 2024, 8:55 PM Logic Changes (Improving debug logging) Plugin Feed: 202401162055
Version 1.68 Jan 16, 2024, 5:39 PM Detection (Add carrier grade NAT IPs to the IPv4 private address ranges.. Support privacy mode DCOM over Kerberos) Logic Changes (Improving debug logging) Plugin Feed: 202401161739
Version 1.66 Jan 15, 2024, 9:56 AM Detection (improved regex) Plugin Feed: 202401150956
Version 1.65 Jan 8, 2024, 6:41 PM Detection (retooled detection to better handle managed installs) Plugin Feed: 202401081841
Version 1.61 Dec 11, 2023, 6:11 PM Detection (Fix error handling for find_cmd. Remove bash error from the output of commands that timed out) Plugin Feed: 202312111811
Version 1.60 Dec 6, 2023, 12:08 AM Logic Changes (Fixes bug in special case shell handling logic.) Plugin Feed: 202312060008
Version 1.59 Dec 5, 2023, 9:49 PM Logic Changes (Fixes bug in special case shell handling logic.) Plugin Feed: 202312052149
Version 1.57 Nov 28, 2023, 11:17 AM Detection (Fixing detection of Cisco Firepower devices) Plugin Feed: 202311281117
Version 1.56 Nov 27, 2023, 6:11 PM Detection (No longer fall back to the legacy SSH library. Only use the old library explicitly.) Plugin Feed: 202311271811
Version 1.55 Nov 14, 2023, 4:21 PM Detection (Support SHA2 based encryption for Kerberos) Plugin Feed: 202311141621
Version 1.55 Nov 27, 2023, 4:16 PM Detection (No longer fall back to the legacy SSH library. Only use the old library explicitly.) Plugin Feed: 202311271616
Version 1.53 Oct 30, 2023, 1:08 PM Detection (Fixed detection of JUNOS) Plugin Feed: 202310301308
Version 1.52 Oct 25, 2023, 5:17 PM Detection (Handle SSH exec hang and pagination ctrl codes for PanOS) Plugin Feed: 202310251717
Version 1.50 Oct 18, 2023, 7:26 PM New Plugin Feed: 202310181926
Version 1.43 Oct 9, 2023, 8:58 PM New Plugin Feed: 202310092058
Version 1.41 Oct 4, 2023, 11:07 PM Detection (Fixed Cisco Firepower detection) Plugin Feed: 202310042307
Version 1.40 Oct 3, 2023, 9:02 PM Detection (Added Alma Linux to package association checks) Plugin Feed: 202310032102
Version 1.39 Sep 26, 2023, 8:16 PM Logic Changes Plugin Feed: 202309262016
Version 1.37 Aug 9, 2023, 11:01 PM Logic Changes Plugin Feed: 202308092301
Version 1.33 Jul 31, 2023, 8:08 PM Logic Changes Plugin Feed: 202307312008
Version 1.31 Jul 24, 2023, 7:10 PM Logic Changes (added debugging) Plugin Feed: 202307241910
Version 1.29 Jul 17, 2023, 5:15 PM Logic Changes (Make torture_cgi library PCP clean and consolidate utf16_to_ascii(). Permit CIDR entries in target priority list) Plugin Feed: 202307171715
Version 1.27 Jul 10, 2023, 7:11 PM Logic Changes (Restrict ClientHello ciphersuites by encapsulation) Plugin Feed: 202307101911
Version 1.26 Jul 5, 2023, 9:03 PM Logic Changes (added ingestion and ability of target priority lists for SSH credentials) Plugin Feed: 202307052103
Version 1.24 Jun 20, 2023, 9:07 PM Logic Changes (Temporarily limit debug logging) Plugin Feed: 202306202107
Version 1.19 Jun 9, 2023, 12:10 AM Logic Changes (Fix two function returns) Plugin Feed: 202306090010
Version 1.17 Jun 1, 2023, 5:27 AM Logic Changes (Better logging) Plugin Feed: 202306010527
Version 1.16 May 23, 2023, 1:57 PM Detection Plugin Feed: 202305231357
Version 1.15 May 18, 2023, 1:08 AM Detection (Port Alcatel-Lucent OmniSwitch support from ssh_get_info.nasl to ssh_lib as a rate limited device.) Plugin Feed: 202305180108
Version 1.13 May 16, 2023, 7:02 PM Detection (Authenticate WMI/DCOM using Kerberos credentials.) Plugin Feed: 202305161902
Version 1.11 May 4, 2023, 4:01 PM Logic Changes (Add KB item for downstream use) Plugin Feed: 202305041601
Version 1.9 May 1, 2023, 9:07 PM Detection (Make and use compatibility wrapper for running commands on scanner localhost to handle deprecation of pread().) Plugin Feed: 202305012107
Version 1.7 Apr 25, 2023, 11:11 PM Plugin metadata (Add note about paranoia being required for Windows) Plugin Feed: 202304252311
Version 1.6 Apr 14, 2023, 10:10 AM Logic Changes (Add more output to Windows detection) Detection (require paranoia for Windows path detection) Plugin Feed: 202304141010
Version 1.5 Apr 6, 2023, 6:58 PM Detection (Add Kerberos debug logging) Plugin Feed: 202304061858
Version 1.4 Mar 23, 2023, 2:01 PM Plugin metadata (More detail about when plugin will fire) Logic Changes (Output the identity groups that can write to the path) Plugin Feed: 202303231401
Version 1.3 Mar 14, 2023, 2:09 PM Logic Changes (Remove thorough tests attribute) Plugin Feed: 202303141409
Version 1.1 Mar 8, 2023, 2:20 PM Plugin metadata (Add detail to description) Plugin Feed: 202303081420
Version 1.0 Mar 7, 2023, 2:00 PM New Plugin Feed: 202303071400

* Changelogs are generally available for changes made after Nov 1, 2022

Detections

Analytics

Potentially Dangerous PATH Variables

medium Nessus Plugin ID 172180