Debian dsa-6375 : fastnetmon - security update

critical Nessus Plugin ID 324923

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 13 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-6375 advisory.

- ------------------------------------------------------------------------- Debian Security Advisory DSA-6375-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 02, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : fastnetmon CVE ID : CVE-2026-48683 CVE-2026-48684 CVE-2026-48685 CVE-2026-48686 CVE-2026-48687 CVE-2026-48688 CVE-2026-48689 CVE-2026-48690 CVE-2026-48691 CVE-2026-48694 CVE-2026-48695 CVE-2026-48696

Multiple security issues have been discovered in FastNetMon, a fast DDoS analyzer: TLS connections were insufficently validated and malformed Netflow/sFlow traffic could result in denial of service.

For the stable distribution (trixie), these problems have been fixed in version 1.2.9-0+deb13u1.

We recommend that you upgrade your fastnetmon packages.

For the detailed security status of fastnetmon please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/fastnetmon

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: [email protected]

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the fastnetmon packages.

See Also

https://packages.debian.org/source/trixie/fastnetmon

https://security-tracker.debian.org/tracker/CVE-2026-48683

https://security-tracker.debian.org/tracker/CVE-2026-48684

https://security-tracker.debian.org/tracker/CVE-2026-48685

https://security-tracker.debian.org/tracker/CVE-2026-48686

https://security-tracker.debian.org/tracker/CVE-2026-48687

https://security-tracker.debian.org/tracker/CVE-2026-48688

https://security-tracker.debian.org/tracker/CVE-2026-48689

https://security-tracker.debian.org/tracker/CVE-2026-48690

https://security-tracker.debian.org/tracker/CVE-2026-48691

https://security-tracker.debian.org/tracker/CVE-2026-48694

https://security-tracker.debian.org/tracker/CVE-2026-48695

https://security-tracker.debian.org/tracker/CVE-2026-48696

https://security-tracker.debian.org/tracker/source-package/fastnetmon

Plugin Details

Severity: Critical

ID: 324923

File Name: debian_DSA-6375.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 7/2/2026

Updated: 7/2/2026

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.9

Percentile: 96.96

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-48691

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:fastnetmon, cpe:/o:debian:debian_linux:13.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/2/2026

Vulnerability Publication Date: 5/26/2026

Reference Information

CVE: CVE-2026-48683, CVE-2026-48684, CVE-2026-48685, CVE-2026-48686, CVE-2026-48687, CVE-2026-48688, CVE-2026-48689, CVE-2026-48690, CVE-2026-48691, CVE-2026-48694, CVE-2026-48695, CVE-2026-48696