The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3339 advisory.

    The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard     math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system.
    Without these libraries, the Linux system cannot function correctly.

    Security Fix(es):

    * glibc: Out of bounds write in iconv conversion to ISO-2022-CN-EXT     (CVE-2024-2961)

    * glibc: stack-based buffer overflow in netgroup cache (CVE-2024-33599)

    * glibc: null pointer dereferences after failed netgroup cache insertion     (CVE-2024-33600)

    * glibc: netgroup cache may terminate daemon on memory allocation failure     (CVE-2024-33601)

    * glibc: netgroup cache assumes NSS callback uses in-buffer strings     (CVE-2024-33602)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3588 advisory.

    The glibc packages provide the standard C libraries (libc), POSIX thread     libraries (libpthread), standard math libraries (libm), and the name service     cache daemon (nscd) used by multiple programs on the system. Without these     libraries, the Linux system cannot function correctly.

    Security Fix(es):

    * glibc: Out of bounds write in iconv may lead to remote code execution     (CVE-2024-2961)

    * glibc: stack-based buffer overflow in netgroup cache (CVE-2024-33599)

    * glibc: null pointer dereferences after failed netgroup cache insertion     (CVE-2024-33600)

    * glibc: netgroup cache may terminate daemon on memory allocation failure     (CVE-2024-33601)

    * glibc: netgroup cache assumes NSS callback uses in-buffer strings     (CVE-2024-33602)

    For more details about the security issue(s), including the impact,     a CVSS score, acknowledgments, and other related information, refer     to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1977-1 advisory.

    - nscd: Release read lock after resetting timeout
    - nscd: Fix use-after-free in addgetnetgrentX (BZ #23520)
    - CVE-2024-33599; nscd: Stack-based buffer overflow in netgroup cache (bsc#1223423, BZ #31677)
    - CVE-2024-33600; nscd: Avoid null pointer crashes after notfound response (bsc#1223424, BZ #31678)
    - CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bsc#1223424, BZ #31678)
    - CVE-2024-33601, CVE-2024-33602: netgroup: Use two buffers in addgetnetgrentX (bsc#1223425, BZ #31680)
    - CVE-2024-33602: Use time_t for return type of addgetnetgrentX (bsc#1223425)
    - CVE-2024-2961: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence     (bsc#1222992)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3339 advisory.

    * glibc: Out of bounds write in iconv conversion to ISO-2022-CN-EXT     (CVE-2024-2961)

    * glibc: stack-based buffer overflow in netgroup cache (CVE-2024-33599)

    * glibc: null pointer dereferences after failed netgroup cache insertion     (CVE-2024-33600)

    * glibc: netgroup cache may terminate daemon on memory allocation failure     (CVE-2024-33601)

    * glibc: netgroup cache assumes NSS callback uses in-buffer strings     (CVE-2024-33602)

Tenable has extracted the preceding description block directly from the Rocky Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to     it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to     crash an application or overwrite a neighbouring variable.(CVE-2024-2961)

    nscd: Stack-based buffer overflow in netgroup cache.If the Name Service Cache Daemon's (nscd) fixed size     cache is exhausted by client requests then a subsequent client request for netgroup data may result in a     stack-based buffer overflow.  This flaw was introduced in glibc 2.15 when the cache was added to nscd.This     vulnerability is only present in the nscd binary.(CVE-2024-33599)

    nscd: Null pointer crashes after notfound response.If the Name Service Cache Daemon's (nscd) cache fails     to add a not-found netgroup response to the cache, the client request can result in a null pointer     dereference.  This flaw was introduced in glibc 2.15 when the cache was added to nscd.This vulnerability     is only present in the nscd binary.(CVE-2024-33600)

    nscd: netgroup cache may terminate daemon on memory allocation failure.The Name Service Cache Daemon's     (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a     memory allocation failure resulting in a denial of service to the clients.  The flaw was introduced in     glibc 2.15 when the cache was added to nscd.This vulnerability is only present in the nscd     binary.(CVE-2024-33601)

    nscd: netgroup cache assumes NSS callback uses in-buffer strings.The Name Service Cache Daemon's (nscd)     netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided     buffer.The flaw was introduced in glibc 2.15 when the cache was added to nscd.This vulnerability is only     present in the nscd binary.(CVE-2024-33602)

Tenable has extracted the preceding description block directly from the EulerOS glibc security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

    nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size     cache is exhausted by client requests then a subsequent client request for netgroup data may result in a     stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This     vulnerability is only present in the nscd binary.(CVE-2024-33599)

    nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's     (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a     memory allocation failure resulting in a denial of service to the clients.  The flaw was introduced in     glibc 2.15 when the cache was added to nscd.This vulnerability is only present in the nscd     binary.(CVE-2024-33601)

    nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails     to add a not-found netgroup response to the cache, the client request can result in a null pointer     dereference.  This flaw was introduced in glibc 2.15 when the     cache was added to nscd.This vulnerability is only present in the nscd binary.(CVE-2024-33600)

    nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd)     netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided     buffer.The flaw was introduced in glibc 2.15 when the cache was added to nscd.This vulnerability is only     present in the nscd binary.(CVE-2024-33602)

    The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to     it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to     crash an application or overwrite a neighbouring variable.(CVE-2024-2961)

Tenable has extracted the preceding description block directly from the EulerOS Virtualization glibc security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0580 advisory.

    Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:

    CVE-2024-33601:
    A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate     the process due to a memory allocation failure.

    CVE-2024-33599:
    A stack-based buffer overflow flaw was found in the glibc netgroup cache. In certain conditions, its     possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and     potentially other malicious actions that impact confidentiality and integrity.

    CVE-2024-33600:
    A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to     send the non-existing response after the not-found header. This can lead to a None pointer dereference     that causes a crash or exit.

    CVE-2024-33602:
    A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all     string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a     crash.

    CVE-2024-2961:
    The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to     it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to     crash an application or overwrite a neighbouring variable.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote NewStart CGSL host, running version MAIN 7.02, has glibc packages installed that are affected by multiple vulnerabilities:

  - A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This     function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was     not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0])     is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue     affects glibc 2.36 and newer. (CVE-2023-6246)

  - A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and     the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048     bytes can potentially disclose stack contents through the function returned address data, and may cause a     crash. (CVE-2023-4527)

  - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that     has been freed, resulting in an application crash. This issue is only exploitable when a NSS module     implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the
    _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the     call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and     AI_V4MAPPED as flags. (CVE-2023-4806)

  - A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the     GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted     GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with     elevated privileges. (CVE-2023-4911)

  - A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a     memory leak, which may result in an application crash. (CVE-2023-5156)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

nscd: Stack-based buffer overflow in netgroup cache    If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted  by client requests then a subsequent client request for netgroup data  may result in a stack-based buffer overflow.  This flaw was introduced  in glibc 2.15 when the cache was added to nscd.    This vulnerability is only present in the nscd binary.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

ID	Name	Product	Family	Published	Updated	Severity
197813	RHEL 9 : glibc (RHSA-2024:3339)	Nessus	Red Hat Local Security Checks	5/23/2024	10/6/2025	high
200095	RHEL 7 : glibc (RHSA-2024:3588)	Nessus	Red Hat Local Security Checks	6/4/2024	10/6/2025	high
200409	SUSE SLES15 Security Update : glibc (SUSE-SU-2024:1977-1)	Nessus	SuSE Local Security Checks	6/12/2024	10/6/2025	high
200561	Rocky Linux 9 : glibc (RLSA-2024:3339)	Nessus	Rocky Linux Local Security Checks	6/14/2024	10/6/2025	high
200700	Oracle Linux 7 : glibc (ELSA-2024-12442)	Nessus	Oracle Linux Local Security Checks	6/18/2024	10/6/2025	high
202421	EulerOS 2.0 SP10 : glibc (EulerOS-SA-2024-1883)	Nessus	Huawei Local Security Checks	7/15/2024	10/6/2025	high
205953	EulerOS Virtualization 2.11.0 : glibc (EulerOS-SA-2024-2179)	Nessus	Huawei Local Security Checks	8/20/2024	10/6/2025	high
239671	TencentOS Server 4: glibc (TSSA-2024:0580)	Nessus	Tencent Local Security Checks	6/16/2025	11/20/2025	high
242700	NewStart CGSL MAIN 7.02 : glibc Multiple Vulnerabilities (NS-SA-2025-0171)	Nessus	NewStart CGSL Local Security Checks	7/25/2025	7/25/2025	high
503933	Siemens SIMATIC S7-1500 Stack-based Buffer Overflow (CVE-2024-33599)	Tenable OT Security	Tenable.ot	11/13/2025	11/13/2025	high

Detections

Analytics

Plugins Search

high

high

high

high

high

high

high

high

high

high