The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 93a1c9a7-5bef-11ec-a47a-001517a2e1a4 advisory.

  - Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect     against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log     messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup     substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. In previous     releases (>2.10) this behavior can be mitigated by setting system property log4j2.formatMsgNoLookups to     true or by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar     org/apache/logging/log4j/core/lookup/JndiLookup.class). Java 8u121 (see     https://www.oracle.com/java/technologies/javase/8u121-relnotes.html) protects against remote code     execution by defaulting com.sun.jndi.rmi.object.trustURLCodebase and     com.sun.jndi.cosnaming.object.trustURLCodebase to false. (CVE-2021-44228)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5192-1 advisory.

  - Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect     against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log     messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup     substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. In previous     releases (>2.10) this behavior can be mitigated by setting system property log4j2.formatMsgNoLookups to     true or it can be mitigated in prior releases (<2.10) by removing the JndiLookup class from the     classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).
    (CVE-2021-44228)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host appears to be running an SMTP server. SMTP itself is not vulnerable to Log4Shell; however, the SMTP server could potentially be affected if it attempts to log data via a vulnerable log4j library.

This plugin requires that both the scanner and target machine have internet access.

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1577-1 advisory.

  - Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 JNDI features used in configuration, log     messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints.
    An attacker who can control log messages or log message parameters can execute arbitrary code loaded from     LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been     disabled by default. From version 2.16.0, this functionality has been completely removed. Note that this     vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging     Services projects. (CVE-2021-44228)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host appears to be running POP3. POP3 itself is not vulnerable to Log4Shell; however, the POP3 server could potentially be affected if it attempts to log data via a vulnerable log4j library.

This plugin requires that both the scanner and target machine have internet access.

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:4109-1 advisory.

  - Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 JNDI features used in configuration, log     messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints.
    An attacker who can control log messages or log message parameters can execute arbitrary code loaded from     LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been     disabled by default. From version 2.16.0, this functionality has been completely removed. Note that this     vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging     Services projects. (CVE-2021-44228)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host appears to be running SNMP. SNMP itself is not vulnerable to Log4Shell; however, the SNMP server could potentially be affected if it attempts to log data via a vulnerable log4j library.

This plugin requires that both the scanner and target machine have internet access.

A remote code execution vulnerability exists in Apache Log4j < 2.15.0 due to insufficient protections on message lookup substitutions when dealing with user controlled input. A remote, unauthenticated attacker can explolit this, via a web request to execute arbitrary code with the permission level of the running Java process.

The version of Apache JSPWiki running on the remote web server is affected by a remote code execution vulnerability in the bundled Apache Log4j logging library. Apache Log4j is vulnerable due to insufficient protections on message lookup substitutions when dealing with user controlled input. A remote, unauthenticated attacker can exploit this, via a web request, to execute arbitrary code with the permission level of the running Java process.

This plugin requires that both the scanner and target machine have internet access.

The remote host appears to be running MSRPC. MSRPC itself is not vulnerable to Log4Shell; however, the MSRPC server could potentially be affected if it attempts to log data via a vulnerable log4j library.

This plugin requires that both the scanner and target machine have internet access.

ID	Name	Product	Family	Published	Updated	Severity
159065	FreeBSD : openhab -- log4j remote code injection (93a1c9a7-5bef-11ec-a47a-001517a2e1a4)	Nessus	FreeBSD Local Security Checks	3/18/2022	11/6/2023	critical
156054	Ubuntu 18.04 LTS / 20.04 LTS : Apache Log4j 2 vulnerability (USN-5192-1)	Nessus	Ubuntu Local Security Checks	12/14/2021	10/16/2023	critical
156132	Apache Log4Shell RCE detection via callback correlation (Direct Check SMTP)	Nessus	SMTP problems	12/17/2021	5/20/2024	critical
156146	openSUSE 15 Security Update : log4j (openSUSE-SU-2021:1577-1)	Nessus	SuSE Local Security Checks	12/17/2021	2/17/2023	critical
156157	Apache Log4Shell RCE detection via callback correlation (Direct Check POP3)	Nessus	Misc.	12/17/2021	5/20/2024	critical
156180	openSUSE 15 Security Update : logback (openSUSE-SU-2021:4109-1)	Nessus	SuSE Local Security Checks	12/18/2021	2/17/2023	critical
156256	Apache Log4Shell RCE detection via callback correlation (Direct Check SNMP)	Nessus	Misc.	12/23/2021	5/20/2024	critical
156257	Apache Log4Shell RCE detection via callback correlation (Direct Check DNS)	Nessus	DNS	12/23/2021	5/20/2024	critical
156558	Apache JSPWiki Log4Shell Direct Check (CVE-2021-44228)	Nessus	CGI abuses	1/7/2022	5/20/2024	critical
156559	Apache Log4Shell RCE detection via callback correlation (Direct Check RPCBIND)	Nessus	RPC	1/7/2022	5/20/2024	critical
156669	Apache Log4Shell RCE detection via callback correlation (Direct Check MSRPC)	Nessus	Misc.	1/12/2022	5/20/2024	critical

Detections

Analytics

Plugins Search

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical