© 2017 Blackfort Technology

Ernst-Robert-Curtius-Str. 8a

53117 Bonn

Informationssicherheit & Datenschutz


 


Issue
-----
NVT:    SSH Weak MAC Algorithms Supported
OID:    1.3.6.1.4.1.25623.1.0.105610
Threat: Low (CVSS: 2.6)
Port:   22/tcp

Summary:
The remote SSH server is configured to allow weak MD5 and/or 96-bit MAC algorith!
ms.

Vulnerability Detection Result:
The following weak client-to-server MAC algorithms are supported by the remote s!
ervice:
hmac-md5
hmac-md5-96
hmac-sha1-96
The following weak server-to-client MAC algorithms are supported by the remote s!
ervice:
hmac-md5
hmac-md5-96
hmac-sha1-96

Solution:
Solution type: Mitigation
Disable the weak MAC algorithms.

Vulnerability Detection Method:
Details:
SSH Weak MAC Algorithms Supported
(OID: 1.3.6.1.4.1.25623.1.0.105610)
Version used: $Revision: 4490 $


Issue
-----
NVT:    Subversion Binary Delta Processing Multiple Integer Overflow Vulnerabilities
OID:    1.3.6.1.4.1.25623.1.0.101104
Threat: High (CVSS: 8.5)
Port:   general/tcp

Product detection result: cpe:/a:subversion:subversion:1
Detected by: Subversion Version Detection (OID: 1.3.6.1.4.1.25623.1.0.101103)

Summary:
The host is installed with Subversion and is prone to
  multiple Integer Overflow Vulnerabilities.

Vulnerability Detection Result:
Installed version: 
Fixed version:     1.5.7/1.6.4

Impact:
Attackers can exploit these issues to compromise an application using the librar!
y
  or crash the application, resulting into a denial of service conditions.
  Impact Level: Application

Solution:
Solution type: VendorFix
Apply the patch or Upgrade to Subversion version 1.5.7 or 1.6.4
  http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt
  http://subversion.tigris.org/project_packages.html
  *****
  NOTE: Please ignore this warning if the patch is applied.
  *****

Affected Software/OS:
Subversion version 1.5.6 and prior
  Subversion version 1.6.0 through 1.6.3

Vulnerability Insight:
The flaws are due to input validation errors in the processing of svndiff
  streams in the 'libsvn_delta' library.

Vulnerability Detection Method:
Details:
Subversion Binary Delta Processing Multiple Integer Overflow Vulnerabilities
(OID: 1.3.6.1.4.1.25623.1.0.101104)
Version used: $Revision: 5122 $

Product Detection Result:
Product:cpe:/a:subversion:subversion:1

Method:Subversion Version Detection
(OID: 1.3.6.1.4.1.25623.1.0.101103)

References:
CVE: CVE-2009-2411
BID: 35983
CERT: DFN-CERT-2009-1133
, DFN-CERT-2009-1099
, DFN-CERT-2009-1098
, DFN-CERT-2009-1092
, DFN-CERT-2009-1089

Other:
    http://secunia.com/advisories/36184/
    http://securitytracker.com/alerts/2009/Aug/1022697.html
    http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt


Issue
-----
NVT:    Subversion Version Detection
OID:    1.3.6.1.4.1.25623.1.0.101103
Threat: Log (CVSS: 0.0)
Port:   general/tcp

Summary:
Detection of installed version of Subversion.
The script logs in via ssh, searches for executable 'svnversion' and
queries the found executables via command line option '--version'.

Vulnerability Detection Result:
Detected Subversion version: 1
Location: /usr/local/bin/svnversion
stderr
CPE: cpe:/a:subversion:subversion:1
Concluded from version identification result:
exported
stderr is not a tty - where are you?
/bin/sh: line 1: stderr: command not found

Log Method:
Details:
Subversion Version Detection
(OID: 1.3.6.1.4.1.25623.1.0.101103)
Version used: $Revision: 2833 $


Issue
-----
NVT:    Subversion Version Detection
OID:    1.3.6.1.4.1.25623.1.0.101103
Threat: Log (CVSS: 0.0)
Port:   general/tcp

Summary:
Detection of installed version of Subversion.
The script logs in via ssh, searches for executable 'svnversion' and
queries the found executables via command line option '--version'.

Vulnerability Detection Result:
Detected Subversion version: 5.97
Location: tty
CPE: cpe:/a:subversion:subversion:5.97
Concluded from version identification result:
tty (GNU coreutils) 5.97
Copyright (C) 2006 Free Software Foundation, Inc.
This is free software.  You may redistribute copies of it under the terms of
the GNU General Public License <http://www.gnu.org/licenses/gpl.html>.
There is NO WARRANTY, to the extent permitted by law.
Written by David MacKenzie.
stderr is not a tty - where are you?

Log Method:
Details:
Subversion Version Detection
(OID: 1.3.6.1.4.1.25623.1.0.101103)
Version used: $Revision: 2833 $


Issue
-----
NVT:    Sun Java JDK/JRE Multiple Vulnerabilities - Aug09
OID:    1.3.6.1.4.1.25623.1.0.800867
Threat: High (CVSS: 10.0)
Port:   general/tcp

Summary:
This host is installed with Sun Java JDK/JRE and is prone to
  multiple vulnerabilities.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation could allows remote attacker to gain privileges via
  untrusted applet or Java Web Start application in the context of the affected
  system.
  Impact Level: System/Application

Solution:
Upgrade to JDK/JRE version 6 Update 15 or 5 Update 20
  http://java.sun.com/javase/downloads/index.jsp
  http://java.sun.com/javase/downloads/index_jdk5.jsp
  or
  Apply the patch from below link,
  http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1
  http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1
  http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1
  *****
  NOTE: Ignore this warning if above mentioned patch is already applied.
  *****

Affected Software/OS:
Sun Java JDK/JRE version 6 before Update 15 or 5.0 before Update 20

Vulnerability Insight:
Refer to the reference links for more information on the vulnerabilities.

Vulnerability Detection Method:
Details:
Sun Java JDK/JRE Multiple Vulnerabilities - Aug09
(OID: 1.3.6.1.4.1.25623.1.0.800867)
Version used: $Revision: 4869 $

References:
CVE: CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2475, CVE-2009-2689
BID: 35939,  35943,  35944
CERT: DFN-CERT-2010-0144
, DFN-CERT-2009-1609
, DFN-CERT-2009-1581
, DFN-CERT-2009-1552
, DFN-CERT-2009-1492
, DFN-CERT-2009-1452
, DFN-CERT-2009-1213
, DFN-CERT-2009-1167
, DFN-CERT-2009-1090
, DFN-CERT-2009-1080
, DFN-CERT-2009-1078
, DFN-CERT-2009-1077
, DFN-CERT-2009-1073
, DFN-CERT-2009-1059
, DFN-CERT-2009-1056
, DFN-CERT-2009-1055

Other:
    http://secunia.com/advisories/36159
    http://secunia.com/advisories/36162
    http://secunia.com/advisories/36180
    http://secunia.com/advisories/36199
    http://java.sun.com/javase/6/webnotes/6u15.html
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
    http://sunsolve.sun.com/search/document.do?assetkey=1-66-263408-1
    http://sunsolve.sun.com/search/document.do?assetkey=1-66-263409-1
    http://sunsolve.sun.com/search/document.do?assetkey=1-66-263488-1


Issue
-----
NVT:    Sun Java JDK/JRE Multiple Vulnerabilities - Nov09 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.800975
Threat: High (CVSS: 9.3)
Port:   general/tcp

Summary:
This host is installed with Sun Java JDK/JRE and is prone to
  multiple vulnerabilities.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation allows remote attacker to execute arbitrary code,
  gain escalated privileges, bypass security restrictions and cause denial
  of service attacks inside the context of the affected system.
  Impact Level: System/Application.

Solution:
Solution type: VendorFix
Upgrade to JDK/JRE version 6 Update 17 or later,
  http://java.sun.com/javase/downloads/index.jsp
  OR
  Upgrade to JDK/JRE version 5 Update 22
  http://java.sun.com/javase/downloads/index_jdk5.jsp
  OR
  Upgrade to JDK/JRE version 1.4.2_24
  http://java.sun.com/j2se/1.4.2/download.html
  OR
  Upgrade to JDK/JRE version 1.3.1_27
  http://java.sun.com/j2se/1.3/download.html

Affected Software/OS:
Sun Java JDK/JRE 6 prior to 6 Update 17
  Sun Java JDK/JRE 5 prior to 5 Update 22
  Sun Java JDK/JRE 1.4.x prior to 1.4.2_24
  Sun Java JDK/JRE 1.3.x prior to 1.3.1_27 on Linux.

Vulnerability Insight:
Multiple flaws occur due to,
  - Error when decoding 'DER' encoded data and parsing HTTP headers.
  - Error when verifying 'HMAC' digests.
  - Integer overflow error in the 'JPEG JFIF' Decoder while processing
    malicious image files.
  - A buffer overflow error in the 'setDiffICM()' and 'setBytePixels()'
    functions in the Abstract Window Toolkit (AWT).
  - Unspecified error due to improper parsing of color profiles of images.
  - A buffer overflow error due to improper implementation of the
    'HsbParser.getSoundBank()' function.
  - Three unspecified errors when processing audio or image files.

Vulnerability Detection Method:
Details:
Sun Java JDK/JRE Multiple Vulnerabilities - Nov09 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.800975)
Version used: $Revision: 4869 $

References:
CVE: CVE-2009-3877, CVE-2009-3876, CVE-2009-3875, CVE-2009-3873, CVE-2009-3874, CVE-2009-3872, CVE-2009-3871, CVE-2009-3869, CVE-2009-3868, CVE-2009-3867
BID: 36881
CERT: DFN-CERT-2012-1377
, DFN-CERT-2011-1420
, DFN-CERT-2010-0603
, DFN-CERT-2010-0176
, DFN-CERT-2010-0144
, DFN-CERT-2010-0047
, DFN-CERT-2010-0046
, DFN-CERT-2010-0034
, DFN-CERT-2009-1830
, DFN-CERT-2009-1745
, DFN-CERT-2009-1733
, DFN-CERT-2009-1635
, DFN-CERT-2009-1620
, DFN-CERT-2009-1616
, DFN-CERT-2009-1598
, DFN-CERT-2009-1597
, DFN-CERT-2009-1543

Other:
    http://secunia.com/advisories/37231
    http://java.sun.com/javase/6/webnotes/6u17.html
    http://www.vupen.com/english/advisories/2009/3131


Issue
-----
NVT:    Sun Java JRE Multiple Vulnerabilities (Linux)
OID:    1.3.6.1.4.1.25623.1.0.800386
Threat: High (CVSS: 10.0)
Port:   general/tcp

Summary:
This host is installed with Sun Java JRE and is prone to
  Multiple Vulnerabilities.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation allows remote attacker to cause XSS, arbitrary code
  execution, various buffer overflows, bypass security restrictions and can
  cause denial of service attacks inside the context of the affected system.
  Impact Level: System

Solution:
Solution type: VendorFix
Upgrade to JDK/JRE version 6 Update 13
  http://java.sun.com/javase/downloads/index.jsp
  OR
  Upgrade to JDK/JRE version 5 Update 18
  http://java.sun.com/javase/downloads/index_jdk5.jsp
  OR
  Upgrade to SDK/JRE version 1.4.2_20
  http://java.sun.com/j2se/1.4.2/download.html
  OR
  Upgrade to SDK/JRE version 1.3.1_25
  http://java.sun.com/j2se/1.3/download.html

Affected Software/OS:
Sun Java JRE 6 Update 12 and prior.
  Sun Java JRE 5.0 Update 17 and prior.
  Sun Java JRE 1.4.2_19 and prior.
  Sun Java JRE 1.3.1_24 and prior.

Vulnerability Insight:
For more information about vulnerabilities on Sun Java go through reference.

Vulnerability Detection Method:
Details:
Sun Java JRE Multiple Vulnerabilities (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.800386)
Version used: $Revision: 4869 $

References:
CVE: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, CVE-2009-1107
BID: 34240
CERT: DFN-CERT-2010-0144
, DFN-CERT-2009-1481
, DFN-CERT-2009-1076
, DFN-CERT-2009-1046

Other:
    http://secunia.com/advisories/34489
    http://rhn.redhat.com/errata/RHSA-2009-0394.html
    http://sunsolve.sun.com/search/document.do?assetkey=1-66-254569-1
    http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html


Issue
-----
NVT:    Sun Java Products Version Detection (Linux)
OID:    1.3.6.1.4.1.25623.1.0.800385
Threat: Log (CVSS: 0.0)
Port:   general/tcp

Summary:
Detection of installed version of Java products
  on Linux systems. It covers Sun Java, IBM Java and GCJ.
  The script logs in via ssh, searches for executables 'javaaws' and
  'java' and queries the found executables via command line option '-fullversion!
'.

Vulnerability Detection Result:
Detected Sun Java JRE
Version:  1.5.0_06-b05
Location: /usr/lib/java/bin/java
CPE:      cpe:/a:sun:jre:1.5.0_06
Concluded from version/product identification result:
1.5.0_06-b05

Log Method:
Details:
Sun Java Products Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.800385)
Version used: $Revision: 5943 $


Issue
-----
NVT:    Sun Java Products Version Detection (Linux)
OID:    1.3.6.1.4.1.25623.1.0.800385
Threat: Log (CVSS: 0.0)
Port:   general/tcp

Summary:
Detection of installed version of Java products
  on Linux systems. It covers Sun Java, IBM Java and GCJ.
  The script logs in via ssh, searches for executables 'javaaws' and
  'java' and queries the found executables via command line option '-fullversion!
'.

Vulnerability Detection Result:
Detected Sun Java JRE
Version:  1.5.0_06-b05
Location: /usr/lib/java/jre/bin/java
CPE:      cpe:/a:sun:jre:1.5.0_06
Concluded from version/product identification result:
1.5.0_06-b05

Log Method:
Details:
Sun Java Products Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.800385)
Version used: $Revision: 5943 $


Issue
-----
NVT:    Sun Java SE Multiple Unspecified Vulnerabilities
OID:    1.3.6.1.4.1.25623.1.0.900819
Threat: High (CVSS: 10.0)
Port:   general/tcp

Summary:
This host is installed with Sun Java SE and is prone to multiple
  unspecified vulnerabilities.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Impact is unknow.
  Impact Level: System/Application

Solution:
Upgrade to Java SE version 5 Update 20
  http://java.sun.com/javase/downloads/index_jdk5.jsp
  or
  Apply the patch from below link,
  http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1
  *****
  NOTE: Ignore this warning if above mentioned patch is already applied.
  *****

Affected Software/OS:
Sun Java SE version 5.0 before Update 20

Vulnerability Insight:
Refer to the SunSolve bugId 6406003/6429594/6444262 for more information.

Vulnerability Detection Method:
Details:
Sun Java SE Multiple Unspecified Vulnerabilities
(OID: 1.3.6.1.4.1.25623.1.0.900819)
Version used: $Revision: 5122 $

References:
CVE: CVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724
Other:
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html


Issue
-----
NVT:    Sun Java SE Unspecified Vulnerability In JDK/JRE/SDK - Aug09
OID:    1.3.6.1.4.1.25623.1.0.800869
Threat: Medium (CVSS: 6.8)
Port:   general/tcp

Summary:
This host is installed with Sun Java JDK/JRE/SDK and is prone to
  unspecified vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
An attacker may leverage this issue by modifying or creating of files on
  the affected application.
  Impact Level: System/Application

Solution:
Upgrade to JDK/JRE version 6 Update 15 or 5 Update 20
  http://java.sun.com/javase/downloads/index.jsp
  http://java.sun.com/javase/downloads/index_jdk5.jsp
  or
  Upgrade to SDK/JRE version 1.4.2_22
  http://java.sun.com/j2se/1.4.2/download.html
  or
  Apply the patch from below link,
  http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1
  *****
  NOTE: Ignore this warning if above mentioned patch is already applied.
  *****

Affected Software/OS:
Sun Java JDK/JRE version 6 before Update 15 or 5.0 before Update 20
  Sun Java SDK/JRE version prior to 1.4.2_22

Vulnerability Insight:
Unspecified vulnerability exists in 'JNLPAppletlauncher' class, which can
  be exploited via vectors involving an untrusted Java applet.

Vulnerability Detection Method:
Details:
Sun Java SE Unspecified Vulnerability In JDK/JRE/SDK - Aug09
(OID: 1.3.6.1.4.1.25623.1.0.800869)
Version used: $Revision: 4869 $

References:
CVE: CVE-2009-2676
BID: 35946
CERT: DFN-CERT-2010-0144
, DFN-CERT-2009-1609
, DFN-CERT-2009-1581
, DFN-CERT-2009-1552
, DFN-CERT-2009-1492
, DFN-CERT-2009-1090
, DFN-CERT-2009-1077
, DFN-CERT-2009-1073
, DFN-CERT-2009-1060

Other:
    http://secunia.com/advisories/36159
    http://sunsolve.sun.com/search/document.do?assetkey=1-66-263490-1


Issue
-----
NVT:    TCP Sequence Number Approximation Reset Denial of Service Vulnerability
OID:    1.3.6.1.4.1.25623.1.0.902815
Threat: Medium (CVSS: 5.0)
Port:   general/tcp

Summary:
The host is running TCP services and is prone to denial of service
  vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation will allow remote attackers to guess sequence numbers
  and cause a denial of service to persistent TCP connections by repeatedly inje!
cting a TCP RST packet.

Solution:
Please see the referenced advisories for more information on obtaining
  and applying fixes.

Affected Software/OS:
TCP/IP v4

Vulnerability Insight:
The flaw is triggered when spoofed TCP Reset packets are received by the
  targeted TCP stack and will result in loss of availability for the attacked TC!
P services.

Vulnerability Detection Method:
A TCP Reset packet with a different sequence number is sent to
  the target. A previously open connection is then checked to see if the target !
closed it or not.
Details:
TCP Sequence Number Approximation Reset Denial of Service Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.902815)
Version used: $Revision: 5912 $

References:
CVE: CVE-2004-0230
BID: 10183
CERT: CB-K15/0080
, CB-K14/1162
, CB-K14/0852
, DFN-CERT-2017-0719
, DFN-CERT-2017-0305
, DFN-CERT-2017-0249
, DFN-CERT-2017-0171
, DFN-CERT-2015-0082
, DFN-CERT-2014-1217
, DFN-CERT-2014-0890

Other:
    http://xforce.iss.net/xforce/xfdb/15886
    http://www.us-cert.gov/cas/techalerts/TA04-111A.html
    http://www-01.ibm.com/support/docview.wss?uid=isg1IY55949
    http://www-01.ibm.com/support/docview.wss?uid=isg1IY55950
    http://www-01.ibm.com/support/docview.wss?uid=isg1IY62006
    http://www.microsoft.com/technet/security/Bulletin/MS05-019.mspx
    http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx
    http://www.cisco.com/en/US/products/csa/cisco-sa-20040420-tcp-nonios.html
    http://www.cisco.com/en/US/products/csa/cisco-sa-20040420-tcp-nonios.html


Issue
-----
NVT:    TCP timestamps
OID:    1.3.6.1.4.1.25623.1.0.80091
Threat: Low (CVSS: 2.6)
Port:   general/tcp

Summary:
The remote host implements TCP timestamps and therefore allows to compute
  the uptime.

Vulnerability Detection Result:
It was detected that the host implements RFC1323.
The following timestamps were retrieved with a delay of 1 seconds in-between:
Packet 1: 1892570
Packet 2: 1892836

Impact:
A side effect of this feature is that the uptime of the remote
  host can sometimes be computed.

Solution:
Solution type: Mitigation
To disable TCP timestamps on linux add the line 'net.ipv4.tcp_timestamps = 0' to
  /etc/sysctl.conf. Execute 'sysctl -p' to apply the settings at runtime.
  To disable TCP timestamps on Windows execute 'netsh int tcp set global timesta!
mps=disabled'
  Starting with Windows Server 2008 and Vista, the timestamp can not be complete!
ly disabled.
  The default behavior of the TCP/IP stack on this Systems is to not use the
  Timestamp options when initiating TCP connections, but use them if the TCP pee!
r
  that is initiating communication includes them in their synchronize (SYN) segm!
ent.
  See also: http://www.microsoft.com/en-us/download/details.aspx?id=9152

Affected Software/OS:
TCP/IPv4 implementations that implement RFC1323.

Vulnerability Insight:
The remote host implements TCP timestamps, as defined by RFC1323.

Vulnerability Detection Method:
Special IP packets are forged and sent with a little delay in between to the
  target IP. The responses are searched for a timestamps. If found, the timestam!
ps are reported.
Details:
TCP timestamps
(OID: 1.3.6.1.4.1.25623.1.0.80091)
Version used: $Revision: 5740 $

References:
Other:
    http://www.ietf.org/rfc/rfc1323.txt


Issue
-----
NVT:    TFTP detection
OID:    1.3.6.1.4.1.25623.1.0.80100
Threat: Log (CVSS: 0.0)
Port:   69/udp

Summary:
The remote host has a TFTP server running. TFTP stands 
  for Trivial File Transfer Protocol.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Solution:
Disable TFTP server if not used.

Log Method:
Details:
TFTP detection
(OID: 1.3.6.1.4.1.25623.1.0.80100)
Version used: $Revision: 5515 $


Issue
-----
NVT:    Tor 'Relay Early' Traffic Confirmation Attack Vunerability oct14 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.804934
Threat: Medium (CVSS: 5.8)
Port:   general/tcp

Product detection result: cpe:/a:tor:tor:0.1.1.26.
Detected by: Tor Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.900418)

Summary:
This host is installed with Tor browser
  and is prone to information disclosure vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation will allow attackers
  to manipulate protocol headers and perform traffic confirmation attack.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to version 0.2.4.23 or
  0.2.5.6-alpha or later, For updates refer to https://www.torproject.org

Affected Software/OS:
Tor browser before 0.2.4.23 and 0.2.5
  before 0.2.5.6-alpha on Linux

Vulnerability Insight:
Flaw exists due to an error
  in the handling of sequences of Relay and Relay Early commands.

Vulnerability Detection Method:
Get the installed version with the help of
  detect NVT and check the version is vulnerable or not.
Details:
Tor 'Relay Early' Traffic Confirmation Attack Vunerability oct14 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.804934)
Version used: $Revision: 3555 $

Product Detection Result:
Product:cpe:/a:tor:tor:0.1.1.26.

Method:Tor Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.900418)

References:
CVE: CVE-2014-5117
BID: 68968
CERT: CB-K14/1087
, CB-K14/0940
, DFN-CERT-2014-1138
, DFN-CERT-2014-0984

Other:
    http://xforce.iss.net/xforce/xfdb/95053
    https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack


Issue
-----
NVT:    TOR Privilege Escalation Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.900424
Threat: High (CVSS: 9.3)
Port:   general/tcp

Summary:
This host is installed with TOR and is prone to Privilege
  Escalation vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation will let the attacker gain privileges and escalate
  the privileges in malicious ways.

Solution:
Solution type: VendorFix
Upgrade to the latest version 0.2.0.32
  http://www.torproject.org/download.html.en

Affected Software/OS:
Tor version 0.2.0.31 or prior.

Vulnerability Insight:
The flaws are due to,
  - an application does not properly drop privileges to the primary groups
    of the user specified by the User Parameter.
  - a ClientDNSRejectInternalAddresses configuration option is not always
    enforced which weaknesses the application security.

Vulnerability Detection Method:
Details:
TOR Privilege Escalation Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.900424)
Version used: $Revision: 4557 $

References:
CVE: CVE-2008-5397, CVE-2008-5398
BID: 32648
Other:
    http://www.torproject.org
    http://secunia.com/advisories/33025


Issue
-----
NVT:    Tor Unspecified Heap Based Buffer Overflow Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.902332
Threat: High (CVSS: 10.0)
Port:   general/tcp

Summary:
This host is installed with Tor and is prone to heap based buffer overflow
  vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation will allow remote attackers to execute arbitrary
  code in the context of the user running the application. Failed exploit
  attempts will likely result in denial-of-service conditions.
  Impact level: Application

Solution:
Solution type: VendorFix
Upgrade to version 0.2.1.28 or 0.2.2.20-alpha or later
  http://www.torproject.org/download/download.html.en

Affected Software/OS:
Tor version prior to 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha on Linux.

Vulnerability Insight:
The issue is caused by an unknown heap overflow error when processing
  user-supplied data, which can be exploited to cause a heap-based buffer
  overflow.

Vulnerability Detection Method:
Details:
Tor Unspecified Heap Based Buffer Overflow Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.902332)
Version used: $Revision: 3114 $

References:
CVE: CVE-2010-1676
BID: 45500
CERT: DFN-CERT-2010-1765
, DFN-CERT-2010-1749

Other:
    http://secunia.com/advisories/42536
    http://www.vupen.com/english/advisories/2010/3290


Issue
-----
NVT:    Tor Unspecified Remote Memory Corruption Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.800350
Threat: High (CVSS: 10.0)
Port:   general/tcp

Summary:
This host is installed with Tor and is prone to unspecified remote
  Memory Corruption vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
A remote attcker can execute arbitrary code on the target system and
  can cause denial-of-service.
  Impact level: Application

Solution:
Solution type: VendorFix
Upgrade to version 0.2.0.33 or later
  https://www.torproject.org/download-unix.html.en

Affected Software/OS:
Tor version prior to 0.2.0.33 on Linux.

Vulnerability Insight:
Due to unknown impact, remote attachers can trigger heap corruption on
  the application.

Vulnerability Detection Method:
Details:
Tor Unspecified Remote Memory Corruption Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.800350)
Version used: $Revision: 4892 $

References:
CVE: CVE-2009-0414
BID: 33399
Other:
    http://secunia.com/advisories/33635
    http://secunia.com/advisories/33677
    http://securitytracker.com/alerts/2009/Jan/1021633.html
    http://blog.torproject.org/blog/tor-0.2.0.33-stable-released


Issue
-----
NVT:    Tor Version Detection (Linux)
OID:    1.3.6.1.4.1.25623.1.0.900418
Threat: Log (CVSS: 0.0)
Port:   general/tcp

Summary:
Detection of installed version of Tor.
  The script logs in via ssh, searches for executable 'tor' and
  queries the found executables via command line option '--version'.

Vulnerability Detection Result:
Detected Tor
Version:  0.1.1.26.
Location: /usr/local/bin/tor
CPE:      cpe:/a:tor:tor:0.1.1.26.
Concluded from version/product identification result:
0.1.1.26.

Log Method:
Details:
Tor Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.900418)
Version used: $Revision: 2725 $


Issue
-----
NVT:    Traceroute
OID:    1.3.6.1.4.1.25623.1.0.51662
Threat: Log (CVSS: 0.0)
Port:   general/tcp

Summary:
A traceroute from the scanning server to the target system was
  conducted. This traceroute is provided primarily for informational
  value only. In the vast majority of cases, it does not represent a
  vulnerability. However, if the displayed traceroute contains any
  private addresses that should not have been publicly visible, then you
  have an issue you need to correct.

Vulnerability Detection Result:
Here is the route from 192.168.27.32 to 192.168.27.45:
192.168.27.32
192.168.27.45

Solution:
Block unwanted packets from escaping your network.

Log Method:
Details:
Traceroute
(OID: 1.3.6.1.4.1.25623.1.0.51662)
Version used: $Revision: 5390 $


Issue
-----
NVT:    Turnkey eBook Store 'keywords' Parameter Cross Site Scripting Vulnerability
OID:    1.3.6.1.4.1.25623.1.0.100098
Threat: Medium (CVSS: 5.0)
Port:   80/tcp

Summary:
Turnkey eBook Store is prone to a cross-site scripting vulnerability.
  An attacker may leverage this issue to execute arbitrary script code
  in the browser of an unsuspecting user in the context of the affected
  site and to steal cookie-based authentication credentials.
  Turnkey eBook Store 1.1 is vulnerable
 other versions may also be
  affected.

Vulnerability Detection Result:
Vulnerable url: http://192.168.27.45/beef/hook/index.php?cmd=search&keywords="><!
script>alert(document.cookie);</script>

Solution:
Solution type: VendorFix

Vulnerability Detection Method:
Details:
Turnkey eBook Store 'keywords' Parameter Cross Site Scripting Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.100098)
Version used: $Revision: 5768 $

References:
BID: 34324


Issue
-----
NVT:    VLC Media Player '.AVI' File BOF Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.902707
Threat: Medium (CVSS: 6.8)
Port:   general/tcp

Summary:
The host is installed with VLC Media Player and is prone to buffer
  overflow vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation could allow attackers to execute arbitrary code in
  the context of the application. Failed attacks will cause denial-of-service
  conditions.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to the VLC media player version 1.1.11 or later,
  For updates refer to http://www.videolan.org/

Affected Software/OS:
VLC media player version prior to 1.1.11 on Linux.

Vulnerability Insight:
The flaw is due to an integer underflow error when parsing the 'strf'
  chunk within AVI files can be exploited to cause a heap-based buffer
  overflow.

Vulnerability Detection Method:
Details:
VLC Media Player '.AVI' File BOF Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.902707)
Version used: $Revision: 5351 $

References:
CVE: CVE-2011-2588
BID: 48664
Other:
    http://secunia.com/advisories/45066
    http://xforce.iss.net/xforce/xfdb/68532
    http://www.videolan.org/security/sa1106.html


Issue
-----
NVT:    VLC Media Player '.mkv' Code Execution Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.902339
Threat: High (CVSS: 9.3)
Port:   general/tcp

Summary:
The host is installed with VLC Media Player and is prone to
  arbitrary code execution vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation could allow attackers to execute arbitrary code by
  tricking a user into opening a specially crafted MKV file.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to the VLC media player version 1.1.7 or later,
  For updates refer to http://download.videolan.org/pub/videolan/vlc/

Affected Software/OS:
VLC media player version 1.1.6.1 and prior on Linux

Vulnerability Insight:
The flaw is due to an input validation error within the 'MKV_IS_ID'
  macro in 'modules/demux/mkv/mkv.hpp' of the MKV demuxer, when parsing the
  MKV file.

Vulnerability Detection Method:
Details:
VLC Media Player '.mkv' Code Execution Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.902339)
Version used: $Revision: 3570 $

References:
CVE: CVE-2011-0531
BID: 46060
CERT: DFN-CERT-2011-0184

Other:
    http://xforce.iss.net/xforce/xfdb/65045
    http://www.securitytracker.com/id?1025018


Issue
-----
NVT:    VLC Media Player 'AMV' Denial of Service Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.802118
Threat: Medium (CVSS: 6.8)
Port:   general/tcp

Summary:
The host is installed with VLC Media Player and is prone to denial
of service vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation could allow attackers to cause a denial
of service or possibly execute arbitrary code via a malformed AMV file.
Impact Level: System/Application

Solution:
Solution type: VendorFix
Upgrade to VLC media player version 1.1.10 or later,
For updates refer to http://www.videolan.org/vlc/

Affected Software/OS:
VLC media player version 1.1.9 and prior on Linux.

Vulnerability Insight:
The flaw is due to error while handling 'sp5xdec.c' in the
Sunplus SP5X JPEG decoder in libavcodec, performs a write operation outside the
bounds of an unspecified array.

Vulnerability Detection Method:
Details:
VLC Media Player 'AMV' Denial of Service Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.802118)
Version used: $Revision: 3117 $

References:
CVE: CVE-2011-1931
BID: 47602
Other:
    http://www.securityfocus.com/archive/1/517706
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339


Issue
-----
NVT:    VLC Media Player 'CDG decoder' multiple buffer overflow vulnerabilities (Linux)
OID:    1.3.6.1.4.1.25623.1.0.801727
Threat: High (CVSS: 9.3)
Port:   general/tcp

Summary:
The host is installed with VLC Media Player and is prone multiple
  buffer overflow vulnerabilities.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation could allow attackers to crash the affected
  application, or execute arbitrary code by convincing a user to open a
  malicious CD+G (CD+Graphics) media file or visit a specially crafted web
  page.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to the VLC media player version 1.1.6 or later,
  For updates refer to http://download.videolan.org/pub/videolan/vlc/

Affected Software/OS:
VLC media player version prior to 1.1.6 on Linux

Vulnerability Insight:
The flaws are due to an array indexing errors in the 'DecodeTileBlock()'
  and 'DecodeScroll()' [modules/codec/cdg.c] functions within the CDG decoder
  module when processing malformed data.

Vulnerability Detection Method:
Details:
VLC Media Player 'CDG decoder' multiple buffer overflow vulnerabilities (Lin...
(OID: 1.3.6.1.4.1.25623.1.0.801727)
Version used: $Revision: 3117 $

References:
CVE: CVE-2011-0021
Other:
    http://www.vupen.com/english/advisories/2011/0185
    http://openwall.com/lists/oss-security/2011/01/20/3


Issue
-----
NVT:    VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.801783
Threat: Medium (CVSS: 6.8)
Port:   general/tcp

Summary:
The host is installed with VLC Media Player and is prone buffer
  overflow vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation could allow attackers to execute arbitrary code by
  tricking a user into opening a malicious file or visiting a specially crafted
  web page.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to the VLC media player version 1.1.9 or later,
  For updates refer to http://download.videolan.org/pub/videolan/vlc/

Affected Software/OS:
VLC media player version prior to 1.1.9 on Linux

Vulnerability Insight:
The flaw is caused by a heap corruption error in the 'MP4_ReadBox_skcr()'
  [modules/demux/mp4/libmp4.c] function when processing malformed MP4
  (MPEG-4 Part 14) data.

Vulnerability Detection Method:
Details:
VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.801783)
Version used: $Revision: 5351 $

References:
CVE: CVE-2011-1684
BID: 47293
Other:
    http://secunia.com/advisories/44022
    http://xforce.iss.net/xforce/xfdb/66664
    http://www.vupen.com/english/advisories/2011/0916


Issue
-----
NVT:    VLC Media Player 'real_get_rdt_chunk' BOF Vulnerability-02 Jan15 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.805312
Threat: High (CVSS: 7.5)
Port:   general/tcp

Product detection result: cpe:/a:videolan:vlc_media_player:0.8.4a:a
Detected by: VLC Media Player Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.900529)

Summary:
The host is installed with VLC media player
  and is prone to buffer overflow vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation will allow
  attacker to execute an arbitrary code within the context of the VLC
  media player and potentially compromise a user's system.
  Impact Level: System/Application

Solution:
Solution type: VendorFix
Upgrade to VideoLAN VLC media player
  version 1.0.1 or later. For updates refer http://www.videolan.org/

Affected Software/OS:
VideoLAN VLC media player before 1.0.1
  on Linux.

Vulnerability Insight:
The error exists due to an integer
  underflow in the 'real_get_rdt_chunk' function within
  modules/access/rtsp/real.c script.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
VLC Media Player 'real_get_rdt_chunk' BOF Vulnerability-02 Jan15 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.805312)
Version used: $Revision: 3006 $

Product Detection Result:
Product:cpe:/a:videolan:vlc_media_player:0.8.4a:a

Method:VLC Media Player Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.900529)

References:
CVE: CVE-2010-2062
Other:
    http://secunia.com/advisories/36037/
    http://seclists.org/fulldisclosure/2009/Jul/418
    http://packetstormsecurity.com/files/cve/CVE-2010-2062


Issue
-----
NVT:    VLC Media Player 3GP File Denial of Service Vulnerability Oct15 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.806087
Threat: Medium (CVSS: 6.8)
Port:   general/tcp

Product detection result: cpe:/a:videolan:vlc_media_player:0.8.4a:a
Detected by: VLC Media Player Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.900529)

Summary:
The host is installed with VLC media player
  and is prone to denial of service vulnerability.

Vulnerability Detection Result:
Installed version: 0.8.4aa
Fixed version:     NoneAvailable

Impact:
Successful exploitation will allow remote
  attackers to cause a denial of service (crash) and possibly execute arbitrary
  code via a crafted 3GP file.
  Impact Level: System/Application

Solution:
Solution type: NoneAvailable
No updates are available at the moment,
  For updates refer to http://www.videolan.org

Affected Software/OS:
VideoLAN VLC media player 2.2.1 and
  earlier on Linux.

Vulnerability Insight:
The flaw is due to insufficient
  restrictions on a writable buffer which affects the 3GP file format parser.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
VLC Media Player 3GP File Denial of Service Vulnerability Oct15 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.806087)
Version used: $Revision: 2513 $

Product Detection Result:
Product:cpe:/a:videolan:vlc_media_player:0.8.4a:a

Method:VLC Media Player Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.900529)

References:
CVE: CVE-2015-5949
BID: 76448
CERT: CB-K15/1242
, DFN-CERT-2015-1307

Other:
    https://packetstormsecurity.com/files/133266
    http://www.securityfocus.com/archive/1/archive/1/536287/100/0/threaded


Issue
-----
NVT:    VLC Media Player ASF Demuxer Denial of Service Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.804325
Threat: Medium (CVSS: 4.3)
Port:   general/tcp

Product detection result: cpe:/a:videolan:vlc_media_player:0.8.4a:a
Detected by: VLC Media Player Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.900529)

Summary:
This host is installed with VLC Media Player and is prone to denial of
service vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation will allow attackers to cause a denial of service
condition.
Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to VLC media player version 2.1.3 or later,
For updates refer to http://www.videolan.org/vlc

Affected Software/OS:
VLC media player version 2.1.2 and prior on Linux.

Vulnerability Insight:
The flaw exist due to a divide-by-zero error when processing malicious
'.asf' files.

Vulnerability Detection Method:
Get the installed version with the help of detect NVT and check the version
is vulnerable or not.
Details:
VLC Media Player ASF Demuxer Denial of Service Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.804325)
Version used: $Revision: 3555 $

Product Detection Result:
Product:cpe:/a:videolan:vlc_media_player:0.8.4a:a

Method:VLC Media Player Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.900529)

References:
CVE: CVE-2014-1684
BID: 65399
Other:
    http://xforce.iss.net/xforce/xfdb/90955
    http://www.exploit-db.com/exploits/31429
    http://www.videolan.org/developers/vlc-branch/NEWS
    http://packetstormsecurity.com/files/125080/VLC-Media-Player-2.1.2-Denial-Of-Service.html


Issue
-----
NVT:    VLC Media Player Denial of Service Vulnerability Mar14 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.804348
Threat: Medium (CVSS: 4.3)
Port:   general/tcp

Product detection result: cpe:/a:videolan:vlc_media_player:0.8.4a:a
Detected by: VLC Media Player Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.900529)

Summary:
This host is installed with VLC Media Player and is prone to denial of
service vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation will allow attackers to cause a denial of service
conditions.
Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to VLC media player version 2.0.7 or later,
For updates refer to http://www.videolan.org/vlc

Affected Software/OS:
VLC media player version 2.0.6 and prior on Linux.

Vulnerability Insight:
The flaw exist due to some unspecified error.

Vulnerability Detection Method:
Get the installed version with the help of detect NVT and check the version
is vulnerable or not.
Details:
VLC Media Player Denial of Service Vulnerability Mar14 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.804348)
Version used: $Revision: 3555 $

Product Detection Result:
Product:cpe:/a:videolan:vlc_media_player:0.8.4a:a

Method:VLC Media Player Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.900529)

References:
CVE: CVE-2013-7340
CERT: CB-K14/0349
, DFN-CERT-2014-0361

Other:
    http://www.videolan.org/developers/vlc-branch/NEWS


Issue
-----
NVT:    VLC Media Player M3U Denial of Service Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.804127
Threat: High (CVSS: 7.5)
Port:   general/tcp

Product detection result: cpe:/a:videolan:vlc_media_player:0.8.4a:a
Detected by: VLC Media Player Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.900529)

Summary:
This host is installed with VLC Media Player and is prone to denial of
service and remote code execution vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation will allow attackers to cause denial of service
and possibly execute arbitrary remote code.
Impact Level: System/Application

Solution:
Solution type: VendorFix
Upgrade to VLC media player version 2.1.0 or later,
For updates refer to http://www.videolan.org/vlc

Affected Software/OS:
VLC media player version 2.0.8 and prior on Linux

Vulnerability Insight:
The flaw exist due to improper handling of a specially crafted M3U file.

Vulnerability Detection Method:
Get the installed version with the help of detect NVT and check the version
is vulnerable or not.
Details:
VLC Media Player M3U Denial of Service Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.804127)
Version used: $Revision: 3561 $

Product Detection Result:
Product:cpe:/a:videolan:vlc_media_player:0.8.4a:a

Method:VLC Media Player Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.900529)

References:
CVE: CVE-2013-6283
BID: 61844
Other:
    http://en.securitylab.ru/nvd/447008.php
    http://www.exploit-db.com/exploits/27700


Issue
-----
NVT:    VLC Media Player Meta-Information Denial of Service Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.801430
Threat: Medium (CVSS: 5.0)
Port:   general/tcp

Summary:
The host is installed with VLC Media Player and is prone to Denial
  of Service vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation could allow attackers to crash the affected
  application, denying service to legitimate users.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to the VLC media player version 1.1.3 or later,
  For updates refer to http://www.videolan.org/vlc/

Affected Software/OS:
VLC media player version prior to 1.1.3 on Linux.

Vulnerability Insight:
The flaw is due to an input validation error when trying to extract
  meta-informations about input media through 'ID3v2' tags.

Vulnerability Detection Method:
Details:
VLC Media Player Meta-Information Denial of Service Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.801430)
Version used: $Revision: 5388 $

References:
CVE: CVE-2010-2937
BID: 42386
Other:
    http://seclists.org/oss-sec/
    http://www.videolan.org/security/sa1004.html
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=592669


Issue
-----
NVT:    VLC Media Player Multiple Buffer Overflow Vulnerabilities-01 Jan15 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.805309
Threat: High (CVSS: 7.5)
Port:   general/tcp

Product detection result: cpe:/a:videolan:vlc_media_player:0.8.4a:a
Detected by: VLC Media Player Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.900529)

Summary:
The host is installed with VLC media player
  and is prone to multiple buffer overflow vulnerabilities.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation will allow
  attackers to conduct a denial of service attack or potentially the execution
  of arbitrary code.
  Impact Level: System/Application

Solution:
Solution type: VendorFix
Upgrade to VideoLAN VLC media player
  version 1.0.2 or later. For updates refer http://www.videolan.org/

Affected Software/OS:
VideoLAN VLC media player before 1.0.2
  on Linux.

Vulnerability Insight:
Multiple flaws are due to overflow conditions
  in the,
  - ASF_ObjectDumpDebug function within modules/demux/asf/libasf.c script,
  - AVI_ChunkDumpDebug_level function within modules/demux/avi/libavi.c script,
  - AVI_ChunkDumpDebug_level function within modules/demux/avi/libavi.c script
  - MP4_BoxDumpStructure function within modules/demux/mp4/libmp4.c script.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
VLC Media Player Multiple Buffer Overflow Vulnerabilities-01 Jan15 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.805309)
Version used: $Revision: 3499 $

Product Detection Result:
Product:cpe:/a:videolan:vlc_media_player:0.8.4a:a

Method:VLC Media Player Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.900529)

References:
CVE: CVE-2011-3623
Other:
    http://www.videolan.org/security/sa0901.html
    http://packetstormsecurity.com/files/cve/CVE-2011-3623


Issue
-----
NVT:    VLC Media Player Multiple Stack-Based BOF Vulnerabilities - Nov08 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.800133
Threat: High (CVSS: 9.3)
Port:   general/tcp

Summary:
This host is installed with VLC Media Player and is prone to
  Multiple Stack-Based Buffer Overflow Vulnerabilities.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation allows attackers to execute arbitrary code
  within the context of the VLC media player by tricking a user into opening
  a specially crafted file or can even crash an affected application.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to 0.9.6, or
  Apply the available patch from below link,
  http://git.videolan.org/?p=vlc.git
a=commitdiff
h=e3cef651125701a2e33a8d75b815b3e39681a447
  http://git.videolan.org/?p=vlc.git
a=commitdiff
h=5f63f1562d43f32331006c2c1a61742de031b84d
  *****
  NOTE: Ignore this warning if above mentioned patch is already applied.
  *****

Affected Software/OS:
VLC media player 0.5.0 through 0.9.5 on Windows (Any).

Vulnerability Insight:
The flaws are caused while parsing,
  - header of an invalid CUE image file related to modules/access/vcd/cdrom.c.
  - an invalid RealText(rt) subtitle file related to the ParseRealText function
    in modules/demux/subtitle.c.

Vulnerability Detection Method:
Details:
VLC Media Player Multiple Stack-Based BOF Vulnerabilities - Nov08 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.800133)
Version used: $Revision: 5158 $

References:
CVE: CVE-2008-5032, CVE-2008-5036
BID: 32125
Other:
    http://www.videolan.org/security/sa0810.html
    http://www.trapkit.de/advisories/TKADV2008-011.txt
    http://www.trapkit.de/advisories/TKADV2008-012.txt


Issue
-----
NVT:    VLC Media Player Multiple Vulnerabilities - Mar 12 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.802723
Threat: High (CVSS: 9.3)
Port:   general/tcp

Summary:
This host is installed with VLC Media Player and is prone to
  multiple vulnerabilities.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation could allow attackers to cause a denial of service or
  possibly execute arbitrary code via crafted streams.
  Impact Level: System/Application

Solution:
Solution type: VendorFix
Upgrade to VLC media player version 2.0.1 or later
  For updates refer to http://www.videolan.org/vlc/

Affected Software/OS:
VLC media player version prior to 2.0.1 on Linux

Vulnerability Insight:
The flaws are due to multiple buffer overflow errors in the
  application, which allows remote attackers to execute arbitrary code via
  crafted MMS:// stream and Real RTSP streams.

Vulnerability Detection Method:
Details:
VLC Media Player Multiple Vulnerabilities - Mar 12 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.802723)
Version used: $Revision: 5956 $

References:
CVE: CVE-2012-1775, CVE-2012-1776
Other:
    http://www.videolan.org/security/sa1201.html
    http://www.videolan.org/security/sa1202.html


Issue
-----
NVT:    VLC Media Player Multiple Vulnerabilities-03 Jan15 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.805314
Threat: High (CVSS: 7.5)
Port:   general/tcp

Product detection result: cpe:/a:videolan:vlc_media_player:0.8.4a:a
Detected by: VLC Media Player Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.900529)

Summary:
The host is installed with VLC media player
  and is prone to multiple vulnerabilities.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation will allow
  attackers to conduct a denial of service or potentially compromise a
  user's system.
  Impact Level: System/Application

Solution:
Solution type: VendorFix
Upgrade to VideoLAN VLC media player
  version 1.0.6 or later. For updates refer http://www.videolan.org/

Affected Software/OS:
VideoLAN VLC media player before 1.0.6
  on Linux.

Vulnerability Insight:
Multiple flaws are due to,
  - Multiple errors in the A/52 audio decoder, DTS audio decoder, MPEG audio
  decoder, AVI demuxer, ASF demuxer and Matroska demuxer.
  - An error when processing XSPF playlists.
  - A use-after-free error when attempting to create a playlist of the contents
  of a malformed zip archive.
  - An error in the RTMP implementation.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
VLC Media Player Multiple Vulnerabilities-03 Jan15 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.805314)
Version used: $Revision: 3499 $

Product Detection Result:
Product:cpe:/a:videolan:vlc_media_player:0.8.4a:a

Method:VLC Media Player Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.900529)

References:
CVE: CVE-2010-1445, CVE-2010-1444, CVE-2010-1443, CVE-2010-1442, CVE-2010-1441
Other:
    http://secunia.com/advisories/39558
    http://www.videolan.org/security/sa1003.html


Issue
-----
NVT:    VLC Media Player Stack Overflow Vulnerability (Lin-Mar09)
OID:    1.3.6.1.4.1.25623.1.0.900531
Threat: Medium (CVSS: 5.0)
Port:   general/tcp

Summary:
This host is installed with VLC Media Player and is prone to
  Stack Overflow Vulnerability.

Vulnerability Detection Result:
Vulnerability was detected according to the Vulnerability Detection Method.

Impact:
Successful exploitation allows the attacker to execute arbitrary codes
  with escalated privileges and cause overflow in stack.
  Impact Level: Application

Solution:
Upgrade to VLC media player version 1.0 or later,
  For updates refer to http://www.videolan.org/vlc

Affected Software/OS:
VLC media player 0.9.8a and prior on Linux.

Vulnerability Insight:
This flaw is due to improper boundary checking in status.xml in the web
  interface by an overly long request.

Vulnerability Detection Method:
Details:
VLC Media Player Stack Overflow Vulnerability (Lin-Mar09)
(OID: 1.3.6.1.4.1.25623.1.0.900531)
Version used: $Revision: 5148 $

References:
CVE: CVE-2009-1045
BID: 34126
Other:
    http://www.milw0rm.com/exploits/8213
    http://xforce.iss.net/xforce/xfdb/49249
    http://bugs.gentoo.org/show_bug.cgi?id=262708
    http://www.openwall.com/lists/oss-security/2009/03/17/4


Issue
-----
NVT:    VLC Media Player Version Detection (Linux)
OID:    1.3.6.1.4.1.25623.1.0.900529
Threat: Log (CVSS: 0.0)
Port:   general/tcp

Summary:
Detection of installed version of
  VLC Media Player version on Linux.
  This script logs in via shh, extracts the version from the binary file
  and set it in KB.

Vulnerability Detection Result:
Detected VLC Media Player
Version:  0.8.4a
Location: /usr/bin/vlc
CPE:      cpe:/a:videolan:vlc_media_player:0.8.4a:a
Concluded from version/product identification result:
0.8.4a

Log Method:
Details:
VLC Media Player Version Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.900529)
Version used: $Revision: 2636 $