The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6     addresses, returning false for addresses which would return true in their traditional IPv4 forms.
    (CVE-2024-24790)

Note that Nessus relies on the presence of the package as reported by the vendor.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3089-1 advisory.

    - CVE-2024-24791: Fixed denial of service due to improper 100-continue handling (bsc#1227314)
    - CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip (bsc#1225973)
    - CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip     (bsc#1225974)
    - CVE-2024-24787: Fixed arbitrary code execution during build on darwin in cmd/go (bsc#1224017)
    - CVE-2023-45288: Fixed denial of service due to close connections when receiving too many headers in     net/http and x/net/http2 (bsc#1221400)
    - CVE-2023-45289: Fixed incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http     and net/http/cookiejar (bsc#1221000)
    - CVE-2023-45290: Fixed memory exhaustion in Request.ParseMultipartForm in net/http (bsc#1221001)
    - CVE-2024-24783: Fixed denial of service on certificates with an unknown public key algorithm in     crypto/x509 (bsc#1220999)
    - CVE-2024-24784: Fixed comments in display names are incorrectly handled in net/mail (bsc#1221002)
    - CVE-2024-24785: Fixed errors returned from MarshalJSON methods may break template escaping in     html/template (bsc#1221003)

    Other fixes:
    - Update to version 1.21.13.1 cut from the go1.21-fips-release (jsc#SLE-18320)
    - Update to version 1.21.13 (bsc#1212475)
    - Remove subpackage go1.x-openssl-libstd for compiled shared object libstd.so. (jsc#PED-1962)
    - Ensure VERSION file is present in GOROOT as required by go tool dist and go tool distpack (bsc#1219988)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.859.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2645 advisory.

    An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive     number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and     CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is     allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an     HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to     be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the     receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header     frames we will process before closing a connection. (CVE-2023-45288)

    The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6     addresses, returning false for addresses which would return true in their traditional IPv4 forms.
    (CVE-2024-24790)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4664 advisory.

    Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable     version of the Ceph storage system with a Ceph management platform, deployment utilities, and support     services.

    These new packages include numerous enhancements, bug fixes, and known issues. Space precludes documenting     all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for     information on the most significant of these changes:

    https://docs.redhat.com/en/documentation/red_hat_ceph_storage/7/html/7.1_release_notes

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	名称	产品	系列	发布时间	最近更新时间	严重程度
227464	Linux Distros Unpatched Vulnerability : CVE-2024-24790	Nessus	Misc.	2025/3/5	2025/8/15	critical
206582	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.21-openssl (SUSE-SU-2024:3089-1)	Nessus	SuSE Local Security Checks	2024/9/4	2025/2/24	critical
208102	Amazon Linux 2 : amazon-ssm-agent (ALAS-2024-2645)	Nessus	Amazon Linux Local Security Checks	2024/10/3	2024/12/11	critical
235495	RHEL 8 / 9 : Red Hat Ceph Storage 7.1 (RHSA-2025:4664)	Nessus	Red Hat Local Security Checks	2025/5/7	2025/6/5	medium

检测

插件搜索

critical

critical

critical

medium