Nessus.Vulnerability.Scanner.ActiveX.Control.File.Deletion
Description
This indicates a vulnerability in Nessus Vulnerability Scanner. The vulnerability is caused by an error in the "deleteReport()" method within the scan.dll ActiveX control. It allows remote attackers to delete arbitrary files by invoking the deleteReport method with a specific file path.
Affected Products
Nessus Vulnerability Scanner version 3.0.6 and prior.
Impact
System compromise, arbitrary file deletion.
Recommended Actions
Currently we are not aware of any official supplied fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |