Nessus.Vulnerability.Scanner.ActiveX.Control.File.Deletion

description-logoDescription

This indicates a vulnerability in Nessus Vulnerability Scanner. The vulnerability is caused by an error in the "deleteReport()" method within the scan.dll ActiveX control. It allows remote attackers to delete arbitrary files by invoking the deleteReport method with a specific file path.

affected-products-logoAffected Products

Nessus Vulnerability Scanner version 3.0.6 and prior.

Impact logoImpact

System compromise, arbitrary file deletion.

recomended-action-logoRecommended Actions

Currently we are not aware of any official supplied fix for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)