Denial of Service and Arbitrary Code Execution Vulnerability in libnasl in Nessus

Denial of Service and Arbitrary Code Execution Vulnerability in libnasl in Nessus

CVE-2003-0372 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script.

Learn more about our User Device Pen Test.