The operating system running on the remote host is no longer supported.

According to its self-reported version number, the Unix operating system running on the remote host is no longer supported.

Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.

Upgrade to a version of the Unix operating system that is currently supported.

Critical

10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published: 2008/08/08, Modified: 2023/06/26

Debian 10.13 support ended on 2022-09-10 (end of regular support) / 2024-06-30 (end of long-term support for Buster-LTS).
Upgrade to Debian Linux 11.x ("Bullseye").

For more information, see : http://www.debian.org/releases/


Debian 10.13 support ended on 2022-09-10 (end of regular support) / 2024-06-30 (end of long-term support for Buster-LTS).
Upgrade to Debian Linux 11.x ("Bullseye").

For more information, see : http://www.debian.org/releases/

Debian 10.1 support ended on 2022-09-10 (end of regular support) / 2024-06-30 (end of long-term support for Buster-LTS).
Upgrade to Debian Linux 11.x ("Bullseye").

For more information, see : http://www.debian.org/releases/

The remote Debian host is missing one or more security-related updates.

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3437 advisory.

- A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8.
When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target. (CVE-2019-14889)

- A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service. (CVE-2023-1667)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Upgrade the libssh packages.

For Debian 10 buster, these problems have been fixed in version 0.8.7-1+deb10u2.

High

8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

7.7 (CVSS:3.0/E:U/RL:O/RC:C)

9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

6.9 (CVSS2#E:U/RL:OF/RC:C)

Published: 2023/05/30, Modified: 2023/06/01

Remote package installed : libssh-4_0.8.7-1+deb10u1
Should be : libssh-4_0.8.7-1+deb10u2

The remote Debian host is missing one or more security-related updates.

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3445 advisory.

- In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives.
When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system. (CVE-2019-14866)

- GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.
(CVE-2021-38185)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Upgrade the cpio packages.

For Debian 10 buster, these problems have been fixed in version 2.12+dfsg-9+deb10u1.

Medium

7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

7.0 (CVSS:3.0/E:P/RL:O/RC:C)

6.9 (CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)

5.4 (CVSS2#E:POC/RL:OF/RC:C)

Published: 2023/06/05, Modified: 2023/06/05

Remote package installed : cpio_2.12+dfsg-9
Should be : cpio_2.12+dfsg-9+deb10u1

The remote Debian host is missing a security-related update.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3461 advisory.

- json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. (CVE-2020-12762)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Upgrade the libfastjson packages.

For Debian 10 buster, this problem has been fixed in version 0.99.8-2+deb10u1.

Medium

7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

7.0 (CVSS:3.0/E:P/RL:O/RC:C)

6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

5.3 (CVSS2#E:POC/RL:OF/RC:C)

Published: 2023/06/22, Modified: 2023/06/22

Remote package installed : libfastjson4_0.99.8-2
Should be : libfastjson4_0.99.8-2+deb10u1

The remote Debian host is missing one or more security-related updates.

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3469 advisory.

- Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships. (CVE-2019-6706)

- ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31). (CVE-2020-24370)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Upgrade the lua5.3 packages.

For Debian 10 buster, these problems have been fixed in version 5.3.3-1.1+deb10u1.

Medium

7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

6.7 (CVSS:3.0/E:P/RL:O/RC:C)

5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

3.9 (CVSS2#E:POC/RL:OF/RC:C)

Published: 2023/06/23, Modified: 2023/06/23

Remote package installed : liblua5.3-0_5.3.3-1.1
Should be : liblua5.3-0_5.3.3-1.1+deb10u1

The remote Debian host is missing a security-related update.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3472 advisory.

- The X.Org project reports: The functions in src/InitExt.c in libX11 prior to 1.8.6 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. Instead they trusted that they were called with values provided by an Xserver that was adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself. Testing has found it is possible to at least cause the client to crash with this memory corruption.
(CVE-2023-3138)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Upgrade the libx11 packages.

For Debian 10 buster, this problem has been fixed in version 2

High

7.3 (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H)

6.4 (CVSS:3.0/E:U/RL:O/RC:C)

8.5 (CVSS2#AV:N/AC:L/Au:S/C:N/I:C/A:C)

6.3 (CVSS2#E:U/RL:OF/RC:C)

Published: 2023/06/26, Modified: 2023/06/26

Remote package installed : libx11-6_2:1.6.7-1+deb10u2
Should be : libx11-6_2:1.6.7-1+deb10u3
Remote package installed : libx11-data_2:1.6.7-1+deb10u2
Should be : libx11-data_2:1.6.7-1+deb10u3

The remote Debian host is missing a security-related update.

Several vulnerabilities have been discovered in wpa_supplicant and hostapd.

- CVE-2020-12695 It was discovered that hostapd does not properly handle UPnP subscribe messages under certain conditions, allowing an attacker to cause a denial of service.

- CVE-2021-0326 It was discovered that wpa_supplicant does not properly process P2P (Wi-Fi Direct) group information from active group owners. An attacker within radio range of the device running P2P could take advantage of this flaw to cause a denial of service or potentially execute arbitrary code.

- CVE-2021-27803 It was discovered that wpa_supplicant does not properly process P2P (Wi-Fi Direct) provision discovery requests.
An attacker within radio range of the device running P2P could take advantage of this flaw to cause a denial of service or potentially execute arbitrary code.

Upgrade the wpa packages.

For the stable distribution (buster), these problems have been fixed in version 2:2.7+git20190128+0c1e29f-6+deb10u3.

High

7.5 (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

6.7 (CVSS:3.0/E:P/RL:O/RC:C)

7.9 (CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C)

6.2 (CVSS2#E:POC/RL:OF/RC:C)

Published: 2021/04/23, Modified: 2022/12/06

Remote package installed : hostapd_2.10-520-gb704dc72e
Should be : hostapd_2:2.7+git20190128+0c1e29f-6+deb10u3
Remote package installed : wpasupplicant_2.10-520-gb704dc72e
Should be : wpasupplicant_2:2.7+git20190128+0c1e29f-6+deb10u3

The remote Debian host is missing a security-related update.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3444 advisory.

- MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer. (CVE-2022-47015)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Upgrade the mariadb-10.3 packages.

For Debian 10 buster, this problem has been fixed in version 1

Medium

6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

5.7 (CVSS:3.0/E:U/RL:O/RC:C)

6.8 (CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C)

5.0 (CVSS2#E:U/RL:OF/RC:C)

Published: 2023/06/06, Modified: 2023/06/12

Remote package installed : libmariadb3_1:10.3.38-0+deb10u1
Should be : libmariadb3_1:10.3.39-0+deb10u1
Remote package installed : mariadb-common_1:10.3.38-0+deb10u1
Should be : mariadb-common_1:10.3.39-0+deb10u1

The remote Debian host is missing one or more security-related updates.

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3447 advisory.

- A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. (CVE-2023-28755)

- A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. (CVE-2023-28756)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Upgrade the ruby2.5 packages.

For Debian 10 Buster, these problems have been fixed in version 2.5.5-3+deb10u5.

Medium

5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

4.6 (CVSS:3.0/E:U/RL:O/RC:C)

5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

3.7 (CVSS2#E:U/RL:OF/RC:C)

Published: 2023/06/07, Modified: 2023/06/07

Remote package installed : libruby2.5_2.5.5-3+deb10u4
Should be : libruby2.5_2.5.5-3+deb10u5
Remote package installed : ruby2.5_2.5.5-3+deb10u4
Should be : ruby2.5_2.5.5-3+deb10u5

The remote Debian host is missing one or more security-related updates.

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3449 advisory.

- A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. (CVE-2023-0464)

- Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. (CVE-2023-0465)

- The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification.
As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument.
Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.
(CVE-2023-0466)

- Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit.
OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n'
being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low. (CVE-2023-2650)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Upgrade the openssl packages.

For Debian 10 buster, these problems have been fixed in version 1.1.1n-0+deb10u5.

Medium

5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

4.6 (CVSS:3.0/E:U/RL:O/RC:C)

5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)

3.7 (CVSS2#E:U/RL:OF/RC:C)

I

Published: 2023/06/08, Modified: 2023/06/08

Remote package installed : libssl1.1_1.1.1n-0+deb10u4
Should be : libssl1.1_1.1.1n-0+deb10u5
Remote package installed : openssl_1.1.1n-0+deb10u4
Should be : openssl_1.1.1n-0+deb10u5

The remote Debian host is missing a security-related update.

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3456 advisory.

- Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.
(CVE-2023-32681)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Upgrade the requests packages.

For Debian 10 buster, this problem has been fixed in version 2.21.0-1+deb10u1.

Medium

6.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N)

5.3 (CVSS:3.0/E:U/RL:O/RC:C)

5.4 (CVSS2#AV:N/AC:H/Au:N/C:C/I:N/A:N)

4.0 (CVSS2#E:U/RL:OF/RC:C)

Published: 2023/06/18, Modified: 2023/06/19

Remote package installed : python3-requests_2.21.0-1
Should be : python3-requests_2.21.0-1+deb10u1

The remote Debian host is missing a security-related update.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3466 advisory.

- A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.
(CVE-2021-3468)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Upgrade the avahi packages.

For Debian 10 buster, this problem has been fixed in version 0.7-4+deb10u3.

Low

5.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

4.8 (CVSS:3.0/E:U/RL:O/RC:C)

2.1 (CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P)

1.6 (CVSS2#E:U/RL:OF/RC:C)

Published: 2023/06/22, Modified: 2023/06/22

Remote package installed : libavahi-client3_0.7-4+deb10u2
Should be : libavahi-client3_0.7-4+deb10u3
Remote package installed : libavahi-common-data_0.7-4+deb10u2
Should be : libavahi-common-data_0.7-4+deb10u3
Remote package installed : libavahi-common3_0.7-4+deb10u2
Should be : libavahi-common3_0.7-4+deb10u3

The remote Debian host is missing one or more security-related updates.

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3471 advisory.

- c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular 0::00:00:00/2 was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1. (CVE-2023-31130)

- c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1. (CVE-2023-32067)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Upgrade the c-ares packages.

For Debian 10 buster, these problems have been fixed in version 1.14.0-1+deb10u3.

Medium

6.4 (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)

5.6 (CVSS:3.0/E:U/RL:O/RC:C)

5.9 (CVSS2#AV:L/AC:H/Au:M/C:C/I:C/A:C)

4.4 (CVSS2#E:U/RL:OF/RC:C)

Published: 2023/06/27, Modified: 2023/06/27

Remote package installed : libc-ares2_1.14.0-1+deb10u2
Should be : libc-ares2_1.14.0-1+deb10u3

The remote Debian host is missing a security-related update.

Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication (station) and hostapd (access point).

- CVE-2019-13377 A timing-based side-channel attack against WPA3's Dragonfly handshake when using Brainpool curves could be used by an attacker to retrieve the password.

- CVE-2019-16275 Insufficient source address validation for some received Management frames in hostapd could lead to a denial of service for stations associated to an access point. An attacker in radio range of the access point could inject a specially constructed unauthenticated IEEE 802.11 frame to the access point to cause associated stations to be disconnected and require a reconnection to the network.

Upgrade the wpa packages.

For the stable distribution (buster), these problems have been fixed in version 2:2.7+git20190128+0c1e29f-6+deb10u1.

Medium

5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

5.2 (CVSS:3.0/E:U/RL:O/RC:C)

4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)

3.2 (CVSS2#E:U/RL:OF/RC:C)

Published: 2019/09/30, Modified: 2019/12/23

Remote package installed : hostapd_2.10-520-gb704dc72e
Should be : hostapd_2:2.7+git20190128+0c1e29f-6+deb10u1
Remote package installed : wpasupplicant_2.10-520-gb704dc72e
Should be : wpasupplicant_2:2.7+git20190128+0c1e29f-6+deb10u1

The remote DNS server is vulnerable to a denial of service attack.

The remote DNS server is vulnerable to a denial of service attack because it replies to DNS responses.

An attacker could exploit this vulnerability by spoofing a DNS packet so that it appears to come from 127.0.0.1 and make the remote DNS server enter into an infinite loop, therefore denying service to legitimate users.

Contact the vendor for an appropriate upgrade.

Medium

5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

3.7 (CVSS2#E:U/RL:OF/RC:C)

Published: 2004/11/18, Modified: 2018/07/10

Nessus sent the following response data :

0x00: 32 B8 81 80 00 01 00 01 00 00 00 00 03 77 77 77 2............www
0x10: 06 67 6F 6F 67 6C 65 03 63 6F 6D 00 00 10 00 01 .google.com.....
0x20: C0 0C 00 05 00 01 00 00 00 05 00 12 0F 66 6F 72 .............for
0x30: 63 65 73 61 66 65 73 65 61 72 63 68 C0 10 cesafesearch..

And the DNS server replied with the following response :

0x00: 32 B8 81 80 00 01 00 01 00 00 00 00 03 77 77 77 2............www
0x10: 06 67 6F 6F 67 6C 65 03 63 6F 6D 00 00 10 00 01 .google.com.....
0x20: C0 0C 00 05 00 01 00 00 00 05 00 12 0F 66 6F 72 .............for
0x30: 63 65 73 61 66 65 73 65 61 72 63 68 C0 10 cesafesearch..

The remote host has Apache HTTP Server software installed.

Apache HTTP Server is installed on the remote Linux host.

n/a

None

Published: 2020/10/12, Modified: 2023/06/26

Path : /usr/bin/busybox
Version : unknown
Running : no

Configs found :

Loaded modules :

BIOS info could be read.

Using SMBIOS and UEFI, it was possible to get BIOS info.

N/A

None

Published: 2008/09/08, Modified: 2022/06/29

Vendor : Hewlett-Packard
Release Date : 07/15/2014
Secure boot : disabled

It was possible to enumerate CPE names that matched on the remote system.

By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform Enumeration) matches for various hardware and software products found on a host.

Note that if an official CPE is not available for the product, this plugin computes the best possible CPE based on the information available from the scan.

n/a

None

Published: 2010/04/21, Modified: 2023/06/20

The remote operating system matched the following CPE :

cpe:/o:debian:debian_linux:10.13 -> Debian Linux

Following application CPE's matched on the remote system :

cpe:/a:apache:http_server -> Apache Software Foundation Apache HTTP Server
cpe:/a:gnupg:libgcrypt:1.8.4 -> GnuPG Libgcrypt
cpe:/a:nginx:nginx:1.14.2 -> Nginx
cpe:/a:openbsd:openssh:7.9 -> OpenBSD OpenSSH
cpe:/a:openssl:openssl:1.1.1n -> OpenSSL Project OpenSSL
cpe:/a:saltstack:salt:3003.5 -> SaltStack Salt
x-cpe:/a:python-flask:-:1.0.2-3

A DNS server is listening on the remote host.

The remote service is a Domain Name System (DNS) server, which provides a mapping between hostnames and IP addresses.

Disable this service if it is not needed or restrict access to internal hosts only if the service is available externally.

None

Published: 2003/02/13, Modified: 2017/05/16

A DNS server is listening on the remote host.

The remote service is a Domain Name System (DNS) server, which provides a mapping between hostnames and IP addresses.

Disable this service if it is not needed or restrict access to internal hosts only if the service is available externally.

None

Published: 2003/02/13, Modified: 2017/05/16

It was possible to determine the remote system hostname.

This plugin reports a device's hostname collected via SSH or WMI.

n/a

None

Published: 2011/06/30, Modified: 2023/06/20

Hostname : gateway
gateway (hostname command)

It is possible to guess the remote device type.

Based on the remote operating system, it is possible to determine what the remote system type is (eg: a printer, router, general-purpose computer, etc).

n/a

None

Published: 2011/05/23, Modified: 2022/09/09

Remote device type : general-purpose
Confidence level : 100

Nessus was able to enumerate the IPv4 interfaces on the remote host.

Nessus was able to enumerate the network interfaces configured with IPv4 addresses by connecting to the remote host via SSH using the supplied credentials.

Disable any unused IPv4 interfaces.

None

Published: 2007/05/11, Modified: 2022/02/23

The following IPv4 addresses are set on the remote host :

- 10.100.100.1 (on interface eth0)
- 127.0.0.1 (on interface lo)
- 171.250.11.228 (on interface pppoe0)
- 10.10.10.1 (on interface wg0)

Nessus was able to enumerate the IPv6 interfaces on the remote host.

Nessus was able to enumerate the network interfaces configured with IPv6 addresses by connecting to the remote host via SSH using the supplied credentials.

Disable IPv6 if you are not actually using it. Otherwise, disable any unused IPv6 interfaces.

None

Published: 2007/05/11, Modified: 2022/02/23

The following IPv6 interfaces are set on the remote host :

- fe80::42a8:f0ff:feac:d1f1 (on interface eth0)
- 2402:800:63b9:ba74::1 (on interface eth0)
- fe80::823f:5dff:fef5:64f9 (on interface eth1)
- fe80::200:ff:fe00:0 (on interface lo)
- ::1 (on interface lo)
- 2402:800:63b9:3f6a:86a:46d6:c019:e26a (on interface pppoe0)
- fe80::86a:46d6:c019:e26a (on interface pppoe0)
- fe80::f076:c6ff:fe34:a437 (on interface wg0)

Nessus was able to enumerate MAC addresses on the remote host.

Nessus was able to enumerate MAC addresses by connecting to the remote host via SSH with the supplied credentials.

Disable any unused interfaces.

None

Published: 2008/06/30, Modified: 2022/12/20

The following MAC addresses exist on the remote host :

- 40:a8:f0:ac:d1:f1 (interface eth0)
- 80:3f:5d:f5:64:f9 (interface eth1)

Nessus was able to parse the Network Interface data on the remote host.

Nessus was able to parse the Network Interface data on the remote host.

n/a

None

Published: 2023/01/19, Modified: 2023/01/19

wg0:
IPv4:
- Address : 10.10.10.1
Netmask : 255.255.255.0
IPv6:
- Address : fe80::f076:c6ff:fe34:a437
Prefixlen : 64
lo:
IPv4:
- Address : 127.0.0.1
Netmask : 255.0.0.0
IPv6:
- Address : fe80::200:ff:fe00:0
Prefixlen : 64
- Address : ::1
Prefixlen : 128
eth1:
IPv6:
- Address : fe80::823f:5dff:fef5:64f9
Prefixlen : 64
pppoe0:
IPv4:
- Address : 171.250.11.228
Netmask : 255.255.255.255
IPv6:
- Address : 2402:800:63b9:3f6a:86a:46d6:c019:e26a
Prefixlen : 64
- Address : fe80::86a:46d6:c019:e26a
Prefixlen : 10
eth0:
IPv4:
- Address : 10.100.100.1
Netmask : 255.255.255.0
Broadcast : 10.100.100.255
IPv6:
- Address : fe80::42a8:f0ff:feac:d1f1
Prefixlen : 64
- Address : 2402:800:63b9:ba74::1
Prefixlen : 64

Enumerates the PATH variable of the current scan user.

Enumerates the PATH variables of the current scan user.

Ensure that directories listed here are in line with corporate policy.

None

Published: 2022/12/21, Modified: 2023/06/26

Nessus has enumerated the path of the current scan user :

/usr/local/bin
/usr/bin
/bin
/usr/games

The manufacturer can be identified from the Ethernet OUI.

Each ethernet MAC address starts with a 24-bit Organizationally Unique Identifier (OUI). These OUIs are registered by IEEE.

n/a

None

Published: 2009/02/19, Modified: 2020/05/13

The following card manufacturers were identified :

40:A8:F0:AC:D1:F1 : Hewlett Packard
80:3F:5D:F5:64:F9 : Winstars Technology Ltd

This plugin gathers MAC addresses from various sources and consolidates them into a list.

This plugin gathers MAC addresses discovered from both remote probing of the host (e.g. SNMP and Netbios) and from running local checks (e.g. ifconfig). It then consolidates the MAC addresses into a single, unique, and uniform list.

n/a

None

Published: 2015/10/16, Modified: 2020/05/13

The following is a consolidated list of detected MAC addresses:
- 40:A8:F0:AC:D1:F1
- 80:3F:5D:F5:64:F9

Enumerates the IP address assignment method(static/dynamic).

Enumerates the IP address assignment method(static/dynamic).

n/a

None

Published: 2023/02/14, Modified: 2023/06/20

+ lo
+ IPv4
- Address : 127.0.0.1
Assign Method : static
+ IPv6
- Address : fe80::200:ff:fe00:0
Assign Method : static
- Address : ::1
Assign Method : static
+ eth0
+ IPv4
- Address : 10.100.100.1
Assign Method : static
+ IPv6
- Address : 2402:800:63b9:ba74::1
Assign Method : static
- Address : fe80::42a8:f0ff:feac:d1f1
Assign Method : static
+ eth1
+ IPv6
- Address : fe80::823f:5dff:fef5:64f9
Assign Method : static
+ wg0
+ IPv4
- Address : 10.10.10.1
Assign Method : static
+ IPv6
- Address : fe80::f076:c6ff:fe34:a437
Assign Method : static
+ pppoe0
+ IPv4
- Address : 171.250.11.228
Assign Method : static
+ IPv6
- Address : 2402:800:63b9:3f6a:86a:46d6:c019:e26a
Assign Method : dynamic
- Address : fe80::86a:46d6:c019:e26a
Assign Method : static

Libgcrypt is installed on this host.

Libgcrypt, a cryptography library, was found on the remote host.

n/a

None

Published: 2021/07/21, Modified: 2023/06/26

Nessus detected 4 installs of Libgcrypt:

Path : /usr/lib/x86_64-linux-gnu/libgcrypt.so.20
Version : 1.8.4

Path : /usr/lib/x86_64-linux-gnu/libgcrypt.so.20.2.4
Version : 1.8.4

Path : /lib/x86_64-linux-gnu/libgcrypt.so.20
Version : 1.8.4

Path : /lib/x86_64-linux-gnu/libgcrypt.so.20.2.4
Version : 1.8.4

Use system commands to obtain the list of mounted devices on the target machine at scan time.

Report the mounted devices information on the target machine at scan time using the following commands.
/bin/df -h /bin/lsblk /bin/mount -l

This plugin only reports on the tools available on the system and omits any tool that did not return information when the command was ran.

n/a

None

Published: 2022/02/03, Modified: 2022/09/08

$ df -h
Filesystem Size Used Avail Use% Mounted on
udev 5.8G 0 5.8G 0% /dev
tmpfs 1.2G 121M 1.1G 11% /run
/dev/sda3 234G 394M 222G 1% /usr/lib/live/mount/persistence
/dev/loop0 315M 315M 0 100% /usr/lib/live/mount/rootfs/1.3.3.squashfs
tmpfs 5.9G 0 5.9G 0% /usr/lib/live/mount/overlay
overlay 234G 394M 222G 1% /
tmpfs 5.9G 84K 5.9G 1% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 5.9G 0 5.9G 0% /sys/fs/cgroup
tmpfs 5.9G 20K 5.9G 1% /tmp
tmpfs 5.9G 200K 5.9G 1% /var/tmp
none 5.9G 652K 5.9G 1% /opt/vyatta/config
tmpfs 1.2G 0 1.2G 0% /run/user/1003


$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
loop0 7:0 0 314.8M 1 loop /usr/lib/live/mount/rootfs/1.3.3.squashfs
sda 8:0 0 238.5G 0 disk
├─sda1 8:1 0 1007K 0 part
├─sda2 8:2 0 256M 0 part
└─sda3 8:3 0 238.2G 0 part /usr/lib/live/mount/persistence


$ mount -l
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
udev on /dev type devtmpfs (rw,nosuid,relatime,size=6077432k,nr_inodes=1519358,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,noexec,relatime,size=1218648k,mode=755)
/dev/sda3 on /usr/lib/live/mount/persistence type ext4 (rw,noatime) [persistence]
/dev/loop0 on /usr/lib/live/mount/rootfs/1.3.3.squashfs type squashfs (ro,noatime)
tmpfs on /usr/lib/live/mount/overlay type tmpfs (rw,relatime)
overlay on / type overlay (rw,noatime,lowerdir=/live/rootfs/1.3.3.squashfs/,upperdir=/live/persistence/boot/1.3.3/rw,workdir=/live/persistence/boot/1.3.3/work)
/dev/sda3 on /opt/vyatta/etc/config type ext4 (rw,noatime) [persistence]
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)
cgroup2 on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
efivarfs on /sys/firmware/efi/efivars type efivarfs (rw,nosuid,nodev,noexec,relatime)
none on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
mqueue on /dev/mqueue type mqueue (rw,relatime)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=40,pgrp=1,timeout=0,minproto=5,maxproto=5,direct)
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime)
tmpfs on /var/tmp type tmpfs (rw,nosuid,nodev,relatime)
tmpfs on /etc/frr/frr.conf type tmpfs (rw,nosuid,nodev,noexec,relatime,size=1218648k,mode=755)
none on /opt/vyatta/config type tmpfs (rw,nosuid,nodev,relatime,nr_inodes=0,mode=775)
none on /sys/fs/bpf type bpf (rw,relatime)
/dev/sda3 on /boot type ext4 (rw,noatime) [persistence]
/dev/sda3 on /boot/grub type ext4 (rw,noatime) [persistence]
/dev/sda3 on /usr/lib/live/mount/persistence/boot/1.3.3/grub type ext4 (rw,noatime) [persistence]
fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
tmpfs on /run/user/1003 type tmpfs (rw,nosuid,nodev,relatime,size=1218644k,mode=700,uid=1003,gid=100)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,relatime)

Nessus was able to enumerate local users and groups on the remote host.

Using the supplied credentials, Nessus was able to enumerate the local users and groups on the remote host.

None

None

Published: 2016/12/19, Modified: 2023/02/28

----------[ User Accounts ]----------

User : radius_user
Home folder : /home/radius_user
Start script : /sbin/radius_shell
Groups : users
vyattaop
frrvty
operator
dip
adm

User : radius_priv_user
Home folder : /home/radius_priv_user
Start script : /sbin/radius_shell
Groups : users
sudo
disk
frrvty
vyattacfg
dip
adm

User : minion
Home folder : /home/minion
Start script : /bin/vbash
Groups : users
sudo
disk
vyattacfg
frrvty
dip
adm

User : dhcpd
Home folder : /run/dhcp-server
Start script : /usr/sbin/nologin
Groups : nogroup
hostsd

User : systemd-coredump
Home folder : /
Start script : /usr/sbin/nologin
Groups : systemd-coredump

User : vyos
Home folder : /home/vyos
Start script : /bin/vbash
Groups : users
sudo
disk
frrvty
vyattacfg
dip
adm

----------[ System Accounts ]----------

User : root
Home folder : /root
Start script : /bin/bash
Groups : root

User : daemon
Home folder : /usr/sbin
Start script : /usr/sbin/nologin
Groups : daemon

User : bin
Home folder : /bin
Start script : /usr/sbin/nologin
Groups : bin

User : sys
Home folder : /dev
Start script : /usr/sbin/nologin
Groups : sys

User : sync
Home folder : /bin
Start script : /bin/sync
Groups : nogroup

User : games
Home folder : /usr/games
Start script : /usr/sbin/nologin
Groups : games

User : man
Home folder : /var/cache/man
Start script : /usr/sbin/nologin
Groups : man

User : lp
Home folder : /var/spool/lpd
Start script : /usr/sbin/nologin
Groups : lp

User : mail
Home folder : /var/mail
Start script : /usr/sbin/nologin
Groups : mail

User : news
Home folder : /var/spool/news
Start script : /usr/sbin/nologin
Groups : news

User : uucp
Home folder : /var/spool/uucp
Start script : /usr/sbin/nologin
Groups : uucp

User : proxy
Home folder : /bin
Start script : /bin/sh
Groups : proxy

User : www-data
Home folder : /var/www
Start script : /usr/sbin/nologin
Groups : www-data

User : backup
Home folder : /var/backups
Start script : /usr/sbin/nologin
Groups : backup

User : list
Home folder : /var/list
Start script : /usr/sbin/nologin
Groups : list

User : irc
Home folder : /var/run/ircd
Start script : /usr/sbin/nologin
Groups : irc

User : gnats
Home folder : /var/lib/gnats
Start script : /usr/sbin/nologin
Groups : gnats

User : nobody
Home folder : /nonexistent
Start script : /usr/sbin/nologin
Groups : nogroup

User : _apt
Home folder : /nonexistent
Start script : /usr/sbin/nologin
Groups : nogroup

User : systemd-timesync
Home folder : /run/systemd
Start script : /usr/sbin/nologin
Groups : systemd-timesync

User : systemd-network
Home folder : /run/systemd
Start script : /usr/sbin/nologin
Groups : systemd-network

User : systemd-resolve
Home folder : /run/systemd
Start script : /usr/sbin/nologin
Groups : systemd-resolve

User : telegraf
Home folder : /etc/telegraf
Start script : /bin/false
Groups : telegraf

User : radvd
Home folder : /var/run/radvd
Start script : /usr/sbin/nologin
Groups : nogroup

User : strongswan
Home folder : /var/lib/strongswan
Start script : /usr/sbin/nologin
Groups : nogroup

User : messagebus
Home folder : /nonexistent
Start script : /usr/sbin/nologin
Groups : messagebus

User : uuidd
Home folder : /run/uuidd
Start script : /usr/sbin/nologin
Groups : uuidd

User : tftp
Home folder : /srv/tftp
Start script : /usr/sbin/nologin
Groups : tftp

User : conservr
Home folder : /etc/conserver
Start script : /usr/sbin/nologin
Groups : dialout

User : ntp
Home folder : /nonexistent
Start script : /usr/sbin/nologin
Groups : ntp

User : frr
Home folder : /nonexistent
Start script : /usr/sbin/nologin
Groups : frr
frrvty

User : ocserv
Home folder : /run/ocserv
Start script : /usr/sbin/nologin
Groups : ocserv

User : pdns
Home folder : /var/spool/powerdns
Start script : /bin/false
Groups : pdns

User : sshd
Home folder : /run/sshd
Start script : /usr/sbin/nologin
Groups : nogroup

User : smmta
Home folder : /var/lib/sendmail
Start script : /usr/sbin/nologin
Groups : smmta

User : smmsp
Home folder : /var/lib/sendmail
Start script : /usr/sbin/nologin
Groups : smmsp

User : Debian-snmp
Home folder : /var/lib/snmp
Start script : /bin/false
Groups : Debian-snmp

User : _lldpd
Home folder : /var/run/lldpd
Start script : /usr/sbin/nologin
Groups : _lldpd

User : hacluster
Home folder : /var/lib/pacemaker
Start script : /usr/sbin/nologin
Groups : haclient

User : tss
Home folder : /var/lib/tpm
Start script : /usr/sbin/nologin
Groups : tss

User : openvpn
Home folder : /var/lib/openvpn
Start script : /usr/sbin/nologin
Groups : openvpn

This plugin displays information about the Nessus scan.

This plugin displays, for each tested host, information about the scan itself :

- The version of the plugin set.
- The type of scanner (Nessus or Nessus Home).
- The version of the Nessus Engine.
- The port scanner(s) used.
- The port range scanned.
- The ping round trip time
- Whether credentialed or third-party patch management checks are possible.
- Whether the display of superseded patches is enabled
- The date of the scan.
- The duration of the scan.
- The number of hosts scanned in parallel.
- The number of checks done in parallel.

n/a

None

Published: 2005/08/26, Modified: 2023/04/27

Information about this scan :

Nessus version : 10.2.0
Nessus build : 20075
Plugin feed version : 202306271607
Scanner edition used : Nessus
Scanner OS : LINUX
Scanner distribution : ubuntu1110-x86-64
Scan type : Normal
Scan name : Router
Scan policy used : Advanced Scan
Scanner IP : 172.17.0.2
Port scanner(s) : netstat
Port range : default
Ping RTT : 23.889 ms
Thorough tests : no
Experimental tests : no
Plugin debugging enabled : no
Paranoia level : 1
Report verbosity : 1
Safe checks : yes
Optimize the test : yes
Credentialed checks : yes, as 'vyos' via ssh
Attempt Least Privilege : no
Patch management checks : None
Display superseded patches : yes (supersedence plugin launched)
CGI scanning : disabled
Web application tests : disabled
Max hosts : 100
Max checks : 5
Recv timeout : 5
Backports : None
Allow post-scan editing : Yes
Scan Start Date : 2023/6/28 3:11 CST
Scan duration : 595 sec
Scan for malware : no

Nessus was able to parse the results of the 'netstat' command on the remote host.

The remote host has listening ports or established connections that Nessus was able to extract from the results of the 'netstat' command.

Note: The output for this plugin can be very long, and is not shown by default. To display it, enable verbose reporting in scan settings.

n/a

None

Published: 2013/02/13, Modified: 2023/05/23

Remote open ports can be enumerated via SSH.

Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.

n/a

None

Published: 2004/08/15, Modified: 2023/05/17

Port 22/tcp was found to be open

Remote open ports can be enumerated via SSH.

Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.

n/a

None

Published: 2004/08/15, Modified: 2023/05/17

Port 53/tcp was found to be open

Remote open ports can be enumerated via SSH.

Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.

n/a

None

Published: 2004/08/15, Modified: 2023/05/17

Port 53/udp was found to be open

Remote open ports can be enumerated via SSH.

Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.

n/a

None

Published: 2004/08/15, Modified: 2023/05/17

Port 67/udp was found to be open

Remote open ports can be enumerated via SSH.

Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.

n/a

None

Published: 2004/08/15, Modified: 2023/05/17

Port 123/udp was found to be open

Remote open ports can be enumerated via SSH.

Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.

n/a

None

Published: 2004/08/15, Modified: 2023/05/17

Port 546/udp was found to be open

Remote open ports can be enumerated via SSH.

Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.

n/a

None

Published: 2004/08/15, Modified: 2023/05/17

Port 3784/udp was found to be open

Remote open ports can be enumerated via SSH.

Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.

n/a

None

Published: 2004/08/15, Modified: 2023/05/17

Port 3785/udp was found to be open

Remote open ports can be enumerated via SSH.

Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.

n/a

None

Published: 2004/08/15, Modified: 2023/05/17

Port 4784/udp was found to be open

Remote open ports can be enumerated via SSH.

Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.

n/a

None

Published: 2004/08/15, Modified: 2023/05/17

Port 51820/udp was found to be open

An NTP server is listening on the remote host.

An NTP server is listening on port 123. If not securely configured, it may provide information about its version, current date, current time, and possibly system information.

n/a

None

Published: 2015/03/20, Modified: 2021/02/24

An NTP service has been discovered, listening on port 123.

No sensitive information has been disclosed.

Version : unknown

It is possible to guess the remote operating system.

Using a combination of remote probes (e.g., TCP/IP, SMB, HTTP, NTP, SNMP, etc.), it is possible to guess the name of the remote operating system in use. It is also possible sometimes to guess the version of the operating system.

n/a

None

Published: 2003/12/09, Modified: 2022/03/09

Remote operating system : Linux Kernel 5.4.234-amd64-vyos on Debian 10.13
Confidence level : 100
Method : LinuxDistribution

Not all fingerprints could give a match. If you think some or all of
the following could be used to identify the host's operating system,
please email them to [email protected]. Be sure to include a
brief description of the host itself, such as the actual operating
system or product / model names.

SSH:!:SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
uname:Linux gateway 5.4.234-amd64-vyos #1 SMP Thu May 11 16:54:11 UTC 2023 x86_64 GNU/Linux

NTP:!:unknown
SinFP:
P1:B10113:F0x12:W65535:O0204ffff:M1460:
P2:B10113:F0x12:W65535:O0204ffff03030200:M1460:
P3:B00000:F0x00:W0:O0:M0
P4:190200_7_p=22R


The remote host is running Linux Kernel 5.4.234-amd64-vyos on Debian 10.13

Information about the remote host can be disclosed via an authenticated session.

Nessus was able to login to the remote host using SSH or local commands and extract the list of installed packages.

n/a

None

Published: 2017/05/30, Modified: 2023/04/05

It was possible to log into the remote host via SSH using 'password' authentication.

The output of "uname -a" is :
Linux gateway 5.4.234-amd64-vyos #1 SMP Thu May 11 16:54:11 UTC 2023 x86_64 GNU/Linux

Local checks have been enabled for this host.
The remote Debian system is :
10.13

OS Security Patch Assessment is available for this host.
Runtime : 59.339970 seconds

Nessus was able to log in to the remote host using the provided credentials and enumerate OS security patch levels.

Nessus was able to determine OS security patch levels by logging into the remote host and running commands to determine the version of the operating system and its components. The remote host was identified as an operating system or device that Nessus supports for patch and update assessment. The necessary information was obtained to perform these checks.

n/a

None

Published: 2018/10/02, Modified: 2021/07/12

OS Security Patch Assessment is available.

Account : vyos
Protocol : SSH

OpenSSL was detected on the remote Linux host.

OpenSSL was detected on the remote Linux host.

n/a

None

Published: 2022/11/21, Modified: 2023/06/26

Nessus detected 3 installs of OpenSSL:

Path : openssl (via package manager)
Version : 1.1.1n
Managed by OS : True

Path : /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
Version : 1.1.1n

Path : /usr/lib/x86_64-linux-gnu/libssl.so.1.1
Version : 1.1.1n

We are unable to retrieve version info from the following list of OpenSSL files. However, they may include their OpenSSL version in full or part at the end of their names.

e.g. libssl.so.3 (OpenSSl 3.x), libssl.so.1.1 (OpenSSL 1.1.x)

/usr/share/bash-completion/completions/openssl

The remote host is missing several patches.

The remote host is missing one or more security patches. This plugin lists the newest version of each patch to install to make sure the remote host is up-to-date.

Note: Because the 'Show missing patches that have been superseded' setting in your scan policy depends on this plugin, it will always run and cannot be disabled.

Install the patches listed below.

None

Published: 2013/07/08, Modified: 2023/06/20

. You need to take the following 12 actions :


[ Debian DLA-3437-1 : libssh - LTS security update (176464) ]

+ Action to take : Upgrade the libssh packages.

For Debian 10 buster, these problems have been fixed in version 0.8.7-1+deb10u2.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Debian DLA-3444-1 : mariadb-10.3 - LTS security update (176730) ]

+ Action to take : Upgrade the mariadb-10.3 packages.

For Debian 10 buster, this problem has been fixed in version 1


[ Debian DLA-3445-1 : cpio - LTS security update (176664) ]

+ Action to take : Upgrade the cpio packages.

For Debian 10 buster, these problems have been fixed in version 2.12+dfsg-9+deb10u1.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Debian DLA-3447-1 : ruby2.5 - LTS security update (176884) ]

+ Action to take : Upgrade the ruby2.5 packages.

For Debian 10 Buster, these problems have been fixed in version 2.5.5-3+deb10u5.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Debian DLA-3449-1 : openssl - LTS security update (176985) ]

+ Action to take : Upgrade the openssl packages.

For Debian 10 buster, these problems have been fixed in version 1.1.1n-0+deb10u5.

+Impact : Taking this action will resolve 4 different vulnerabilities (CVEs).



[ Debian DLA-3456-1 : requests - LTS security update (177421) ]

+ Action to take : Upgrade the requests packages.

For Debian 10 buster, this problem has been fixed in version 2.21.0-1+deb10u1.


[ Debian DLA-3461-1 : libfastjson - LTS security update (177513) ]

+ Action to take : Upgrade the libfastjson packages.

For Debian 10 buster, this problem has been fixed in version 0.99.8-2+deb10u1.


[ Debian DLA-3466-1 : avahi - LTS security update (177492) ]

+ Action to take : Upgrade the avahi packages.

For Debian 10 buster, this problem has been fixed in version 0.7-4+deb10u3.


[ Debian DLA-3469-1 : lua5.3 - LTS security update (177553) ]

+ Action to take : Upgrade the lua5.3 packages.

For Debian 10 buster, these problems have been fixed in version 5.3.3-1.1+deb10u1.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Debian DLA-3471-1 : c-ares - LTS security update (177640) ]

+ Action to take : Upgrade the c-ares packages.

For Debian 10 buster, these problems have been fixed in version 1.14.0-1+deb10u3.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Debian DLA-3472-1 : libx11 - LTS security update (177636) ]

+ Action to take : Upgrade the libx11 packages.

For Debian 10 buster, this problem has been fixed in version 2


[ Debian DSA-4898-1 : wpa - security update (148967) ]

+ Action to take : Upgrade the wpa packages.

For the stable distribution (buster), these problems have been fixed in version 2:2.7+git20190128+0c1e29f-6+deb10u3.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).

Python Flask is installed on the remote host.

Flask, a micro web framework written in Python, is installed on the remote Linux host.

n/a

None

Published: 2018/12/12, Modified: 2023/06/26

Path : Package - ii python3-flask 1.0.2-3 all micro web framework based on Werkzeug and Jinja2
Version : 1.0.2-3

The remote host may be reachable from the Internet.

Although this host was scanned through a private IPv4 or local scope IPv6 address, some network interfaces are configured with global scope IPv6 addresses. Depending on the configuration of the firewalls and routers, this host may be reachable from Internet.

Disable IPv6 if you do not actually using it.

Otherwise, disable any unused IPv6 interfaces and implement IP filtering if needed.

None

Published: 2010/04/02, Modified: 2012/08/07

The following global addresss were gathered :

- ['ipv6': fe80::42a8:f0ff:feac:d1f1]['prefixlen': 64]
- ['ipv6': 2402:800:63b9:ba74::1]['prefixlen': 64]
- ['ipv6': fe80::823f:5dff:fef5:64f9]['prefixlen': 64]
- ['ipv6': fe80::200:ff:fe00:0]['prefixlen': 64]
- ['ipv6': ::1]['prefixlen': 128]
- 2402:800:63b9:3f6a:86a:46d6:c019:e26a
- 2402:800:63b9:ba74::1
- ['ipv6': fe80::f076:c6ff:fe34:a437]['prefixlen': 64]
- ['ipv6': fe80::86a:46d6:c019:e26a]['prefixlen': 10]
- ['ipv6': 2402:800:63b9:3f6a:86a:46d6:c019:e26a]['prefixlen': 64]

An SSH server is listening on this port.

This script detects which algorithms and languages are supported by the remote service for encrypting communications.

n/a

None

Published: 2013/10/28, Modified: 2017/08/28

Nessus negotiated the following encryption algorithm with the server :

The server supports the following options for kex_algorithms :

curve25519-sha256
[email protected]
diffie-hellman-group-exchange-sha256
diffie-hellman-group14-sha1
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521

The server supports the following options for server_host_key_algorithms :

ecdsa-sha2-nistp256
rsa-sha2-256
rsa-sha2-512
ssh-ed25519
ssh-rsa

The server supports the following options for encryption_algorithms_client_to_server :

aes128-ctr
[email protected]
aes192-ctr
aes256-ctr
[email protected]
[email protected]

The server supports the following options for encryption_algorithms_server_to_client :

aes128-ctr
[email protected]
aes192-ctr
aes256-ctr
[email protected]
[email protected]

The server supports the following options for mac_algorithms_client_to_server :

hmac-sha1
[email protected]
hmac-sha2-256
[email protected]
hmac-sha2-512
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]

The server supports the following options for mac_algorithms_server_to_client :

hmac-sha1
[email protected]
hmac-sha2-256
[email protected]
hmac-sha2-512
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]

The server supports the following options for compression_algorithms_client_to_server :

none
[email protected]

The server supports the following options for compression_algorithms_server_to_client :

none
[email protected]

This plugin reports the SSH commands that failed with a response indicating that privilege escalation is required to run them.

This plugin reports the SSH commands that failed with a response indicating that privilege escalation is required to run them. Either privilege escalation credentials were not provided, or the command failed to run with the provided privilege escalation credentials.

NOTE: Due to limitations inherent to the majority of SSH servers, this plugin may falsely report failures for commands containing error output expected by sudo, such as 'incorrect password', 'not in the sudoers file', or 'not allowed to execute'.

n/a

None

Published: 2017/08/01, Modified: 2020/09/22

Login account : vyos
Commands failed due to lack of privilege escalation :
- Escalation account : (none)
Escalation method : (none)
Plugins :
- Plugin Filename : bios_get_info_ssh.nasl
Plugin ID : 34098
Plugin Name : BIOS Info (SSH)
- Command : "LC_ALL=C /usr/sbin/dmidecode"
Response : "# dmidecode 3.2\nScanning /dev/mem for entry point."
Error : "/sys/firmware/dmi/tables/smbios_entry_point: Permission denied\n/dev/mem: Permission denied"
- Command : "LC_ALL=C /sbin/dmidecode"
Response : "# dmidecode 3.2\nScanning /dev/mem for entry point."
Error : "/sys/firmware/dmi/tables/smbios_entry_point: Permission denied\n/dev/mem: Permission denied"
- Plugin Filename : enumerate_oci_nix.nasl
Plugin ID : 154138
Plugin Name : Oracle Cloud Infrastructure Instance Metadata Enumeration (Linux / Unix)
- Command : "LC_ALL=C /usr/sbin/dmidecode -s chassis-asset-tag 2>&1"
Response : "/sys/firmware/dmi/tables/smbios_entry_point: Permission denied\n/dev/mem: Permission denied"
Error : ""
- Command : "LC_ALL=C /sbin/dmidecode -s chassis-asset-tag 2>&1"
Response : "/sys/firmware/dmi/tables/smbios_entry_point: Permission denied\n/dev/mem: Permission denied"
Error : ""
- Plugin Filename : host_tag_nix.nbin
Plugin ID : 87414
Plugin Name : Host Tagging (Linux)
- Command : "sh -c \"echo 25a6523ab65044f483855b52f20f182b > /etc/tenable_tag && echo OK\""
Response : null
Error : "sh: /etc/tenable_tag: Permission denied"
- Plugin Filename : linux_kernel_speculative_execution_detect.nbin
Plugin ID : 125216
Plugin Name : Processor Speculative Execution Vulnerabilities (Linux)
- Command : "cat /sys/kernel/debug/x86/pti_enabled"
Response : null
Error : "cat: /sys/kernel/debug/x86/pti_enabled\n: Permission denied"
- Command : "cat /sys/kernel/debug/x86/retp_enabled"
Response : null
Error : "cat: /sys/kernel/debug/x86/retp_enabled\n: Permission denied"
- Command : "cat /sys/kernel/debug/x86/ibrs_enabled"
Response : null
Error : "cat: /sys/kernel/debug/x86/ibrs_enabled\n: Permission denied"
- Plugin Filename : localusers_pwexpiry.nasl
Plugin ID : 83303
Plugin Name : Unix / Linux - Local Users Information : Passwords Never Expire
- Command : "cat /etc/shadow"
Response : null
Error : "cat: /etc/shadow\n: Permission denied"

The SSH server on the remote host accepts password authentication.

The SSH server on the remote host accepts password authentication.

n/a

None

Published: 2021/05/07, Modified: 2021/05/07

A SSH server is running on the remote host.

This plugin determines the versions of the SSH protocol supported by the remote SSH daemon.

n/a

None

Published: 2002/03/06, Modified: 2021/01/19

The remote SSH daemon supports the following versions of the
SSH protocol :

- 1.99
- 2.0

The remote host supports the SCP protocol over SSH.

The remote host supports the Secure Copy (SCP) protocol over SSH.

n/a

None

Published: 2016/04/26, Modified: 2017/08/28

The remote SSH server is configured to enable SHA-1 HMAC algorithms.

The remote SSH server is configured to enable SHA-1 HMAC algorithms.

Although NIST has formally deprecated use of SHA-1 for digital signatures, SHA-1 is still considered secure for HMAC as the security of HMAC does not rely on the underlying hash function being resistant to collisions.

Note that this plugin only checks for the options of the remote SSH server.

n/a

None

Published: 2021/09/23, Modified: 2022/04/05

The following client-to-server SHA-1 Hash-based Message Authentication Code (HMAC) algorithms are supported :

hmac-sha1
[email protected]

The following server-to-client SHA-1 Hash-based Message Authentication Code (HMAC) algorithms are supported :

hmac-sha1
[email protected]

An SSH server is listening on this port.

It is possible to obtain information about the remote SSH server by sending an empty authentication request.

n/a

None

Published: 1999/10/12, Modified: 2020/09/22

SSH version : SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
SSH supported authentication : publickey,password

Detects SaltStack Salt Minion installations on the remote Linux host.

SaltsSack Salt Minion, a security and configuration management automation platform, is installed on the remote Linux host.

n/a

None

Published: 2021/04/16, Modified: 2023/06/20

Path : Package - salt-minion 3003.5+ds-1
Version : 3003.5

The remote service could be identified.

Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.

n/a

None

Published: 2007/08/19, Modified: 2023/03/29

An SSH server is running on this port.

It was possible to enumerate installed software on the remote host via SSH.

Nessus was able to list the software installed on the remote host by calling the appropriate command (e.g., 'rpm -qa' on RPM-based Linux distributions, qpkg, dpkg, etc.).

Remove any software that is not in compliance with your organization's acceptable use and security policies.

None

Published: 2006/10/15, Modified: 2022/09/06

Here is the list of packages installed on the remote Debian Linux system :

ii accel-ppp 1.12.0-170-g0b4ef98 amd64 PPtP/L2TP/PPPoE/SSTP server for Linux
ii acpid 1:2.0.31-1 amd64 Advanced Configuration and Power Interface event daemon
ii adduser 3.118 all add and remove users and groups
ii apt 1.8.2.3 amd64 commandline package manager
ii apt-transport-https 1.8.2.3 all transitional package for https support
ii apt-utils 1.8.2.3 amd64 package management related utility programs
ii aptitude 0.8.11-7 amd64 terminal-based package manager
ii aptitude-common 0.8.11-7 all architecture independent files for the aptitude package manager
ii at 3.1.23-1 amd64 Delayed job execution and batch processing
ii atop 2.4.0-3 amd64 Monitor for system resources and process activity
ii base-files 10.3+deb10u13 amd64 Debian base system miscellaneous files
ii base-passwd 3.5.46 amd64 Debian base system master password and group files
ii bash 5.0-4 amd64 GNU Bourne Again SHell
ii bash-completion 1:2.8-6 all programmable completion for the bash shell
ii beep 1.4.3-2 amd64 advanced PC-speaker beeper
ii bgpq3 0.1.35-1 amd64 automatic BGP filter generator using RADB data
ii bind9-host 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 DNS lookup utility (deprecated)
ii bmon 1:4.0-5 amd64 portable bandwidth monitor and rate estimator
ii bridge-utils 1.6-2 amd64 Utilities for configuring the Linux Ethernet bridge
ii bsdmainutils 11.1.2+b1 amd64 collection of more utilities from FreeBSD
ii bsdutils 1:2.33.1-0.1 amd64 basic utilities from 4.4BSD-Lite
ii busybox 1:1.30.1-4 amd64 Tiny utilities for small and embedded systems
ii bzip2 1.0.6-9.2~deb10u2 amd64 high-quality block-sorting file compressor - utilities
ii ca-certificates 20200601~deb10u2 all Common CA certificates
ii certbot 0.31.0-1+deb10u1 all automatically configure HTTPS using Let's Encrypt
ii cluster-glue 1.0.12-12 amd64 Reusable cluster components for Linux HA
ii cme 1.029-1 all Check or edit configuration data with Config::Model
ii conmon 2.0.25+ds1-1.1 amd64 OCI container runtime monitor
ii conntrack 1:1.4.6-1 amd64 Program to modify the conntrack tables
ii conntrackd 1:1.4.6-1 amd64 Connection tracking daemon
ii conserver-client 8.2.6-1~bpo10+1 amd64 connect to a console server
ii conserver-server 8.2.6-1~bpo10+1 amd64 connect multiple user to a serial console with logging
ii console-data 2:1.12-6 all keymaps, fonts, charset maps, fallback tables for 'kbd'.
ii console-setup-linux 1.193~deb10u1 all Linux specific part of console-setup
ii containernetworking-plugins 0.9.0-1+b6 amd64 standard networking plugins - binaries
ii coreutils 8.30-3 amd64 GNU core utilities
ii cpio 2.12+dfsg-9 amd64 GNU cpio -- a program to manage archives of files
ii crda 3.18-1 amd64 wireless Central Regulatory Domain Agent
ii cron 3.0pl1-134+deb10u1 amd64 process scheduling daemon
ii curl 7.64.0-4+deb10u6 amd64 command line tool for transferring data with URL syntax
ii dash 0.5.10.2-5 amd64 POSIX-compliant shell
ii dbus 1.12.24-0+deb10u1 amd64 simple interprocess messaging system (daemon and utilities)
ii dctrl-tools 2.24-3 amd64 Command-line tools to process Debian package information
ii ddclient 3.9.1-7 all address updating utility for dynamic DNS services
ii debconf 1.5.71+deb10u1 all Debian configuration management system
ii debian-archive-keyring 2019.1+deb10u1 all GnuPG archive keys of the Debian archive
ii debianutils 4.8.6.1 amd64 Miscellaneous utilities specific to Debian
ii dialog 1.3-20190211-1 amd64 Displays user-friendly dialog boxes from shell scripts
ii diffutils 1:3.7-3 amd64 File comparison utilities
ii dirmngr 2.2.12-1+deb10u2 amd64 GNU privacy guard - network certificate management service
ii distro-info-data 0.41+deb10u7 all information about the distributions' releases (data files)
ii dmidecode 3.2-1 amd64 SMBIOS/DMI table decoder
ii dmsetup 2:1.02.155-3 amd64 Linux Kernel Device Mapper userspace library
ii dns-root-data 2019031302 all DNS root data including root zone and DNSSEC key
ii dnsutils 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 Clients provided with BIND
ii dosfstools 4.1-2 amd64 utilities for making and checking MS-DOS FAT filesystems
ii dpkg 1.19.8 amd64 Debian package management system
ii dropbear 2019.78-2 all lightweight SSH2 server and client - startup scripts
ii dropbear-bin 2019.78-2 amd64 lightweight SSH2 server and client - command line tools
ii e2fsprogs 1.44.5-1+deb10u3 amd64 ext2/ext3/ext4 file system utilities
ii easy-rsa 3.0.6-1 all Simple shell based CA utility
ii ed 1.15-1 amd64 classic UNIX line editor
ii efibootmgr 15-1 amd64 Interact with the EFI Boot Manager
ii etherwake 1.09-4+b1 amd64 tool to send magic Wake-on-LAN packets
ii ethtool 1:4.19-1 amd64 display or change Ethernet device settings
ii fastnetmon 1.1.3+dfsg-8.1 amd64 fast DDoS analyzer with sflow/netflow/mirror support (community edition)
ii fdisk 2.33.1-0.1 amd64 collection of partitioning utilities
ii file 1:5.35-4+deb10u2 amd64 Recognize the type of data in a file using "magic" numbers
ii findutils 4.6.0+git+20190209-2 amd64 utilities for finding files--find, xargs
ii frr 7.5.1-20230529-02-gba1778129-0 amd64 FRRouting suite of internet protocols (BGP, OSPF, IS-IS, ...)
ii frr-pythontools 7.5.1-20230529-02-gba1778129-0 all FRRouting suite - Python tools
ii frr-rpki-rtrlib 7.5.1-20230529-02-gba1778129-0 amd64 FRRouting suite - BGP RPKI support (rtrlib)
ii frr-snmp 7.5.1-20230529-02-gba1778129-0 amd64 FRRouting suite - SNMP support
ii fuse 2.9.9-1+deb10u1 amd64 Filesystem in Userspace
ii gawk 1:4.2.1+dfsg-1 amd64 GNU awk, a pattern scanning and processing language
ii gcc-8-base 8.3.0-6 amd64 GCC, the GNU Compiler Collection (base package)
ii gdisk 1.0.3-1.1 amd64 GPT fdisk text-mode partitioning tool
ii gettext-base 0.19.8.1-9 amd64 GNU Internationalization utilities for the base system
ii gir1.2-glib-2.0 1.58.3-2 amd64 Introspection data for GLib, GObject, Gio and GModule
ii gnupg 2.2.12-1+deb10u2 all GNU privacy guard - a free PGP replacement
ii gnupg-l10n 2.2.12-1+deb10u2 all GNU privacy guard - localization files
ii gnupg-utils 2.2.12-1+deb10u2 amd64 GNU privacy guard - utility programs
ii gnupg2 2.2.12-1+deb10u2 all GNU privacy guard - a free PGP replacement (dummy transitional package)
ii gnustep-base-common 1.26.0-4+deb10u1 all GNUstep Base library - common files
ii gnustep-base-runtime 1.26.0-4+deb10u1 amd64 GNUstep Base library - daemons and tools
ii gnustep-common 2.7.0-4 amd64 Common files for the core GNUstep environment
ii golang-github-containers-common 0.33.4+ds1-1+deb11u2 all Common files for github.com/containers repositories
ii golang-github-containers-image 5.10.3-1 all Configuration files and manpages for github.com/containers repositories
ii gpg 2.2.12-1+deb10u2 amd64 GNU Privacy Guard -- minimalist public key operations
ii gpg-agent 2.2.12-1+deb10u2 amd64 GNU privacy guard - cryptographic agent
ii gpg-wks-client 2.2.12-1+deb10u2 amd64 GNU privacy guard - Web Key Service client
ii gpg-wks-server 2.2.12-1+deb10u2 amd64 GNU privacy guard - Web Key Service server
ii gpgconf 2.2.12-1+deb10u2 amd64 GNU privacy guard - core configuration utilities
ii gpgsm 2.2.12-1+deb10u2 amd64 GNU privacy guard - S/MIME version
ii gpgv 2.2.12-1+deb10u2 amd64 GNU privacy guard - signature verification tool
ii grc 1.11.3-1 all generic colouriser for everything
ii grep 3.3-1 amd64 GNU grep, egrep and fgrep
ii grub-common 2.06-3~deb10u3 amd64 GRand Unified Bootloader (common files)
ii grub-efi-amd64-bin 2.06-3~deb10u3 amd64 GRand Unified Bootloader, version 2 (EFI-AMD64 modules)
ii grub-pc 2.06-3~deb10u3 amd64 GRand Unified Bootloader, version 2 (PC/BIOS version)
ii grub-pc-bin 2.06-3~deb10u3 amd64 GRand Unified Bootloader, version 2 (PC/BIOS modules)
ii grub2 2.06-3~deb10u3 amd64 GRand Unified Bootloader, version 2 (dummy package)
ii grub2-common 2.06-3~deb10u3 amd64 GRand Unified Bootloader (common files for version 2)
ii gzip 1.9-3+deb10u1 amd64 GNU compression utilities
ii haveged 1.9.1-7 amd64 Linux entropy source using the HAVEGE algorithm
ii hdparm 9.58+ds-1 amd64 tune hard disk parameters for high performance
ii heartbeat 1:3.0.6-9 amd64 Subsystem for High-Availability Linux
ii hostapd 2.10-520-gb704dc72e amd64 access point and authentication server for Wi-Fi and Ethernet
ii hostname 3.21 amd64 utility to set/show the host name or domain name
ii htop 2.2.0-1+b1 amd64 interactive processes viewer
ii hvinfo 1.2.0 amd64 x86 hypervisor detection tool
ii hyperv-daemons 4.19.282-1 amd64 Support daemons for Linux running on Hyper-V
ii ieee-data 20180805.1 all OUI and IAB listings
ii iftop 1.0~pre4-6 amd64 displays bandwidth usage information on an network interface
ii igmpproxy 0.2.1-1 amd64 IGMP multicast routing daemon
ii init-system-helpers 1.56+nmu1 all helper tools for all init systems
ii initramfs-tools 0.140 all generic modular initramfs generator (automation)
ii initramfs-tools-core 0.140 all generic modular initramfs generator (core tools)
ii insserv 1.18.0-2 amd64 boot sequence organizer using LSB init.d script dependency information
ii installation-report 2.71 all system installation report
ii iotop 0.6-24-g733f3f8-1 amd64 simple top-like I/O monitor
ii ipaddrcheck 1.2 amd64 IPv4 and IPv6 address validation utility
ii ipcalc 0.41-5 all parameter calculator for IPv4 addresses
ii iperf 2.0.12+dfsg1-2 amd64 Internet Protocol bandwidth measuring tool
ii iperf3 3.6-2 amd64 Internet Protocol bandwidth measuring tool
ii iproute2 5.4.0-1~bpo10+1 amd64 networking and traffic control tools
ii ipset 6.38-1.2 amd64 administration tool for kernel IP sets
ii iptables 1.8.2-4 amd64 administration tools for packet filtering and NAT
ii iputils-arping 3:20180629-2+deb10u2 amd64 Tool to send ICMP echo requests to an ARP address
ii iputils-ping 3:20180629-2+deb10u2 amd64 Tools to test the reachability of network hosts
ii ipvsadm 1:1.29-1 amd64 Linux Virtual Server support programs
ii irqtop 2.3-5+deb10u1 all Observe IRQ and SoftIRQ in a top-like fashion
ii isc-dhcp-client 4.4.1-2+deb10u3 amd64 DHCP client for automatically obtaining an IP address
ii isc-dhcp-relay 4.4.1-2+deb10u3 amd64 ISC DHCP relay daemon
ii isc-dhcp-server 4.4.1-2+deb10u3 amd64 ISC DHCP server for automatic IP address assignment
ii iw 5.0.1-1 amd64 tool for configuring Linux wireless devices
ii kbd 2.0.4-4 amd64 Linux console font and keytable utilities
ii keepalived 1:2.2.4-227-g8af889bc amd64 Failover and monitoring daemon for LVS clusters
ii keyboard-configuration 1.193~deb10u1 all system-wide keyboard preferences
ii kitty-terminfo 0.13.3-1+deb10u1 all fast, featureful, GPU based terminal emulator (terminfo file)
ii klibc-utils 2.0.6-1+deb10u1 amd64 small utilities built with klibc for early boot
ii kmod 26-1 amd64 tools for managing Linux kernel modules
ii laptop-detect 0.16 all system chassis type checker
ii lcdproc 0.5.9-3 amd64 LCD display driver daemon and clients
ii lcdproc-extra-drivers 0.5.9-3 amd64 extra drivers for the LCD display driver daemon
ii less 487-0.1+b1 amd64 pager program similar to more
ii libacl1 2.2.53-4 amd64 access control list - shared library
ii libapp-cmd-perl 0.331-1 all Perl interface to write command line apps with less suffering
ii libapparmor1 2.13.2-10 amd64 changehat AppArmor library
ii libapt-inst2.0 1.8.2.3 amd64 deb package format runtime library
ii libapt-pkg5.0 1.8.2.3 amd64 package management runtime library
ii libargon2-1 0~20171227-0.2 amd64 memory-hard hashing function - runtime library
ii libassuan0 2.5.2-1 amd64 IPC library for the GnuPG components
ii libatomic1 8.3.0-6 amd64 support library providing __atomic built-in functions
ii libattr1 1:2.4.48-4 amd64 extended attribute handling - shared library
ii libaudit-common 1:2.8.4-3 all Dynamic library for security auditing - common files
ii libaudit1 1:2.8.4-3 amd64 Dynamic library for security auditing
ii libavahi-client3 0.7-4+deb10u2 amd64 Avahi client library
ii libavahi-common-data 0.7-4+deb10u2 amd64 Avahi common data files
ii libavahi-common3 0.7-4+deb10u2 amd64 Avahi common library
ii libb-hooks-op-check-perl 0.22-1+b1 amd64 Perl wrapper for OP check callbacks
ii libbind9-161 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 BIND9 Shared Library used by BIND
ii libblas3 3.8.0-2 amd64 Basic Linear Algebra Reference implementations, shared library
ii libblkid1 2.33.1-0.1 amd64 block device ID library
ii libboolean-perl 0.46-1 all module providing transparent support for booleans
ii libboost-atomic1.67.0 1.67.0-13+deb10u1 amd64 atomic data types, operations, and memory ordering constraints
ii libboost-chrono1.67.0 1.67.0-13+deb10u1 amd64 C++ representation of time duration, time point, and clocks
ii libboost-context1.67.0 1.67.0-13+deb10u1 amd64 provides a sort of cooperative multitasking on a single thread
ii libboost-date-time1.67.0 1.67.0-13+deb10u1 amd64 set of date-time libraries based on generic programming concepts
ii libboost-filesystem1.67.0 1.67.0-13+deb10u1 amd64 filesystem operations (portable paths, iteration over directories, etc) in C++
ii libboost-iostreams1.67.0 1.67.0-13+deb10u1 amd64 Boost.Iostreams Library
ii libboost-program-options1.67.0 1.67.0-13+deb10u1 amd64 program options library for C++
ii libboost-regex1.67.0 1.67.0-13+deb10u1 amd64 regular expression library for C++
ii libboost-system1.67.0 1.67.0-13+deb10u1 amd64 Operating system (e.g. diagnostics support) library
ii libboost-thread1.67.0 1.67.0-13+deb10u1 amd64 portable C++ multi-threading
ii libbsd0 0.9.1-2+deb10u1 amd64 utility functions from BSD systems - shared library
ii libbson-1.0-0 1.14.0-1 amd64 Library to parse and generate BSON documents - runtime files
ii libbz2-1.0 1.0.6-9.2~deb10u2 amd64 high-quality block-sorting file compressor library - runtime
ii libc-ares2 1.14.0-1+deb10u2 amd64 asynchronous name resolver
ii libc-bin 2.28-10+deb10u2 amd64 GNU C Library: Binaries
ii libc-l10n 2.28-10+deb10u2 all GNU C Library: localization files
ii libc6 2.28-10+deb10u2 amd64 GNU C Library: Shared libraries
ii libcap-ng0 0.7.9-2 amd64 An alternate POSIX capabilities library
ii libcap2 1:2.25-2 amd64 POSIX 1003.1e capabilities (library)
ii libcap2-bin 1:2.25-2 amd64 POSIX 1003.1e capabilities (utilities)
ii libcapture-tiny-perl 0.48-1 all module to capture STDOUT and STDERR
ii libcarp-assert-more-perl 1.16-1 all set of convenience wrappers for libcarp-assert-perl
ii libcarp-assert-perl 0.21-1 all Carp::Assert - executable comments for perl
ii libcharon-extra-plugins 5.7.2-2+vyos1.3 amd64 strongSwan charon library (extra plugins)
ii libcidr0 1.2.3-3 amd64 IP addresses and netblocks manipulation library
ii libclass-data-inheritable-perl 0.08-3 all Perl module to create accessors to class data
ii libclass-load-perl 0.25-1 all module for loading modules by name
ii libclone-choose-perl 0.010-1 all Choose appropriate clone utility (Perl library)
ii libcom-err2 1.44.5-1+deb10u3 amd64 common error description library
ii libconfig-model-lcdproc-perl 2.052-2 all module to edit and validate LcdProc configuration file
ii libconfig-model-perl 2.133-1 all module for describing and editing configuration data
ii libconfuse-common 3.2.2+dfsg-1 all Common files for libConfuse
ii libconfuse2 3.2.2+dfsg-1 amd64 Library for parsing configuration files
ii libcrypt-openssl-bignum-perl 0.09-1+b1 amd64 Perl module to access OpenSSL multiprecision integer arithmetic libraries
ii libcrypt-openssl-random-perl 0.15-1+b1 amd64 module to access the OpenSSL pseudo-random number generator
ii libcrypt-openssl-rsa-perl 0.31-1+b1 amd64 module for RSA encryption using OpenSSL
ii libcryptsetup12 2:2.1.0-5+deb10u2 amd64 disk encryption support - shared library
ii libcurl4 7.64.0-4+deb10u6 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
ii libcwidget3v5 0.5.17-11 amd64 high-level terminal interface library for C++ (runtime files)
ii libdata-optlist-perl 0.110-1 all module to parse and validate simple name/value option pairs
ii libdata-validate-ip-perl 0.27-1 all Perl module for IP validation
ii libdb5.3 5.3.28+dfsg1-0.5 amd64 Berkeley v5.3 Database Libraries [runtime]
ii libdbi-perl 1.642-1+deb10u2 amd64 Perl Database Interface (DBI)
ii libdbus-1-3 1.12.24-0+deb10u1 amd64 simple interprocess messaging system (library)
ii libdbus-glib-1-2 0.110-4 amd64 deprecated library for D-Bus IPC
ii libdebconfclient0 0.249 amd64 Debian Configuration Management System (C-implementation library)
ii libdevel-callchecker-perl 0.008-1 amd64 custom op checking attached to subroutines
ii libdevel-stacktrace-perl 2.0300-1 all Perl module containing stack trace and related objects
ii libdevmapper1.02.1 2:1.02.155-3 amd64 Linux Kernel Device Mapper userspace library
ii libdns-export1104 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 Exported DNS Shared Library
ii libdns1104 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 DNS Shared Library used by BIND
ii libdpkg-perl 1.19.8 all Dpkg perl modules
ii libdrm-common 2.4.97-1 all Userspace interface to kernel DRM services -- common files
ii libdrm2 2.4.97-1 amd64 Userspace interface to kernel DRM services -- runtime
ii libdumbnet1 1.12-8 amd64 dumb, portable networking library -- shared library
ii libdynaloader-functions-perl 0.003-1 all deconstructed dynamic C library loading
ii libecap3 1.0.1-3.2 amd64 eCAP library
ii libedit2 3.1-20181209-1 amd64 BSD editline and history libraries
ii libefiboot1 37-2+deb10u1 amd64 Library to manage UEFI variables
ii libefivar1 37-2+deb10u1 amd64 Library to manage UEFI variables
ii libelf1 0.176-1.1 amd64 library to read and write ELF files
ii libestr0 0.1.10-2.1 amd64 Helper functions for handling strings (lib)
ii libev4 1:4.25-1 amd64 high-performance event loop library modelled after libevent
ii libevent-2.1-6 2.1.8-stable-4 amd64 Asynchronous event notification library
ii libexception-class-perl 1.44-1 all module that allows you to declare real exception classes in Perl
ii libexpat1 2.2.6-2+deb10u6 amd64 XML parsing C library - runtime library
ii libexporter-tiny-perl 1.002001-1 all tiny exporter similar to Sub::Exporter
ii libext2fs2 1.44.5-1+deb10u3 amd64 ext2/ext3/ext4 file system libraries
ii libfastjson4 0.99.8-2 amd64 fast json library for C
ii libfdisk1 2.33.1-0.1 amd64 fdisk partitioning library
ii libffi6 3.2.1-9 amd64 Foreign Function Interface library runtime
ii libfile-homedir-perl 1.004-1 all Perl module for finding user directories across platforms
ii libfile-sync-perl 0.11-2+b6 amd64 Perl interface to sync() and fsync()
ii libfile-which-perl 1.23-1 all Perl module for searching paths for executable programs
ii libfl2 2.6.4-6.2 amd64 SHARED library for flex (a fast lexical analyzer generator)
ii libfreetype6 2.9.1-3+deb10u3 amd64 FreeType 2 font engine, shared library files
ii libfstrm0 0.4.0-1 amd64 Frame Streams (fstrm) library
ii libfuse2 2.9.9-1+deb10u1 amd64 Filesystem in Userspace (library)
ii libgc1c2 1:7.6.4-0.4 amd64 conservative garbage collector for C and C++
ii libgcc1 1:8.3.0-6 amd64 GCC support library
ii libgcrypt20 1.8.4-5+deb10u1 amd64 LGPL Crypto library - runtime library
ii libgdbm-compat4 1.18.1-4 amd64 GNU dbm database routines (legacy support runtime version)
ii libgdbm6 1.18.1-4 amd64 GNU dbm database routines (runtime version)
ii libgeoip1 1.6.12-1 amd64 non-DNS IP-to-country resolver library
ii libgetopt-long-descriptive-perl 0.103-2 all module that handles command-line arguments with usage text
ii libgfortran5 8.3.0-6 amd64 Runtime library for GNU Fortran applications
ii libgirepository-1.0-1 1.58.3-2 amd64 Library for handling GObject introspection data (runtime library)
ii libglib2.0-0 2.58.3-2+deb10u4 amd64 GLib library of C routines
ii libgmp10 2:6.1.2+dfsg-4+deb10u1 amd64 Multiprecision arithmetic library
ii libgnat-8 8.3.0-6 amd64 runtime for applications compiled with GNAT (shared library)
ii libgnustep-base1.26 1.26.0-4+deb10u1 amd64 GNUstep Base library
ii libgnutls30 3.6.7-4+deb10u10 amd64 GNU TLS library - main runtime library
ii libgpg-error0 1.35-1 amd64 GnuPG development runtime library
ii libgpgme11 1.12.0-6 amd64 GPGME - GnuPG Made Easy (library)
ii libgssapi-krb5-2 1.17-3+deb10u5 amd64 MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
ii libgudev-1.0-0 232-2 amd64 GObject-based wrapper library for libudev
ii libhash-merge-perl 0.300-1 all Perl module for merging arbitrarily deep hashes into a single hash
ii libhavege1 1.9.1-7 amd64 entropy source using the HAVEGE algorithm - shared library
ii libheartbeat2 1:3.0.6-9 amd64 Subsystem for High-Availability Linux (libraries)
ii libhiredis0.14 0.14.0-3 amd64 minimalistic C client library for Redis
ii libhogweed4 3.4.1-1+deb10u1 amd64 low level cryptographic library (public-key cryptos)
ii libhttp-parser2.8 2.8.1-1+deb10u3 amd64 parser for HTTP messages written in C
ii libicu63 63.1-6+deb10u3 amd64 International Components for Unicode
ii libidn11 1.33-2.2 amd64 GNU Libidn library, implementation of IETF IDN specifications
ii libidn2-0 2.0.5-1+deb10u1 amd64 Internationalized domain names (IDNA2008/TR46) library
ii libio-prompt-perl 0.997004-1 all module to interactively prompt for user input
ii libio-socket-ssl-perl 2.060-3 all Perl module implementing object oriented interface to SSL sockets
ii libio-stringy-perl 2.111-3 all modules for I/O on in-core objects (strings/arrays)
ii libio-tiecombine-perl 1.005-1 all Perl module to collect output via any kind of tied variable
ii libip4tc0 1.8.2-4 amd64 netfilter libip4tc library
ii libip6tc0 1.8.2-4 amd64 netfilter libip6tc library
ii libiperf0 3.6-2 amd64 Internet Protocol bandwidth measuring tool (runtime files)
ii libipset11 6.38-1.2 amd64 library for IP sets
ii libiptc0 1.8.2-4 amd64 netfilter libiptc library
ii libirs-export161 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 Exported IRS Shared Library
ii libirs161 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 DNS Shared Library used by BIND
ii libisc-export1100 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 Exported ISC Shared Library
ii libisc1100 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 ISC Shared Library used by BIND
ii libisccc161 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 Command Channel Library used by BIND
ii libisccfg-export163 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 Exported ISC CFG Shared Library
ii libisccfg163 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 Config File Handling Library used by BIND
ii libjansson4 2.12-1 amd64 C library for encoding, decoding and manipulating JSON data
ii libjim0.77 0.77+dfsg0-3 amd64 small-footprint implementation of Tcl - shared library
ii libjs-jquery 3.3.1~dfsg-3+deb10u1 all JavaScript library for dynamic web applications
ii libjson-c3 0.12.1+ds-2+deb10u1 amd64 JSON manipulation library - shared library
ii libjson-perl 4.02000-1 all module for manipulating JSON-formatted data
ii libk5crypto3 1.17-3+deb10u5 amd64 MIT Kerberos runtime libraries - Crypto Library
ii libkeyutils1 1.6-6 amd64 Linux Key Management Utilities (library)
ii libklibc 2.0.6-1+deb10u1 amd64 minimal libc subset for use with initramfs
ii libkmod2 26-1 amd64 libkmod shared library
ii libkrb5-3 1.17-3+deb10u5 amd64 MIT Kerberos runtime libraries
ii libkrb5support0 1.17-3+deb10u5 amd64 MIT Kerberos runtime libraries - Support library
ii libksba8 1.3.5-2+deb10u2 amd64 X.509 and CMS support library
ii libldap-2.4-2 2.4.47+dfsg-3+deb10u7 amd64 OpenLDAP libraries
ii libldap-common 2.4.47+dfsg-3+deb10u7 all OpenLDAP common files for libraries
ii liblinear3 2.1.0+dfsg-4 amd64 Library for Large Linear Classification
ii liblirc-client0 0.10.1-6.3~deb10u1 amd64 infra-red remote control support - client library
ii liblist-moreutils-perl 0.416-1+b4 amd64 Perl module with additional list functions not found in List::Util
ii liblmdb0 0.9.22-1 amd64 Lightning Memory-Mapped Database shared library
ii liblocale-gettext-perl 1.07-3+b4 amd64 module using libc functions for internationalization in Perl
ii liblockfile-bin 1.14-1.1 amd64 support binaries for and cli utilities based on liblockfile
ii liblockfile1 1.14-1.1 amd64 NFS-safe locking library
ii liblog-log4perl-perl 1.49-1 all Perl port of the widely popular log4j logging package
ii liblog4cpp5v5 1.1.3-1 amd64 C++ library for flexible logging (runtime)
ii liblognorm5 2.0.5-1 amd64 log normalizing library
ii liblrm2 1.0.12-12 amd64 Reusable cluster libraries -- liblrm2
ii libltdl7 2.4.6-9 amd64 System independent dlopen wrapper for GNU libtool
ii liblua5.3-0 5.3.3-1.1 amd64 Shared library for the Lua interpreter version 5.3
ii libluajit-5.1-2 2.1.0~beta3+dfsg-5.1 amd64 Just in time compiler for Lua - library version
ii libluajit-5.1-common 2.1.0~beta3+dfsg-5.1 all Just in time compiler for Lua - common files
ii liblwres161 1:9.11.5.P4+dfsg-5.1+deb10u8 amd64 Lightweight Resolver Library used by BIND
ii liblz4-1 1.8.3-1+deb10u1 amd64 Fast LZ compression algorithm library - runtime
ii liblzma5 5.2.4-1+deb10u1 amd64 XZ-format compression library
ii liblzo2-2 2.10-0.1 amd64 data compression library
ii libmagic-mgc 1:5.35-4+deb10u2 amd64 File type determination library using "magic" numbers (compiled magic file)
ii libmagic1 1:5.35-4+deb10u2 amd64 Recognize the type of data in a file using "magic" numbers - library
ii libmariadb3 1:10.3.38-0+deb10u1 amd64 MariaDB database client library
ii libmath-base85-perl 0.4+dfsg-1 all Perl extension for base 85 numbers, as referenced by RFC 1924
ii libmath-bigint-perl 1.999816-1 all arbitrary size integer/float math package
ii libmaxminddb0 1.3.2-1+deb10u1 amd64 IP geolocation database library
ii libmbim-glib4 1.24.6-0.1~bpo10+1 amd64 Support library to use the MBIM protocol
ii libmbim-proxy 1.24.6-0.1~bpo10+1 amd64 Proxy to communicate with MBIM ports
ii libmm-glib0 1.14.12-0.1~bpo10+1 amd64 D-Bus service for managing modems - shared libraries
ii libmnl0 1.0.4-2 amd64 minimalistic Netlink communication library
ii libmodule-implementation-perl 0.09-1 all module for loading one of several alternate implementations of a module
ii libmodule-pluggable-perl 5.2-1 all module for giving modules the ability to have plugins
ii libmodule-runtime-perl 0.016-1 all Perl module for runtime module handling
ii libmongoc-1.0-0 1.14.0-1 amd64 MongoDB C client library - runtime files
ii libmount1 2.33.1-0.1 amd64 device mounting library
ii libmouse-perl 2.5.6-1+b1 amd64 lightweight object framework for Perl
ii libmousex-nativetraits-perl 1.09-2 all extension for attribute interfaces for Mouse
ii libmousex-strictconstructor-perl 0.02-2 all Mouse extension for making object constructors die on unknown attributes
ii libmpdec2 2.4.2-2 amd64 library for decimal floating point arithmetic (runtime library)
ii libmpfr6 4.0.2-1 amd64 multiple precision floating-point computation
ii libmspack0 0.10.1-1 amd64 library for Microsoft compression formats (shared library)
ii libncurses6 6.1+20181013-2+deb10u3 amd64 shared libraries for terminal handling
ii libncursesw6 6.1+20181013-2+deb10u3 amd64 shared libraries for terminal handling (wide character support)
ii libndp-tools 1.6-1+b1 amd64 Library for Neighbor Discovery Protocol (tools)
ii libndp0 1.6-1+b1 amd64 Library for Neighbor Discovery Protocol
ii libndpi2.6 2.6-3+deb10u1 amd64 extensible deep packet inspection library - shared library
ii libnet-ipv6addr-perl 0.96-1 all module to validate/manipulate IPv6 addresses
ii libnet-netmask-perl 1.9104-1 all module to parse, manipulate and lookup IP network blocks
ii libnet-ssleay-perl 1.85-2+deb10u1 amd64 Perl module for Secure Sockets Layer (SSL)
ii libnet1 1.1.6+dfsg-3.1 amd64 library for the construction and handling of network packets
ii libnetaddr-ip-perl 4.079+dfsg-1+b3 amd64 IP address manipulation module
ii libnetfilter-conntrack3 1.0.8-1 amd64 Netfilter netlink-conntrack library
ii libnetfilter-cthelper0 1.0.0-1+b1 amd64 userspace-helper for netfilter library
ii libnetfilter-cttimeout1 1.0.0-2+b1 amd64 fine-grain connection tracking timeout infrastructure for netfilter
ii libnetfilter-log1 1.0.1-1.1+b1 amd64 Netfilter netlink-log library
ii libnetfilter-queue1 1.0.3-1 amd64 Netfilter netlink-queue library
ii libnettle6 3.4.1-1+deb10u1 amd64 low level cryptographic library (symmetric and one-way cryptos)
ii libnetwork-ipv4addr-perl 0.10.ds-3 all Perl extension for manipulating IPv4 addresses
ii libnfnetlink0 1.0.1-3+b1 amd64 Netfilter netlink library
ii libnftables1 0.9.6-1 amd64 Netfilter nftables high level userspace API library
ii libnftnl11 1.1.7-1 amd64 Netfilter nftables userspace API library
ii libnghttp2-14 1.36.0-2+deb10u1 amd64 library implementing HTTP/2 protocol (shared library)
ii libnginx-mod-http-echo 1.14.2-2+deb10u5 amd64 Bring echo and more shell style goodies to Nginx
ii libnl-3-200 3.4.0-1 amd64 library for dealing with netlink sockets
ii libnl-genl-3-200 3.4.0-1 amd64 library for dealing with netlink sockets - generic netlink
ii libnl-route-3-200 3.4.0-1 amd64 library for dealing with netlink sockets - route interface
ii libnorm1 1.5.8+dfsg2-1 amd64 NACK-Oriented Reliable Multicast (NORM) library
ii libnpth0 1.6-1 amd64 replacement for GNU Pth using system threads
ii libnss-mapuser 1.1.0-cl3u1 amd64 NSS modules to map any requested username to a local account
ii libnss-myhostname 241-7~deb10u9 amd64 nss module providing fallback resolution for the current hostname
ii liboath0 2.6.1-1.3 amd64 OATH Toolkit Liboath library
ii libobjc4 8.3.0-6 amd64 Runtime library for GNU Objective-C applications
ii libopenhpi3 3.8.0-2 amd64 OpenHPI libraries (runtime and support files)
ii libopenipmi0 2.0.25-2.1 amd64 Intelligent Platform Management Interface - runtime
ii libopts25 1:5.18.12-4 amd64 automated option processing library based on autogen
ii libp11-kit0 0.23.15-2+deb10u1 amd64 library for loading and coordinating access to PKCS#11 modules - runtime
ii libpackage-stash-perl 0.38-1 all module providing routines for manipulating stashes
ii libpam-cap 1:2.25-2 amd64 POSIX 1003.1e capabilities (PAM module)
ii libpam-modules 1.3.1-5 amd64 Pluggable Authentication Modules for PAM
ii libpam-modules-bin 1.3.1-5 amd64 Pluggable Authentication Modules for PAM - helper binaries
ii libpam-radius-auth 1.5.0-cl3u1 amd64 PAM RADIUS client authentication module
ii libpam-runtime 1.3.1-5 all Runtime support for the PAM library
ii libpam-systemd 241-7~deb10u9 amd64 system and service manager - PAM module
ii libpam0g 1.3.1-5 amd64 Pluggable Authentication Modules library
ii libparams-classify-perl 0.015-1+b1 amd64 Perl module for argument type classification
ii libparams-util-perl 1.07-3+b4 amd64 Perl extension for simple stand-alone param checking functions
ii libparams-validate-perl 1.29-1+b1 amd64 Perl module to validate parameters to Perl method/function calls
ii libparse-recdescent-perl 1.967015+dfsg-2 all Perl module to create and use recursive-descent parsers
ii libparted2 3.2-25 amd64 disk partition manipulator - shared library
ii libpath-tiny-perl 0.108-1 all file path utility
ii libpcap0.8 1.8.1-6+deb10u1 amd64 system interface for user-level packet capture
ii libpci3 1:3.5.2-1 amd64 Linux PCI Utilities (shared library)
ii libpcl1 1.12-1 amd64 Portable Coroutine Library (PCL)
ii libpcre2-8-0 10.32-5+deb10u1 amd64 New Perl Compatible Regular Expression Library- 8 bit runtime files
ii libpcre3 2:8.39-12 amd64 Old Perl 5 Compatible Regular Expression Library - runtime files
ii libpcsclite1 1.8.24-1 amd64 Middleware to access a smart card using PC/SC (library)
ii libperl5.28 5.28.1-6+deb10u1 amd64 shared Perl library
ii libpgm-5.2-0 5.2.122~dfsg-3 amd64 OpenPGM shared library
ii libpils2 1.0.12-12 amd64 Reusable cluster libraries -- libpils2
ii libpkcs11-helper1 1.25.1-1 amd64 library that simplifies the interaction with PKCS#11
ii libplumb2 1.0.12-12 amd64 Reusable cluster libraries -- libplumb2
ii libplumbgpl2 1.0.12-12 amd64 Reusable cluster libraries -- libplumbgpl2
ii libpng16-16 1.6.36-6 amd64 PNG library - runtime (version 1.6)
ii libpod-pom-perl 2.01-3 all module providing a Pod Object Model
ii libpolkit-agent-1-0 0.105-25+deb10u1 amd64 PolicyKit Authentication Agent API
ii libpolkit-backend-1-0 0.105-25+deb10u1 amd64 PolicyKit backend API
ii libpolkit-gobject-1-0 0.105-25+deb10u1 amd64 PolicyKit Authorization API
ii libpopt0 1.16-12 amd64 lib for parsing cmdline parameters
ii libpq5 11.20-0+deb10u1 amd64 PostgreSQL C client library
ii libprocps7 2:3.3.15-2 amd64 library for accessing process information from /proc
ii libprotobuf-c1 1.3.1-1+b1 amd64 Protocol Buffers C shared library (protobuf-c)
ii libpsl5 0.20.2-2 amd64 Library for Public Suffix List (shared libraries)
ii libpython-stdlib 2.7.16-1 amd64 interactive high-level object-oriented language (Python2)
ii libpython2-stdlib 2.7.16-1 amd64 interactive high-level object-oriented language (Python2)
ii libpython2.7-minimal 2.7.16-2+deb10u2 amd64 Minimal subset of the Python language (version 2.7)
ii libpython2.7-stdlib 2.7.16-2+deb10u2 amd64 Interactive high-level object-oriented language (standard library, version 2.7)
ii libpython3-stdlib 3.7.3-1 amd64 interactive high-level object-oriented language (default python3 version)
ii libpython3.7-minimal 3.7.3-2+deb10u4 amd64 Minimal subset of the Python language (version 3.7)
ii libpython3.7-stdlib 3.7.3-2+deb10u4 amd64 Interactive high-level object-oriented language (standard library, version 3.7)
ii libqmi-glib5 1.26.10-0.1~bpo10+1 amd64 Support library to use the Qualcomm MSM Interface (QMI) protocol
ii libqmi-proxy 1.26.10-0.1~bpo10+1 amd64 Proxy to communicate with QMI ports
ii libqmi-utils 1.22.0-1.2 amd64 Utilities to use the QMI protocol from the command line
ii libqrencode4 4.0.2-1 amd64 QR Code encoding library
ii libquadmath0 8.3.0-6 amd64 GCC Quad-Precision Math Library
ii librabbitmq4 0.9.0-0.2 amd64 AMQP client library written in C
ii libradcli4 1.2.6-4 amd64 Enhanced RADIUS client library
ii librdkafka1 0.11.6-1.1 amd64 library implementing the Apache Kafka protocol
ii libreadline7 7.0-5 amd64 GNU readline and history libraries, run-time libraries
ii libregexp-common-perl 2017060201-1 all module with common regular expressions
ii librtmp1 2.4+20151223.gitfa8646d.1-2 amd64 toolkit for RTMP streams (shared library)
ii librtr0 0.6.3-1 amd64 Small extensible RPKI-RTR-Client C library
ii libruby2.5 2.5.5-3+deb10u4 amd64 Libraries necessary to run Ruby 2.5
ii libsasl2-2 2.1.27+dfsg-1+deb10u2 amd64 Cyrus SASL - authentication abstraction library
ii libsasl2-modules-db 2.1.27+dfsg-1+deb10u2 amd64 Cyrus SASL - pluggable authentication modules (DB)
ii libsctp1 1.0.18+dfsg-1 amd64 user-space access to Linux kernel SCTP - shared library
ii libseccomp2 2.5.1-1+deb11u1 amd64 high level interface to Linux seccomp filter
ii libselinux1 2.8-1+b1 amd64 SELinux runtime shared libraries
ii libsemanage-common 2.8-2 all Common files for SELinux policy management libraries
ii libsemanage1 2.8-2 amd64 SELinux policy management library
ii libsensors-config 1:3.5.0-3 all lm-sensors configuration files
ii libsensors5 1:3.5.0-3 amd64 library to read temperature/voltage/fan sensors
ii libsepol1 2.8-1 amd64 SELinux library for manipulating binary security policies
ii libsigc++-2.0-0v5 2.10.1-2 amd64 type-safe Signal Framework for C++ - runtime
ii libsigsegv2 2.12-2 amd64 Library for handling page faults in a portable way
ii libsmartcols1 2.33.1-0.1 amd64 smart column output alignment library
ii libsnappy1v5 1.1.7-1 amd64 fast compression/decompression library
ii libsnmp-base 5.7.3+dfsg-5+deb10u4 all SNMP configuration script, MIBs and documentation
ii libsnmp-perl 5.7.3+dfsg-5+deb10u4 amd64 SNMP (Simple Network Management Protocol) Perl5 support
ii libsnmp30 5.7.3+dfsg-5+deb10u4 amd64 SNMP (Simple Network Management Protocol) library
ii libsocket6-perl 0.29-1+b1 amd64 Perl extensions for IPv6
ii libsodium23 1.0.17-1 amd64 Network communication, cryptography and signaturing library
ii libsort-versions-perl 1.62-1 all Perl module for sorting of revision (and similar) numbers
ii libsqlite3-0 3.27.2-3+deb10u2 amd64 SQLite 3 shared library
ii libss2 1.44.5-1+deb10u3 amd64 command-line interface parsing library
ii libssh-4 0.8.7-1+deb10u1 amd64 tiny C SSH library (OpenSSL flavor)
ii libssh2-1 1.8.0-2.1 amd64 SSH2 client-side library
ii libssl1.1 1.1.1n-0+deb10u4 amd64 Secure Sockets Layer toolkit - shared libraries
ii libstdc++6 8.3.0-6 amd64 GNU Standard C++ Library v3
ii libstonith1 1.0.12-12 amd64 Reusable cluster libraries -- libstonith1
ii libstring-rewriteprefix-perl 0.007-2 all module to rewrite strings based on a set of known prefixes
ii libstrongswan 5.7.2-2+vyos1.3 amd64 strongSwan utility and crypto library
ii libstrongswan-extra-plugins 5.7.2-2+vyos1.3 amd64 strongSwan utility and crypto library (extra plugins)
ii libstrongswan-standard-plugins 5.7.2-2+vyos1.3 amd64 strongSwan utility and crypto library (standard plugins)
ii libsub-exporter-perl 0.987-1 all sophisticated exporter for custom-built routines
ii libsub-install-perl 0.928-1 all module for installing subroutines into packages easily
ii libswitch-perl 2.17-2 all switch statement for Perl
ii libsystemd0 241-7~deb10u9 amd64 systemd utility library
ii libtalloc2 2.1.14-2 amd64 hierarchical pool based memory allocator
ii libtasn1-6 4.13-3+deb10u1 amd64 Manage ASN.1 structures (runtime)
ii libterm-readkey-perl 2.38-1 amd64 perl module for simple terminal control
ii libtimedate-perl 2.3000-2+deb10u1 all collection of modules to manipulate date/time information
ii libtinfo6 6.1+20181013-2+deb10u3 amd64 shared low-level terminfo library for terminal handling
ii libtomcrypt1 1.18.2-1 amd64 public domain open source cryptographic toolkit
ii libtommath1 1.1.0-3 amd64 multiple-precision integer library [runtime]
ii libtree-simple-perl 1.33-1 all implementation of a simple tree object
ii libtry-tiny-perl 0.30-1 all module providing minimalistic try/catch
ii libudev1 241-7~deb10u9 amd64 libudev shared library
ii libunistring2 0.9.10-1 amd64 Unicode string library for C
ii liburi-perl 1.76-1 all module to manipulate and access URI strings
ii libusb-1.0-0 2:1.0.22-2 amd64 userspace USB programming library
ii libutempter0 1.1.6-3 amd64 privileged helper for utmp/wtmp updates (runtime)
ii libuuid1 2.33.1-0.1 amd64 Universally Unique ID library
ii libvyatta-cfg1 1.3-1 amd64 vyatta-cfg back-end library
ii libvyosconfig0 1.3-1 amd64 VyConf config tree manipulation library
ii libwant-perl 0.29-1+b4 amd64 generalisation of wantarray
ii libwrap0 7.6.q-28 amd64 Wietse Venema's TCP wrappers library
ii libx11-6 2:1.6.7-1+deb10u2 amd64 X11 client-side library
ii libx11-data 2:1.6.7-1+deb10u2 all X11 client-side library
ii libxapian30 1.4.11-1+deb10u1 amd64 Search engine library
ii libxau6 1:1.0.8-1+b2 amd64 X11 authorisation library
ii libxcb1 1.13.1-2 amd64 X C Binding
ii libxdmcp6 1:1.1.2-3 amd64 X11 Display Manager Control Protocol library
ii libxext6 2:1.3.3-1+b2 amd64 X11 miscellaneous extension library
ii libxinerama1 2:1.1.4-2 amd64 X11 Xinerama extension library
ii libxml-libxml-perl 2.0134+dfsg-1 amd64 Perl interface to the libxml2 library
ii libxml-namespacesupport-perl 1.12-1 all Perl module for supporting simple generic namespaces
ii libxml-sax-base-perl 1.09-1 all base class for SAX drivers and filters
ii libxml-sax-perl 1.00+dfsg-1 all Perl module for using and building Perl SAX2 XML processors
ii libxml-simple-perl 2.25-1 all Perl module for reading and writing XML
ii libxml2 2.9.4+dfsg1-7+deb10u6 amd64 GNOME XML library
ii libxml2-utils 2.9.4+dfsg1-7+deb10u6 amd64 XML utilities
ii libxmlsec1 1.2.27-2 amd64 XML security library
ii libxmlsec1-openssl 1.2.27-2 amd64 Openssl engine for the XML security library
ii libxosd2 2.2.14-2.1+b1 amd64 X On-Screen Display library - runtime
ii libxslt1.1 1.1.32-2.2~deb10u2 amd64 XSLT 1.0 processing library - runtime library
ii libxtables12 1.8.2-4 amd64 netfilter xtables library
ii libyaml-0-2 0.2.1-1 amd64 Fast YAML 1.1 parser and emitter library
ii libyaml-perl 1.27-1 all YAML Ain't Markup Language
ii libyang1 1.0.225-1.1 amd64 parser toolkit for IETF YANG data modeling - runtime
ii libzmq5 4.3.1-4+deb10u2 amd64 lightweight messaging kernel (shared library)
ii libzstd1 1.3.8+dfsg-3+deb10u2 amd64 fast lossless compression algorithm
ii linux-base 4.6 all Linux image base package
ii linux-image-5.4.234-amd64-vyos 5.4.234-1 amd64 Linux kernel, version 5.4.234-amd64-vyos
ii live-boot 1:20151213 all Live System Boot Components
ii live-boot-initramfs-tools 1:20151213 all Live System Boot Components (initramfs-tools backend)
ii live-config 5.20190519 all Live System Configuration Components
ii live-config-systemd 5.20190519 all Live System Configuration Components (systemd backend)
ii lldpd 1.0.3-1+deb10u1 amd64 implementation of IEEE 802.1ab (LLDP)
ii lm-sensors 1:3.5.0-3 amd64 utilities to read temperature/voltage/fan sensors
ii localepurge 0.7.3.5 all reclaim disk space by removing unneeded localizations
ii locales 2.28-10+deb10u2 all GNU C Library: National Language (locale) data [support]
ii lockfile-progs 0.1.18 amd64 Programs for locking and unlocking files and mailboxes
ii login 1:4.5-1.1 amd64 system login tools
ii logrotate 3.14.0-4 amd64 Log rotation utility
ii lsb-base 10.2019051400 all Linux Standard Base init script functionality
ii lsb-release 10.2019051400 all Linux Standard Base version reporting utility
ii lsof 4.91+dfsg-1 amd64 utility to list open files
ii lsscsi 0.30-0.1 amd64 list all SCSI devices (or hosts) currently on system
ii m4 1.4.18-2 amd64 macro processing language
ii make 4.2.1-1.2 amd64 utility for directing compilation
ii mariadb-common 1:10.3.38-0+deb10u1 all MariaDB common metapackage
ii mawk 1.3.3-17+b3 amd64 a pattern scanning and text processing language
ii mdadm 4.1-1 amd64 tool to administer Linux MD arrays (software RAID)
ii mdns-repeater 1.3-1 amd64 Multicast DNS repeater
ii mgetty 1.2.1-1 amd64 Smart Modem getty replacement
ii mime-support 3.62 all MIME files 'mime.types' & 'mailcap', and support programs
ii minicom 2.7.1-1+b1 amd64 Friendly menu driven serial communication program
ii minisign 0.9 amd64 A dead simple tool to sign files and verify signatures.
ii modemmanager 1.14.12-0.1~bpo10+1 amd64 D-Bus service for managing modems
ii mount 2.33.1-0.1 amd64 tools for mounting and manipulating filesystems
ii mtr-tiny 0.92-2 amd64 Full screen ncurses traceroute tool
ii mysql-common 5.8+1.0.5 all MySQL database common files, e.g. /etc/mysql/my.cnf
ii nano 3.2-3 amd64 small, friendly text editor inspired by Pico
ii ncurses-base 6.1+20181013-2+deb10u3 all basic terminal type definitions
ii ncurses-bin 6.1+20181013-2+deb10u3 amd64 terminal-related programs and man pages
ii ncurses-term 6.1+20181013-2+deb10u3 all additional terminal type definitions
ii ndisc6 1.0.4-1 amd64 IPv6 diagnostic tools
ii net-tools 1.60+git20180626.aebd88e-1 amd64 NET-3 networking toolkit
ii netbase 5.6 all Basic TCP/IP networking system
ii netcat-openbsd 1.195-2 amd64 TCP/IP swiss army knife
ii netplug 1.2.9.2-3 amd64 network link monitor daemon
ii nextdns 1.39.4 amd64 NextDNS DNS/53 to DoH Proxy
ii nfct 1:1.4.6-1 amd64 Tool to interact with the connection tracking system
ii nftables 0.9.6-1 amd64 Program to control packet filtering rules by Netfilter project
ii nginx-common 1.14.2-2+deb10u5 all small, powerful, scalable web/proxy server - common files
ii nginx-light 1.14.2-2+deb10u5 amd64 nginx web/proxy server (basic version)
ii nmap 7.70+dfsg1-6+deb10u2 amd64 The Network Mapper
ii nmap-common 7.70+dfsg1-6+deb10u2 all Architecture independent files for nmap
ii ntp 1:4.2.8p12+dfsg-4 amd64 Network Time Protocol daemon and utility programs
ii ntpdate 1:4.2.8p12+dfsg-4 amd64 client for setting system time from NTP servers (deprecated)
ii nvme-cli 1.7-1 amd64 userspace tooling to control NVMe drives
ii ocserv 1.1.6-3 amd64 OpenConnect VPN server compatible with Cisco AnyConnect VPN
ii open-vm-tools 2:10.3.10-1+deb10u3 amd64 Open VMware Tools for virtual machines hosted on VMware (CLI)
ii openssh-client 1:7.9p1-10+deb10u2 amd64 secure shell (SSH) client, for secure access to remote machines
ii openssh-server 1:7.9p1-10+deb10u2 amd64 secure shell (SSH) server, for secure access from remote machines
ii openssh-sftp-server 1:7.9p1-10+deb10u2 amd64 secure shell (SSH) sftp server module, for SFTP access from remote machines
ii openssl 1.1.1n-0+deb10u4 amd64 Secure Sockets Layer toolkit - cryptographic utility
ii openvpn 2.5.1-2~bpo10+1 amd64 virtual private network daemon
ii openvpn-auth-ldap 2.0.3-6.1+b2 amd64 OpenVPN LDAP authentication module
ii openvpn-auth-radius 2.1-7 amd64 OpenVPN RADIUS authentication module
ii parted 3.2-25 amd64 disk partition manipulator
ii passwd 1:4.5-1.1 amd64 change and administer password and group data
ii pciutils 1:3.5.2-1 amd64 Linux PCI Utilities
ii pdns-recursor 4.8.4-1pdns.buster amd64 PowerDNS Recursor
ii perl 5.28.1-6+deb10u1 amd64 Larry Wall's Practical Extraction and Report Language
ii perl-base 5.28.1-6+deb10u1 amd64 minimal Perl system
ii perl-modules-5.28 5.28.1-6+deb10u1 all Core Perl modules
ii perl-openssl-defaults 3 amd64 version compatibility baseline for Perl OpenSSL packages
ii pinentry-curses 1.1.0-2 amd64 curses-based PIN or pass-phrase entry dialog for GnuPG
ii pmacct 1.7.2-3 amd64 promiscuous mode traffic accountant
ii podman 3.0.1+dfsg1-3+deb11u4 amd64 engine to run OCI-based containers in Pods
ii policykit-1 0.105-25+deb10u1 amd64 framework for managing administrative policies and privileges
ii ppp 2.4.7-2+4.1+deb10u1 amd64 Point-to-Point Protocol (PPP) - daemon
ii pppoe 3.12-1.2 amd64 PPP over Ethernet driver
ii procps 2:3.3.15-2 amd64 /proc file system utilities
ii psmisc 23.2-1+deb10u1 amd64 utilities that use the proc file system
ii python 2.7.16-1 amd64 interactive high-level object-oriented language (Python2 version)
ii python-apt-common 1.8.4.3 all Python interface to libapt-pkg (locales)
ii python-minimal 2.7.16-1 amd64 minimal subset of the Python2 language
ii python2 2.7.16-1 amd64 interactive high-level object-oriented language (Python2 version)
ii python2-minimal 2.7.16-1 amd64 minimal subset of the Python2 language
ii python2.7 2.7.16-2+deb10u2 amd64 Interactive high-level object-oriented language (version 2.7)
ii python2.7-minimal 2.7.16-2+deb10u2 amd64 Minimal subset of the Python language (version 2.7)
ii python3 3.7.3-1 amd64 interactive high-level object-oriented language (default python3 version)
ii python3-acme 0.31.0-2 all ACME protocol library for Python 3
ii python3-apt 1.8.4.3 amd64 Python 3 interface to libapt-pkg
ii python3-asn1crypto 0.24.0-1 all Fast ASN.1 parser and serializer (Python 3)
ii python3-bcrypt 3.1.6-1 amd64 password hashing library for Python 3
ii python3-certbot 0.31.0-1+deb10u1 all main library for certbot
ii python3-certbot-nginx 0.31.0-1 all Nginx plugin for Certbot
ii python3-certifi 2018.8.24-1 all root certificates for validating SSL certs and verifying TLS hosts (python3)
ii python3-cffi-backend 1.12.2-1 amd64 Foreign Function Interface for Python 3 calling C code - runtime
ii python3-chardet 3.0.4-3 all universal character encoding detector for Python3
ii python3-click 7.0-1 all Wrapper around optparse for command line utilities - Python 3.x
ii python3-colorama 0.3.7-1 all Cross-platform colored terminal text in Python - Python 3.x
ii python3-configargparse 0.13.0-1 all replacement for argparse with config files and environment variables (Python 3)
ii python3-configobj 5.0.6-3 all simple but powerful config file reader and writer for Python 3
ii python3-cryptography 2.6.1-3+deb10u4 amd64 Python library exposing cryptographic recipes and primitives (Python 3)
ii python3-dateutil 2.7.3-3 all powerful extensions to the standard Python 3 datetime module
ii python3-dbus 1.2.8-3 amd64 simple interprocess messaging system (Python 3 interface)
ii python3-decorator 4.3.0-1.1 all simplify usage of Python decorators by programmers
ii python3-distro 1.3.0-1 all Linux OS platform information API
ii python3-distutils 3.7.3-1 all distutils package for Python 3.x
ii python3-flask 1.0.2-3 all micro web framework based on Werkzeug and Jinja2 - Python 3.x
ii python3-future 0.16.0-1 all Clean single-source support for Python 3 and 2 - Python 3.x
ii python3-gi 3.30.4-1 amd64 Python 3 bindings for gobject-introspection libraries
ii python3-hurry.filesize 0.9-2 all human readable file sizes or anything sized in bytes - Python 3.x
ii python3-idna 2.6-1 all Python IDNA2008 (RFC 5891) handling (Python 3)
ii python3-inotify 0.2.10-1 all An adapter to Linux kernel support for inotify directory-wat
ii python3-isc-dhcp-leases 0.9.1-1 all Python module for reading dhcp leases files (Python 3 interface)
ii python3-itsdangerous 0.24+dfsg1-2 all Various helpers to pass trusted data to untrusted environment - Python 3.x
ii python3-jinja2 2.10-2 all small but fast and easy to use stand-alone template engine
ii python3-jmespath 0.9.4-1 all JSON Matching Expressions (Python 3)
ii python3-josepy 1.1.0-2 all JOSE implementation for Python 3.x
ii python3-lib2to3 3.7.3-1 all Interactive high-level object-oriented language (2to3, version 3.6)
ii python3-markupsafe 1.1.0-1 amd64 HTML/XHTML/XML string library for Python 3
ii python3-minimal 3.7.3-1 amd64 minimal subset of the Python language (default python3 version)
ii python3-mock 2.0.0-4 all Mocking and Testing Library (Python3 version)
ii python3-msgpack 0.5.6-1+b1 amd64 Python 3 implementation of MessagePack format
ii python3-nacl 1.3.0-2 amd64 Python bindings to libsodium (Python 3)
ii python3-netaddr 0.7.19-1 all manipulation of various common network address notations (Python 3)
ii python3-netifaces 0.10.4-1+b1 amd64 portable network interface information - Python 3.x
ii python3-openssl 19.0.0-1 all Python 3 wrapper around the OpenSSL library
ii python3-paramiko 2.4.2-0.1+deb10u1 all Make ssh v2 connections (Python 3)
ii python3-parsedatetime 2.4-2 all Python 3 module to parse human-readable date/time expressions
ii python3-pbr 4.2.0-5 all inject useful and sensible default behaviors into setuptools - Python 3.x
ii python3-pkg-resources 40.8.0-1 all Package Discovery and Resource Access using pkg_resources
ii python3-psutil 5.5.1-1 amd64 module providing convenience functions for managing processes (Python3)
ii python3-pyasn1 0.4.2-3 all ASN.1 library for Python (Python 3 module)
ii python3-pycryptodome 3.6.1-2+b1 amd64 cryptographic Python library (Python 3)
ii python3-pyparsing 2.2.0+dfsg1-2 all alternative to creating and executing simple grammars - Python 3.x
ii python3-pystache 0.5.4-6 all Python3 implementation of Mustache
ii python3-pyudev 0.21.0-1 all Python3 bindings for libudev
ii python3-requests 2.21.0-1 all elegant and simple HTTP library for Python3, built for human beings
ii python3-requests-toolbelt 0.8.0-1 all Utility belt for advanced users of python3-requests
ii python3-rfc3339 1.1-1 all parser and generator of RFC 3339-compliant timestamps (Python 3)
ii python3-setuptools 40.8.0-1 all Python3 Distutils Enhancements
ii python3-six 1.12.0-1 all Python 2 and 3 compatibility library (Python 3 interface)
ii python3-systemd 234-2+b1 amd64 Python 3 bindings for systemd
ii python3-tabulate 0.8.2-1 all pretty-print tabular data in Python3
ii python3-tz 2019.1-1 all Python3 version of the Olson timezone database
ii python3-urllib3 1.24.1-1 all HTTP library with thread-safe connection pooling for Python3
ii python3-vici 5.7.2-1 all Native Python interface for strongSwan's VICI protocol
ii python3-voluptuous 0.11.1-1 all Python 3 library to validate data
ii python3-waitress 1.2.0~b2-2+deb10u1 all production-quality pure-Python WSGI server (Python 3)
ii python3-werkzeug 0.14.1+dfsg1-4+deb10u2 all collection of utilities for WSGI applications (Python 3.x)
ii python3-xmltodict 0.11.0-2 all Makes working with XML feel like you are working with JSON (Python 3)
ii python3-yaml 3.13-2 amd64 YAML parser and emitter for Python3
ii python3-zmq 17.1.2-2+deb10u1 amd64 Python3 bindings for 0MQ library
ii python3-zope.component 4.3.0-1 all Zope Component Architecture
ii python3-zope.event 4.2.0-1 all Very basic event publishing system
ii python3-zope.hookable 4.0.4-4+b4 amd64 Hookable object support
ii python3-zope.interface 4.3.2-1+b2 amd64 Interfaces for Python3
ii python3.7 3.7.3-2+deb10u4 amd64 Interactive high-level object-oriented language (version 3.7)
ii python3.7-minimal 3.7.3-2+deb10u4 amd64 Minimal subset of the Python language (version 3.7)
ii qemu-guest-agent 1:3.1+dfsg-8+deb10u10 amd64 Guest-side qemu-system agent
ii qrencode 4.0.2-1 amd64 QR Code encoder into PNG image
ii radius-shell 1.5.0-cl3u1 amd64 Shell front-end used for radius users.
ii radvd 1:2.17-2 amd64 Router Advertisement Daemon
ii rake 12.3.1-3+deb10u1 all ruby make-like utility
ii readline-common 7.0-5 all GNU readline and history libraries, common files
ii resource-agents 1:4.2.0-2+deb10u2 amd64 Cluster Resource Agents
ii rsync 3.1.3-6 amd64 fast, versatile, remote (and local) file-copying tool
ii rsyslog 8.1901.0-1+deb10u2 amd64 reliable system and kernel logging daemon
ii ruby 1:2.5.1 amd64 Interpreter of object-oriented scripting language Ruby (default version)
ii ruby-curses 1.2.4-1+b1 amd64 curses binding for Ruby
ii ruby-did-you-mean 1.2.1-1 all smart error messages for Ruby > 2.3
ii ruby-minitest 5.11.3-1 all Ruby test tools supporting TDD, BDD, mocking, and benchmarking
ii ruby-net-telnet 0.1.1-2 all telnet client library
ii ruby-power-assert 1.1.1-1 all library showing values of variables and method calls in an expression
ii ruby-test-unit 3.2.8-1 all unit testing framework for Ruby
ii ruby-xmlrpc 0.3.0-2 all XMLRPC library for Ruby
ii ruby2.5 2.5.5-3+deb10u4 amd64 Interpreter of object-oriented scripting language Ruby
ii rubygems-integration 1.11+deb10u1 all integration of Debian Ruby packages with Rubygems
ii runc 1.0.0~rc93+ds1-5+deb11u2 amd64 Open Container Project - runtime
ii salt-common 3003.5+ds-1 all shared libraries that salt requires for all packages
ii salt-minion 3003.5+ds-1 all client package for salt, the distributed remote execution system
ii screen 4.6.2-3+deb10u1 amd64 terminal multiplexer with VT100/ANSI terminal emulation
ii sed 4.7-1 amd64 GNU stream editor for filtering/transforming text
ii sendmail-base 8.15.2-14~deb10u1 all powerful, efficient, and scalable Mail Transport Agent (arch independent files)
ii sendmail-bin 8.15.2-14~deb10u1 amd64 powerful, efficient, and scalable Mail Transport Agent
ii sendmail-cf 8.15.2-14~deb10u1 all powerful, efficient, and scalable Mail Transport Agent (config macros)
ii sensible-utils 0.0.12 all Utilities for sensible alternative selection
ii sharutils 1:4.15.2-4 amd64 shar, unshar, uuencode, uudecode
ii sipcalc 1.1.6-1 amd64 Advanced console-based ip subnet calculator
ii smartmontools 6.6-1 amd64 control and monitor storage systems using S.M.A.R.T.
ii snmp 5.7.3+dfsg-5+deb10u4 amd64 SNMP (Simple Network Management Protocol) applications
ii snmpd 5.7.3+dfsg-5+deb10u4 amd64 SNMP (Simple Network Management Protocol) agents
ii socat 1.7.3.2-2 amd64 multipurpose relay for bidirectional data transfer
ii squid 4.6-1+deb10u8 amd64 Full featured Web Proxy cache (HTTP proxy)
ii squid-common 4.6-1+deb10u8 all Full featured Web Proxy cache (HTTP proxy) - common files
ii squid-langpack 20190110-1 all Localized error pages for Squid
ii squidclient 4.6-1+deb10u8 amd64 Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message utility
ii squidguard 1.6.0-1 amd64 filter and redirector plugin for Squid
ii ssl-cert 1.0.39 all simple debconf wrapper for OpenSSL
ii startpar 0.61-1 amd64 run processes in parallel and multiplex their output
ii strongswan 5.7.2-2+vyos1.3 all IPsec VPN solution metapackage
ii strongswan-charon 5.7.2-2+vyos1.3 amd64 strongSwan Internet Key Exchange daemon
ii strongswan-libcharon 5.7.2-2+vyos1.3 amd64 strongSwan charon library
ii strongswan-starter 5.7.2-2+vyos1.3 amd64 strongSwan daemon starter and configuration file parser
ii strongswan-swanctl 5.7.2-2+vyos1.3 amd64 strongSwan IPsec client, swanctl command
ii sudo 1.8.27-1+deb10u5 amd64 Provide limited super user privileges to specific users
ii systemd 241-7~deb10u9 amd64 system and service manager
ii systemd-bootchart 233-2 amd64 boot performance graphing tool
ii systemd-sysv 241-7~deb10u9 amd64 system and service manager - SysV links
ii sysv-rc 2.93-8 all System-V-like runlevel change mechanism
ii sysvinit-utils 2.93-8 amd64 System-V-like utilities
ii tar 1.30+dfsg-6 amd64 GNU version of the tar archiving utility
ii tasksel 3.53 all tool for selecting tasks for installation on Debian systems
ii tasksel-data 3.53 all official tasks used for installation of Debian systems
ii tcpdump 4.9.3-1~deb10u2 amd64 command-line network traffic analyzer
ii tcptraceroute 1.5beta7+debian-4+b2 amd64 traceroute implementation using TCP packets
ii telegraf 1.23.1-1 amd64 Plugin-driven server agent for reporting metrics into InfluxDB.
ii telnet 0.17-41.2 amd64 basic telnet client
ii tftpd-hpa 5.2+20150808-1+b1 amd64 HPA's tftp server
ii traceroute 1:2.1.0-2 amd64 Traces the route taken by packets over an IPv4/IPv6 network
ii tuned 2.10.0-1 all daemon for monitoring and adaptive tuning of system devices
ii tzdata 2021a-0+deb10u11 all time zone and daylight-saving time data
ii ucf 3.0038+nmu1 all Update Configuration File(s): preserve user changes to config files
ii udev 241-7~deb10u9 amd64 /dev/ and hotplug management daemon
ii udp-broadcast-relay 1.3-1 amd64 UDP Broadcast Packet Relay
ii uidmap 1:4.5-1.1 amd64 programs to help use subuids
ii unionfs-fuse 1.0-1+b1 amd64 Fuse implementation of unionfs
ii usb-modeswitch 2.5.2+repack0-2 amd64 mode switching tool for controlling "flip flop" USB devices
ii usb-modeswitch-data 20170806-2 all mode switching data for usb-modeswitch
ii usb.ids 2019.07.27-0+deb10u1 all USB ID Repository
ii usbutils 1:010-3 amd64 Linux USB utilities
ii util-linux 2.33.1-0.1 amd64 miscellaneous system utilities
ii uuid-runtime 2.33.1-0.1 amd64 runtime components for the Universally Unique ID library
ii virt-what 1.19-1 amd64 detect if we are running in a virtual machine
ii vyatta-bash 4.1.48+vyos1.3 amd64 The VyOS Shell based on GNU bash
ii vyatta-biosdevname 1:0.3.11+vyos1.3 amd64 VyOS version of the biosdevname utility.
ii vyatta-cfg 1.3-1 amd64 VyOS configuration system
ii vyatta-cfg-firewall 1.3-1 all VyOS firewall configuration templates/scripts
ii vyatta-cfg-qos 1.3-1 all VyOS Qos configuration templates/scripts
ii vyatta-cfg-quagga 1.3-1 all VyOS configuration templates/scripts for Quagga
ii vyatta-cfg-system 1.3-1 amd64 VyOS system-level configuration
ii vyatta-cfg-vpn 1.3-1 all VyOS IPsec VPN configuration templates/scripts
ii vyatta-cluster 1.3-1 all VyOS configuration/operational commands for clustering
ii vyatta-config-mgmt 1.3-1 all VyOS commands for config-mgmt
ii vyatta-conntrack 1.3-1 amd64 VyOS conntrack configuration
ii vyatta-nat 1.3.0 all VyOS configuration/operational commands for NAT
ii vyatta-op 1.3-1 all VyOS operational commands and completion scripts
ii vyatta-op-firewall 1.3-1 all VyOS operational commands for firewall.
ii vyatta-op-qos 1.3-1 all VyOS operational commands for QOS
ii vyatta-op-vpn 1.3-1 all VyOS operational commands for IPsec VPN
ii vyatta-wanloadbalance 1.3-1 amd64 VyOS load balancing configuration system
ii vyatta-zone 0.15+vyos2+current1 all The vyatta-zone package
ii vyos-1x 1.3dev0-3961-g0b85c4165 amd64 VyOS configuration scripts and data
ii vyos-1x-vmware 1.3dev0-3961-g0b85c4165 amd64 VyOS configuration scripts and data for VMware
ii vyos-drivers-intel-ice 1.11.14-1 amd64 auto-generated package by debmake
ii vyos-drivers-realtek-r8152 2.16.3-1 amd64 auto-generated package by debmake
ii vyos-http-api-tools 2.1 amd64 api tools for VyOS
ii vyos-intel-qat 1.7.l.4.9.0-00008-0 amd64 Vendor based driver for Intel qat
ii vyos-linux-firmware 20201218 all Binary firmware for various drivers in the Linux kernel
ii vyos-nhrp 1.3-1 all VyOs package vyos-nhrp
ii vyos-opennhrp 0.14.1-vyos1.3 amd64 VyOS OpenNHRP package
ii vyos-user-utils 1.3.0-1 all VyOS user utilities metapackage
ii vyos-utils 1.3-2 amd64 VyOS utils for value validation and other things
ii vyos-world 1.3-1 all VyOS metapackage
ii vyos-xe-guest-utilities 7.13.0+vyos1.3 amd64 daemon for monitoring Xen Virtual machines
ii whois 5.4.3 amd64 intelligent WHOIS client
ii wide-dhcpv6-client 20080615-23 amd64 DHCPv6 client for automatic IPv6 hosts configuration
ii wireguard-modules 1.0.20201112-1~bpo10+1 all fast, modern, secure kernel VPN tunnel (Kernel module)
ii wireguard-tools 1.0.20210223-1~bpo10+1 amd64 fast, modern, secure kernel VPN tunnel (userland utilities)
ii wireless-regdb 2022.04.08-2~deb10u1 all wireless regulatory database for Linux
ii wpasupplicant 2.10-520-gb704dc72e amd64 client support for WPA and WPA2 (IEEE 802.11i)
ii xsltproc 1.1.32-2.2~deb10u2 amd64 XSLT 1.0 command line processor
ii zlib1g 1:1.2.11.dfsg-1+deb10u2 amd64 compression library - runtime

Nessus was able to log in to the remote host using the provided credentials. The provided credentials were not sufficient to complete all requested checks.

Nessus was able to execute credentialed checks because it was possible to log in to the remote host using provided credentials, however the credentials were not sufficiently privileged to complete all requested checks.

n/a

None

Published: 2018/06/06, Modified: 2021/07/26

Nessus was able to log into the remote host, however this credential
did not have sufficient privileges for all planned checks :

User: 'vyos'
Port: 22
Proto: SSH
Method: password


See the output of the following plugin for details :

Plugin ID : 102094
Plugin Name : SSH Commands Require Privilege Escalation

Valid credentials were provided for an available authentication protocol.

Nessus was able to determine that valid credentials were provided for an authentication protocol available on the remote target because it was able to successfully authenticate directly to the remote target using that authentication protocol at least once. Authentication was successful because the authentication protocol service was available remotely, the service was able to be identified, the authentication protocol was able to be negotiated successfully, and a set of credentials provided in the scan policy for that authentication protocol was accepted by the remote service. See plugin output for details, including protocol, port, and account.

Please note the following :

- This plugin reports per protocol, so it is possible for valid credentials to be provided for one protocol and not another. For example, authentication may succeed via SSH but fail via SMB, while no credentials were provided for an available SNMP service.

- Providing valid credentials for all available authentication protocols may improve scan coverage, but the value of successful authentication for a given protocol may vary from target to target depending upon what data (if any) is gathered from the target via that protocol. For example, successful authentication via SSH is more valuable for Linux targets than for Windows targets, and likewise successful authentication via SMB is more valuable for Windows targets than for Linux targets.

n/a

None

Published: 2020/10/15, Modified: 2021/07/26

Nessus was able to log in to the remote host via the following :

User: 'vyos'
Port: 22
Proto: SSH
Method: password

The system has been started.

Using the supplied credentials, Nessus was able to determine when the host was last started.

n/a

None

Published: 2011/10/12, Modified: 2018/06/19

reboot system boot 5.4.234-amd64-vy Tue Jun 27 00:43 still running
reboot system boot 5.4.234-amd64-vy Mon Jun 26 13:24 - 17:26 (04:02)
reboot system boot 5.4.234-amd64-vy Mon Jun 26 13:14 - 13:24 (00:09)

wtmp begins Mon Jun 26 13:14:06 2023

It was possible to obtain traceroute information.

Makes a traceroute to the remote host.

n/a

None

Published: 1999/11/27, Modified: 2023/06/26

For your information, here is the traceroute from 172.17.0.2 to 10.100.100.1 :
172.17.0.2
172.17.0.1
10.100.100.1

Hop Count: 2

Uses /bin/ps auxww command to obtain the list of running processes on the target machine at scan time.

Generated report details the running processes on the target machine at scan time.
This plugin is informative only and could be used for forensic investigation, malware detection, and to confirm that your system processes conform to your system policies.

n/a

None

Published: 2018/06/12, Modified: 2022/06/29

USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 170496 10348 ? Ss Jun26 0:31 /sbin/init noautologin
root 2 0.0 0.0 0 0 ? S Jun26 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? I< Jun26 0:00 [rcu_gp]
root 4 0.0 0.0 0 0 ? I< Jun26 0:00 [rcu_par_gp]
root 6 0.0 0.0 0 0 ? I< Jun26 0:00 [kworker/0:0H-kblockd]
root 8 0.0 0.0 0 0 ? I< Jun26 0:00 [mm_percpu_wq]
root 9 0.0 0.0 0 0 ? S Jun26 0:00 [ksoftirqd/0]
root 10 0.0 0.0 0 0 ? I Jun26 0:55 [rcu_sched]
root 11 0.0 0.0 0 0 ? S Jun26 0:00 [migration/0]
root 13 0.0 0.0 0 0 ? S Jun26 0:00 [cpuhp/0]
root 14 0.0 0.0 0 0 ? S Jun26 0:00 [cpuhp/1]
root 15 0.0 0.0 0 0 ? S Jun26 0:00 [migration/1]
root 16 0.0 0.0 0 0 ? S Jun26 0:00 [ksoftirqd/1]
root 18 0.0 0.0 0 0 ? I< Jun26 0:00 [kworker/1:0H-kblockd]
root 19 0.0 0.0 0 0 ? S Jun26 0:00 [cpuhp/2]
root 20 0.0 0.0 0 0 ? S Jun26 0:00 [migration/2]
root 21 0.0 0.0 0 0 ? S Jun26 0:19 [ksoftirqd/2]
root 23 0.0 0.0 0 0 ? I< Jun26 0:00 [kworker/2:0H-kblockd]
root 24 0.0 0.0 0 0 ? S Jun26 0:00 [cpuhp/3]
root 25 0.0 0.0 0 0 ? S Jun26 0:00 [migration/3]
root 26 0.0 0.0 0 0 ? S Jun26 0:07 [ksoftirqd/3]
root 28 0.0 0.0 0 0 ? I< Jun26 0:00 [kworker/3:0H-kblockd]
root 29 0.0 0.0 0 0 ? S Jun26 0:00 [kdevtmpfs]
root 30 0.0 0.0 0 0 ? I< Jun26 0:00 [netns]
root 31 0.0 0.0 0 0 ? S Jun26 0:00 [kauditd]
root 33 0.0 0.0 0 0 ? S Jun26 0:00 [khungtaskd]
root 34 0.0 0.0 0 0 ? S Jun26 0:00 [oom_reaper]
root 35 0.0 0.0 0 0 ? I< Jun26 0:00 [writeback]
root 36 0.0 0.0 0 0 ? S Jun26 0:00 [kcompactd0]
root 37 0.0 0.0 0 0 ? SN Jun26 0:00 [ksmd]
root 38 0.0 0.0 0 0 ? SN Jun26 0:00 [khugepaged]
root 67 0.0 0.0 0 0 ? I< Jun26 0:00 [kintegrityd]
root 68 0.0 0.0 0 0 ? I< Jun26 0:00 [kblockd]
root 69 0.0 0.0 0 0 ? I< Jun26 0:00 [blkcg_punt_bio]
root 70 0.0 0.0 0 0 ? I< Jun26 0:00 [md]
root 71 0.0 0.0 0 0 ? I< Jun26 0:00 [edac-poller]
root 72 0.0 0.0 0 0 ? I< Jun26 0:00 [devfreq_wq]
root 73 0.0 0.0 0 0 ? S Jun26 0:00 [watchdogd]
root 75 0.0 0.0 0 0 ? S Jun26 0:00 [kswapd0]
root 77 0.0 0.0 0 0 ? I< Jun26 0:00 [kthrotld]
root 79 0.0 0.0 0 0 ? I< Jun26 0:00 [ipv6_addrconf]
root 81 0.0 0.0 0 0 ? I Jun26 0:00 [kworker/u8:1-writeback]
root 90 0.0 0.0 0 0 ? I< Jun26 0:00 [kstrp]
root 124 0.0 0.0 0 0 ? I< Jun26 0:00 [acpi_thermal_pm]
root 156 0.0 0.0 0 0 ? I< Jun26 0:00 [ata_sff]
root 157 0.0 0.0 0 0 ? S Jun26 0:00 [scsi_eh_0]
root 158 0.0 0.0 0 0 ? I< Jun26 0:00 [scsi_tmf_0]
root 159 0.0 0.0 0 0 ? S Jun26 0:00 [scsi_eh_1]
root 160 0.0 0.0 0 0 ? I< Jun26 0:00 [scsi_tmf_1]
root 161 0.0 0.0 0 0 ? S Jun26 0:00 [scsi_eh_2]
root 162 0.0 0.0 0 0 ? I< Jun26 0:00 [scsi_tmf_2]
root 163 0.0 0.0 0 0 ? S Jun26 0:00 [scsi_eh_3]
root 164 0.0 0.0 0 0 ? I< Jun26 0:00 [scsi_tmf_3]
root 165 0.0 0.0 0 0 ? S Jun26 0:00 [scsi_eh_4]
root 166 0.0 0.0 0 0 ? I< Jun26 0:00 [scsi_tmf_4]
root 167 0.0 0.0 0 0 ? S Jun26 0:00 [scsi_eh_5]
root 168 0.0 0.0 0 0 ? I< Jun26 0:00 [scsi_tmf_5]
root 175 0.0 0.0 0 0 ? I< Jun26 0:00 [kworker/3:1H-kblockd]
root 199 0.0 0.0 0 0 ? I< Jun26 0:00 [kworker/0:1H-kblockd]
root 276 0.0 0.0 0 0 ? I< Jun26 0:00 [kworker/1:1H-kblockd]
root 277 0.0 0.0 0 0 ? S Jun26 0:03 [jbd2/sda3-8]
root 278 0.0 0.0 0 0 ? I< Jun26 0:00 [ext4-rsv-conver]
root 317 0.0 0.0 0 0 ? S< Jun26 0:00 [loop0]
root 565 0.0 0.0 0 0 ? I< Jun26 0:00 [kworker/2:1H-kblockd]
root 691 0.4 0.2 71048 28140 ? Ss Jun26 9:38 /lib/systemd/systemd-journald
root 695 0.0 0.2 119852 26212 ? Ssl Jun26 0:00 /usr/bin/python3 -u /usr/libexec/vyos/services/vyos-hostsd
root 696 0.0 0.4 304892 58764 ? Ssl Jun26 0:01 /usr/bin/python3 -u /usr/libexec/vyos/services/vyos-configd
root 702 0.0 0.0 21504 5564 ? Ss Jun26 0:00 /lib/systemd/systemd-udevd
root 707 0.0 0.0 8080 4856 ? Ss Jun26 0:00 /usr/sbin/haveged --Foreground --verbose=1 -w 1024
root 779 0.0 0.0 0 0 ? I< Jun26 0:00 [cryptd]
root 780 0.0 0.0 0 0 ? I< Jun26 0:00 [tpm_dev_wq]
root 782 0.0 0.0 0 0 ? S Jun26 0:00 [irq/29-mei_me]
root 834 0.0 0.1 719264 21588 ? Ssl Jun26 1:11 /usr/bin/nextdns run
root 839 0.0 0.0 19384 7052 ? Ss Jun26 0:00 /lib/systemd/systemd-logind
root 850 0.0 0.0 2280 68 ? S< Jun26 0:01 /usr/sbin/atopacctd
root 851 0.0 0.0 2320 760 ? Ss Jun26 0:00 /usr/sbin/acpid
message+ 852 0.0 0.0 8812 4168 ? Ss Jun26 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
root 856 0.0 0.0 8500 2800 ? Ss Jun26 0:00 /usr/sbin/cron -f
daemon 879 0.0 0.0 5484 2068 ? Ss Jun26 0:00 /usr/sbin/atd -f
root 962 0.0 0.0 2288 1328 ? Ss Jun26 0:00 /sbin/netplugd -p /var/run/netplugd.pid
root 1003 0.0 0.0 10244 3024 ? Ss Jun26 1:43 /usr/lib/frr/watchfrr -d -F traditional zebra bgpd ripd ripngd ospfd ospf6d isisd ldpd staticd bfdd
frr 1050 0.0 0.1 1068184 14384 ? Ssl Jun26 0:10 /usr/lib/frr/zebra -d -F traditional -s 90000000 --daemon -A 127.0.0.1 -M snmp
frr 1074 0.0 0.0 194432 10216 ? Ssl Jun26 0:05 /usr/lib/frr/bgpd -d -F traditional --daemon -A 127.0.0.1 -M snmp -M rpki
frr 1084 0.0 0.0 30716 5184 ? Ss Jun26 0:04 /usr/lib/frr/ripd -d -F traditional --daemon -A 127.0.0.1 -M snmp
frr 1087 0.0 0.0 11316 4024 ? Ss Jun26 0:04 /usr/lib/frr/ripngd -d -F traditional --daemon -A ::1
frr 1090 0.0 0.0 32132 6096 ? Ss Jun26 0:04 /usr/lib/frr/ospfd -d -F traditional --daemon -A 127.0.0.1 -M snmp
frr 1093 0.0 0.0 31292 5628 ? Ss Jun26 0:04 /usr/lib/frr/ospf6d -d -F traditional --daemon -A ::1 -M snmp
frr 1096 0.0 0.0 12596 6272 ? Ss Jun26 0:04 /usr/lib/frr/isisd -d -F traditional --daemon -A 127.0.0.1
frr 1099 0.0 0.0 10708 4640 ? S Jun26 0:00 /usr/lib/frr/ldpd -L -u frr -g frr
frr 1100 0.0 0.0 10568 4800 ? S Jun26 0:00 /usr/lib/frr/ldpd -E -u frr -g frr
frr 1101 0.0 0.0 12128 5152 ? Ss Jun26 0:04 /usr/lib/frr/ldpd -d -F traditional --daemon -A 127.0.0.1
frr 1105 0.0 0.0 11128 5392 ? Ss Jun26 0:04 /usr/lib/frr/staticd -d -F traditional --daemon -A 127.0.0.1
frr 1108 0.0 0.0 11236 3780 ? Ss Jun26 0:05 /usr/lib/frr/bfdd -d -F traditional --daemon -A 127.0.0.1
root 1121 0.0 0.0 0 0 ? I Jun26 0:03 [kworker/0:5-events]
root 1411 0.0 0.1 29280 22672 ? S Jun26 0:11 ddclient - sleeping for 60 seconds
root 2109 0.2 0.0 223772 5200 ? Ssl Jun26 4:19 /usr/sbin/rsyslogd -n -iNONE
root 2148 0.0 0.0 0 0 ? I< Jun26 0:00 [wg-crypt-wg0]
ntp 2263 0.0 0.0 76480 3228 ? Ssl Jun26 0:11 /usr/sbin/ntpd -g -p /run/ntpd/ntpd.pid -c /run/ntpd/ntpd.conf -u ntp:ntp
dhcpd 2305 0.0 0.0 13128 9212 ? Ss Jun26 0:00 /usr/sbin/dhcpd -4 -q -user dhcpd -group vyattacfg -pf /run/dhcp-server/dhcpd.pid -cf /run/dhcp-server/dhcpd.conf -lf /config/dhcpd.leases
root 2425 0.0 0.0 0 0 ? I Jun26 0:38 [kworker/2:8-events]
root 2435 0.0 0.0 13816 7204 ? Ss Jun26 0:00 /usr/sbin/sshd -f /run/sshd/sshd_config -D
root 2493 0.0 0.0 6664 3396 tty1 Ss Jun26 0:00 /bin/login -p --
root 2494 0.0 0.0 5380 1984 ttyS0 Ss+ Jun26 0:00 /sbin/agetty -o -p -- \u --keep-baud 115200,38400,9600 ttyS0 vt220
vyos 2576 0.0 0.0 21140 9008 ? Ss Jun26 0:00 /lib/systemd/systemd --user
vyos 2577 0.0 0.0 171500 2632 ? S Jun26 0:00 (sd-pam)
vyos 2586 0.0 0.0 8216 5076 tty1 S+ Jun26 0:00 -vbash
root 9847 0.0 0.0 0 0 ? I 01:16 0:00 [kworker/u8:2-events_unbound]
root 10103 0.0 0.0 0 0 ? I 01:17 0:00 [kworker/0:1-events]
root 10110 0.0 0.0 0 0 ? I 01:17 0:00 [kworker/1:1-events]
root 10759 0.0 0.0 7628 3848 ? Ss 01:18 0:00 /usr/sbin/pppd call pppoe0 nodetach nolog
root 10770 0.0 0.0 0 0 ? I 01:18 0:00 [kworker/2:0-cgroup_destroy]
root 11078 0.0 0.0 3996 144 ? Ss 01:18 0:00 /usr/sbin/dhcp6c -D -k /run/dhcp6c/dhcp6c.pppoe0.sock -c /run/dhcp6c/dhcp6c.pppoe0.conf -p /run/dhcp6c/dhcp6c.pppoe0.pid pppoe0
root 11784 0.0 0.0 0 0 ? I 01:20 0:00 [kworker/3:0-events]
root 17117 0.0 0.0 2440 116 ? Ss Jun27 0:00 /usr/sbin/radvd --logmethod stderr_clean --config /run/radvd/radvd.conf --pidfile /run/radvd/radvd.pid
root 17118 0.0 0.0 2440 116 ? S Jun27 0:00 /usr/sbin/radvd --logmethod stderr_clean --config /run/radvd/radvd.conf --pidfile /run/radvd/radvd.pid
root 19986 0.0 0.0 0 0 ? I 02:11 0:00 [kworker/1:2-events]
root 19987 0.0 0.0 0 0 ? I 02:11 0:00 [kworker/1:3-memcg_kmem_cache]
root 20077 0.0 0.0 0 0 ? I 02:11 0:00 [kworker/2:1-events]
root 20233 0.0 0.0 0 0 ? I 02:13 0:00 [kworker/3:1-events]
root 20528 0.0 0.0 0 0 ? I 02:13 0:00 [kworker/0:0-events]
root 21305 0.0 0.0 0 0 ? I 02:14 0:00 [kworker/3:3-cgroup_destroy]
root 22808 0.1 0.0 14716 8140 ? Ss 02:15 0:00 sshd: vyos [priv]
root 22812 0.1 0.0 14716 8260 ? Ss 02:15 0:00 sshd: vyos [priv]
root 22815 0.0 0.0 14568 7936 ? Ss 02:15 0:00 sshd: vyos [priv]
root 22884 0.1 0.0 14568 7836 ? Ss 02:15 0:00 sshd: vyos [priv]
sshd 22885 0.0 0.0 13816 4980 ? S 02:15 0:00 sshd: vyos [net]
root 22911 0.0 0.0 21504 2900 ? S 02:16 0:00 /lib/systemd/systemd-udevd
root 23022 0.0 0.0 6724 3088 ? S 02:16 0:00 sh -c /usr/bin/env -i PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin run-parts --lsbsysinit /etc/update-motd.d > /run/motd.dynamic.new
root 23025 0.0 0.0 2280 684 ? S 02:16 0:00 run-parts --lsbsysinit /etc/update-motd.d
root 23026 0.0 0.0 4652 3864 ? S 02:16 0:00 /bin/vbash /etc/update-motd.d/99-reboot
root 23090 0.0 0.0 85152 348 ? Ssl 02:16 0:00 unionfs-fuse -o cow -o allow_other /opt/vyatta/config/tmp/changes_only_23026=RW:/opt/vyatta/config/active=RO /opt/vyatta/config/tmp/new_config_23026
vyos 23097 0.0 0.0 14888 5456 ? S 02:16 0:00 sshd: vyos@notty
root 23110 0.0 0.0 13816 6768 ? Ss 02:16 0:00 sshd: [accepted]
vyos 23115 0.0 0.0 14888 5852 ? R 02:16 0:00 sshd: vyos@notty
sshd 23119 0.0 0.0 13816 4972 ? S 02:16 0:00 sshd: [net]
vyos 23124 0.0 0.0 6720 3260 ? Ss 02:16 0:00 vbash -c /bin/ps auxww 2>/dev/null
vyos 23125 0.0 0.0 10628 3100 ? R 02:16 0:00 /bin/ps auxww
root 25156 0.0 0.0 0 0 ? I Jun27 0:00 [kworker/1:0-events]
root 28365 0.0 0.0 12340 11720 ? S<Ls 00:00 0:00 /usr/bin/atop -R -w /var/log/atop/atop_20230628 600
root 28377 0.0 0.0 0 0 ? I 00:00 0:00 [kworker/3:2-cgroup_destroy]

Nessus was able to log in to the remote host using the provided credentials, but encountered difficulty running commands used to find unmanaged software.

Nessus found problems running commands on the target host which are used to find software that is not managed by the operating system.
Details of the issues encountered are reported by this plugin.

Failure to properly execute commands used to find and characterize unmanaged software on the target host can lead to scans that do not report known vulnerabilities. There may be little in the scan results of unmanaged software plugins to indicate the missing availability of the source commands except audit trail messages.

Commands used to find unmanaged software installations might fail for a variety of reasons, including:

* Inadequate scan user permissions,
* Failed privilege escalation,
* Intermittent network disruption, or
* Missing or corrupt executables on the target host.

Please address the issues reported here and redo the scan.

n/a

None

Published: 2021/08/23, Modified: 2021/08/23

Failures in commands used to assess Unix software:

strings -v :
strings: invalid option -- 'v'BusyBox v1.30.1 (Debian 1:1.30.1-4) multi-call binary.Usage: strings [-fo] [-t o/d/x] [-n LEN] [FILE]...Display printable strings in a binary file-fPrecede strings with filenames-oPrecede strings with octal offsets-t o/d/xPrecede strings with offsets in base 8/10/16-n LENAt least LEN characters form a string (default 4)


Account : vyos
Protocol : SSH

NGINX is installed on the remote Linux / Unix host.

NGINX, a web server with load balancing capabilities, is installed on the remote Linux / Unix host.

n/a

None

Published: 2020/05/05, Modified: 2023/06/26

Path : /usr/sbin/nginx
Version : 1.14.2
Associated Package : nginx-light: /usr/sbin/nginx
Detection Method : Binary in Known Install Directory
Full Version : 1.14.2
Managed by OS : True
Nginx Plus : False