Afftected
Linux RedHat 7.2
$ nasl -v | grep nasl
nasl 2.0.5
Vendor Status
New nessus 2.0.6 packages fixes these issues.
Workaround
Make sure the option 'plugins_upload' is set to 'no' in nessusd.conf and
don't run unstrusted nasl scripts.
Credits
Hank Leininger <[email protected]> requested the source code audit
for some opensource projects and for nessus in particular.
Sir Mordred <[email protected]> discovered the issues.
Renaud Deraison <[email protected]> fixed them in an hour after being
notified.