CVE-2007-4061

Name of the Vulnerable Software and Affected Versions: Nessus Vulnerability Scanner version 3.0.6

Description: The issue allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the saveNessusRC method, which writes text specified by the addsetConfig method. This is possibly related to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll. It can be leveraged for code execution by writing to a Startup folder.

Recommendations: For Nessus Vulnerability Scanner version 3.0.6, consider disabling the saveNessusRC method or restricting access to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll to minimize the risk of exploitation. Avoid using the addsetConfig method with untrusted input until the issue is resolved.