The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. (CVE-2012-0876) Note that Nessus relies on the presence of the package as reported by the…Read More