4.9 - CVE-2014-0150

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	CVE-2014-0150	First vendor Publication	2014-04-18
Vendor	Cve	Last vendor Modification	2020-11-02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:M/Au:S/C:P/I:P/A:P)
Cvss Base Score	4.9	Attack Range	Adjacent network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	4.4	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0150

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-189	Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:23845

Oval ID:	oval:org.mitre.oval:def:23845
Title:	ELSA-2014:0420: qemu-kvm security update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147) A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0150) A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0142) A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0146) It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0148) The CVE-2014-0143 issues were discovered by Kevin Wolf and Stefan Hajnoczi of Red Hat, the CVE-2014-0144 issues were discovered by Fam Zheng, Jeff Cody, Kevin Wolf, and Stefan Hajnoczi of Red Hat, the CVE-2014-0145 issues were discovered by Stefan Hajnoczi of Red Hat, the CVE-2014-0150 issue was discovered by Michael S. Tsirkin of Red Hat, the CVE-2014-0142, CVE-2014-0146, and CVE-2014-0147 issues were discovered by Kevin Wolf of Red Hat, and the CVE-2014-0148 issue was discovered by Jeff Cody of Red Hat. All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0420-00 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0148 CVE-2014-0150	Version:	5
Platform(s):	Oracle Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 6.x rpm test qemu-kvm-tools is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-img is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.8

Definition Id: oval:org.mitre.oval:def:24104

Oval ID:	oval:org.mitre.oval:def:24104
Title:	RHSA-2014:0420: qemu-kvm security update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147) A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0150) A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0142) A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0146) It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0148) The CVE-2014-0143 issues were discovered by Kevin Wolf and Stefan Hajnoczi of Red Hat, the CVE-2014-0144 issues were discovered by Fam Zheng, Jeff Cody, Kevin Wolf, and Stefan Hajnoczi of Red Hat, the CVE-2014-0145 issues were discovered by Stefan Hajnoczi of Red Hat, the CVE-2014-0150 issue was discovered by Michael S. Tsirkin of Red Hat, the CVE-2014-0142, CVE-2014-0146, and CVE-2014-0147 issues were discovered by Kevin Wolf of Red Hat, and the CVE-2014-0148 issue was discovered by Jeff Cody of Red Hat. All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0420-00 CESA-2014:0420 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0148 CVE-2014-0150	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section qemu-kvm-tools is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-img is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.8

Definition Id: oval:org.mitre.oval:def:24231

Oval ID:	oval:org.mitre.oval:def:24231
Title:	DSA-2909-1 qemu - security update
Description:	Michael S. Tsirkin of Red Hat discovered a buffer overflow flaw in the way qemu processed MAC addresses table update requests from the guest.
Family:	unix	Class:	patch
Reference(s):	DSA-2909-1 CVE-2014-0150	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	qemu
Definition Synopsis:
Debian 6.0 release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu DPKG is earlier than 0:0.12.5+dfsg-3squeeze4 AND Debian 7.x release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu DPKG is earlier than 0:1.1.2+dfsg-6a+deb7u1

Definition Id: oval:org.mitre.oval:def:24717

Oval ID:	oval:org.mitre.oval:def:24717
Title:	DSA-2910-1 qemu-kvm - security update
Description:	Michael S. Tsirkin of Red Hat discovered a buffer overflow flaw in the way qemu processed MAC addresses table update requests from the guest.
Family:	unix	Class:	patch
Reference(s):	DSA-2910-1 CVE-2014-0150	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	qemu-kvm
Definition Synopsis:
Debian 6.0 release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu-kvm DPKG is earlier than 0:0.12.5+dfsg-5+squeeze11 AND Debian 7.x release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu-kvm DPKG is earlier than 0:1.1.2+dfsg-6+deb7u1

Definition Id: oval:org.mitre.oval:def:25155

Oval ID:	oval:org.mitre.oval:def:25155
Title:	RHSA-2014:0426: qemu-kvm security update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. ... All users of qemu-kvm should upgrade to these updated packages, which contain backported patches to correct this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0426-00 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0148 CVE-2014-0150	Version:	3
Platform(s):	Red Hat Enterprise Linux 6	Product(s):
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-img is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm-tools is earlier than 2:0.12.1.2-2.415.el6_5.8

Definition Id: oval:org.mitre.oval:def:25200

Oval ID:	oval:org.mitre.oval:def:25200
Title:	ELSA-2014:0426: qemu-kvm security update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. ... All users of qemu-kvm should upgrade to these updated packages, which contain backported patches to correct this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0426-00 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0148 CVE-2014-0150	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	qemu qemu-kvm
Definition Synopsis:
Oracle Linux 6.x rpm test qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-img is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm-tools is earlier than 2:0.12.1.2-2.415.el6_5.8

CPE : Common Platform Enumeration

Type	Description	Count
Application	Qemu cpe:2.3:a:qemu:qemu:2.0.0:rc0:::::: cpe:2.3:a:qemu:qemu:2.0.0:rc2:::::: cpe:2.3:a:qemu:qemu:2.0.0:rc3:::::: cpe:2.3:a:qemu:qemu:2.0.0:rc1:::::: cpe:2.3:a:qemu:qemu:2.0.0:-:::::: cpe:2.3:a:qemu:qemu:1.7.1:::::::* cpe:2.3:a:qemu:qemu:1.6.2:::::::* cpe:2.3:a:qemu:qemu:1.6.1:::::::* cpe:2.3:a:qemu:qemu:1.6.0:rc3:::::: cpe:2.3:a:qemu:qemu:1.6.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.6.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.6.0:-:::::: cpe:2.3:a:qemu:qemu:1.5.3:::::::* cpe:2.3:a:qemu:qemu:1.5.2:::::::* cpe:2.3:a:qemu:qemu:1.5.1:::::::* cpe:2.3:a:qemu:qemu:1.5.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.5.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.5.0:-:::::: cpe:2.3:a:qemu:qemu:1.5.0:rc3:::::: cpe:2.3:a:qemu:qemu:1.4.2:::::::* cpe:2.3:a:qemu:qemu:1.4.1:::::::* cpe:2.3:a:qemu:qemu:1.4.0:-:::::: cpe:2.3:a:qemu:qemu:1.4.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.4.0:rc0:::::: cpe:2.3:a:qemu:qemu:1.3.1:::::::* cpe:2.3:a:qemu:qemu:1.3.0:rc0:::::: cpe:2.3:a:qemu:qemu:1.3.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.3.0:::::::* cpe:2.3:a:qemu:qemu:1.3.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.2.2:::::::* cpe:2.3:a:qemu:qemu:1.2.1:::::::* cpe:2.3:a:qemu:qemu:1.2.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.2.0:rc0:::::: cpe:2.3:a:qemu:qemu:1.2.0:-:::::: cpe:2.3:a:qemu:qemu:1.2.0:rc3:::::: cpe:2.3:a:qemu:qemu:1.2.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.1.2:::::::* cpe:2.3:a:qemu:qemu:1.1.1:::::::* cpe:2.3:a:qemu:qemu:1.1:rc4:::::: cpe:2.3:a:qemu:qemu:1.1:rc1:::::: cpe:2.3:a:qemu:qemu:1.1:rc2:::::: cpe:2.3:a:qemu:qemu:1.1:rc3:::::: cpe:2.3:a:qemu:qemu:1.1:-:::::: cpe:2.3:a:qemu:qemu:1.0.1:::::::* cpe:2.3:a:qemu:qemu:1.0:rc3:::::: cpe:2.3:a:qemu:qemu:1.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.0:rc4:::::: cpe:2.3:a:qemu:qemu:1.0:-:::::: cpe:2.3:a:qemu:qemu:1:2.1+dfsg-12+deb8u6:::::::* cpe:2.3:a:qemu:qemu:1:2.8+dfsg-6+deb9u8:::::::* cpe:2.3:a:qemu:qemu:1:3.1+dfsg-8+deb10u2:::::::* cpe:2.3:a:qemu:qemu:1:3.1+dfsg-8~deb10u1:::::::* cpe:2.3:a:qemu:qemu:1:4.1-1:::::::* cpe:2.3:a:qemu:qemu:0.9.1-5:::::::* cpe:2.3:a:qemu:qemu:0.9.1:::::::* cpe:2.3:a:qemu:qemu:0.9.0:::::::* cpe:2.3:a:qemu:qemu:0.8.2:::::::* cpe:2.3:a:qemu:qemu:0.8.1:::::::* cpe:2.3:a:qemu:qemu:0.8.0:::::::* cpe:2.3:a:qemu:qemu:0.7.2:::::::* cpe:2.3:a:qemu:qemu:0.7.1:::::::* cpe:2.3:a:qemu:qemu:0.7.0:::::::* cpe:2.3:a:qemu:qemu:0.6.1:::::::* cpe:2.3:a:qemu:qemu:0.6.0:::::::* cpe:2.3:a:qemu:qemu:0.5.5:::::::* cpe:2.3:a:qemu:qemu:0.5.4:::::::* cpe:2.3:a:qemu:qemu:0.5.3:::::::* cpe:2.3:a:qemu:qemu:0.5.2:::::::* cpe:2.3:a:qemu:qemu:0.5.1:::::::* cpe:2.3:a:qemu:qemu:0.5.0:::::::* cpe:2.3:a:qemu:qemu:0.4.3:::::::* cpe:2.3:a:qemu:qemu:0.4.2:::::::* cpe:2.3:a:qemu:qemu:0.4.1:::::::* cpe:2.3:a:qemu:qemu:0.4.0:::::::* cpe:2.3:a:qemu:qemu:0.3.0:::::::* cpe:2.3:a:qemu:qemu:0.2.0:::::::* cpe:2.3:a:qemu:qemu:0.15.2:::::::* cpe:2.3:a:qemu:qemu:0.15.1:::::::* cpe:2.3:a:qemu:qemu:0.15.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.15.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.15.0:-:::::: cpe:2.3:a:qemu:qemu:0.14.1:::::::* cpe:2.3:a:qemu:qemu:0.14.0:-:::::: cpe:2.3:a:qemu:qemu:0.14.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.14.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.14.0:rc0:::::: cpe:2.3:a:qemu:qemu:0.13.0:-:::::: cpe:2.3:a:qemu:qemu:0.13.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.13.0:rc0:::::: cpe:2.3:a:qemu:qemu:0.12.5:::::::* cpe:2.3:a:qemu:qemu:0.12.4:::::::* cpe:2.3:a:qemu:qemu:0.12.3:::::::* cpe:2.3:a:qemu:qemu:0.12.2:::::::* cpe:2.3:a:qemu:qemu:0.12.1:::::::* cpe:2.3:a:qemu:qemu:0.12.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.12.0:-:::::: cpe:2.3:a:qemu:qemu:0.12.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.11.1:::::::* cpe:2.3:a:qemu:qemu:0.11.0-rc2:::::::* cpe:2.3:a:qemu:qemu:0.11.0-rc1:::::::* cpe:2.3:a:qemu:qemu:0.11.0-rc0:::::::* cpe:2.3:a:qemu:qemu:0.11.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.11.0:rc0:::::: cpe:2.3:a:qemu:qemu:0.11.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.11.0:-:::::: cpe:2.3:a:qemu:qemu:0.10.6:::::::* cpe:2.3:a:qemu:qemu:0.10.5:::::::* cpe:2.3:a:qemu:qemu:0.10.4:::::::* cpe:2.3:a:qemu:qemu:0.10.3:::::::* cpe:2.3:a:qemu:qemu:0.10.2:::::::* cpe:2.3:a:qemu:qemu:0.10.1:::::::* cpe:2.3:a:qemu:qemu:0.10.0:::::::* cpe:2.3:a:qemu:qemu:0.1.6:::::::* cpe:2.3:a:qemu:qemu:0.1.5:::::::* cpe:2.3:a:qemu:qemu:0.1.4:::::::* cpe:2.3:a:qemu:qemu:0.1.3:::::::* cpe:2.3:a:qemu:qemu:0.1.2:::::::* cpe:2.3:a:qemu:qemu:0.1.1:::::::* cpe:2.3:a:qemu:qemu:0.1.0:::::::* cpe:2.3:a:qemu:qemu:::::::: cpe:2.3:a:qemu:qemu::r1::::::* cpe:2.3:a:qemu:qemu:-:::::::*	123
Os	Redhat Enterprise Linux cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*	1

Nessus® Vulnerability Scanner

Date	Description
2015-03-19	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-061.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Fedora host is missing a security update. File : fedora_2014-15951.nasl - Type : ACT_GATHER_INFO
2014-12-02	Name : The remote Fedora host is missing a security update. File : fedora_2014-15521.nasl - Type : ACT_GATHER_INFO
2014-12-02	Name : The remote Fedora host is missing a security update. File : fedora_2014-15503.nasl - Type : ACT_GATHER_INFO
2014-11-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-220.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0674.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0421.nasl - Type : ACT_GATHER_INFO
2014-08-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-17.nasl - Type : ACT_GATHER_INFO
2014-06-19	Name : The remote SuSE 11 host is missing a security update. File : suse_11_kvm-140528.nasl - Type : ACT_GATHER_INFO
2014-05-02	Name : The remote Fedora host is missing a security update. File : fedora_2014-5825.nasl - Type : ACT_GATHER_INFO
2014-04-29	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2182-1.nasl - Type : ACT_GATHER_INFO
2014-04-23	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140422_qemu_kvm_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-04-23	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0420.nasl - Type : ACT_GATHER_INFO
2014-04-23	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0420.nasl - Type : ACT_GATHER_INFO
2014-04-23	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0420.nasl - Type : ACT_GATHER_INFO
2014-04-21	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2909.nasl - Type : ACT_GATHER_INFO
2014-04-21	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2910.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
CONFIRM	https://bugzilla.redhat.com/show_bug.cgi?id=1078846
DEBIAN	http://www.debian.org/security/2014/dsa-2909 http://www.debian.org/security/2014/dsa-2910
MLIST	http://article.gmane.org/gmane.comp.emulators.qemu/266768 http://thread.gmane.org/gmane.comp.emulators.qemu/266713
SECUNIA	http://secunia.com/advisories/57878 http://secunia.com/advisories/58191
UBUNTU	http://www.ubuntu.com/usn/USN-2182-1

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-02-02 01:25:47	Multiple Updates
2024-02-01 12:07:39	Multiple Updates
2023-09-05 12:24:25	Multiple Updates
2023-09-05 01:07:34	Multiple Updates
2023-09-02 12:24:23	Multiple Updates
2023-09-02 01:07:39	Multiple Updates
2023-08-12 12:26:36	Multiple Updates
2023-08-12 01:07:10	Multiple Updates
2023-08-11 12:22:30	Multiple Updates
2023-08-11 01:07:20	Multiple Updates
2023-08-06 12:21:55	Multiple Updates
2023-08-06 01:07:08	Multiple Updates
2023-08-04 12:21:56	Multiple Updates
2023-08-04 01:07:12	Multiple Updates
2023-07-14 12:21:54	Multiple Updates
2023-07-14 01:07:11	Multiple Updates
2023-03-29 01:23:51	Multiple Updates
2023-03-28 12:07:32	Multiple Updates
2022-10-11 12:19:46	Multiple Updates
2022-10-11 01:07:20	Multiple Updates
2021-05-05 01:14:18	Multiple Updates
2021-05-04 12:29:31	Multiple Updates
2021-04-22 01:35:40	Multiple Updates
2020-11-03 09:22:45	Multiple Updates
2020-11-02 17:22:45	Multiple Updates
2020-05-24 01:13:10	Multiple Updates
2020-05-23 01:50:42	Multiple Updates
2020-05-23 00:39:20	Multiple Updates
2019-09-27 12:06:06	Multiple Updates
2019-04-22 21:19:09	Multiple Updates
2018-09-07 12:07:25	Multiple Updates
2017-12-16 09:21:40	Multiple Updates
2016-06-28 22:30:04	Multiple Updates
2016-04-27 00:02:45	Multiple Updates
2015-03-20 13:28:48	Multiple Updates
2014-12-16 13:25:06	Multiple Updates
2014-12-03 13:28:20	Multiple Updates
2014-11-26 13:28:08	Multiple Updates
2014-11-08 13:31:27	Multiple Updates
2014-08-31 13:25:00	Multiple Updates
2014-06-20 13:24:46	Multiple Updates
2014-05-10 09:23:06	Multiple Updates
2014-05-03 13:22:39	Multiple Updates
2014-04-30 13:21:28	Multiple Updates
2014-04-24 13:21:48	Multiple Updates
2014-04-21 21:21:32	Multiple Updates
2014-04-21 13:22:18	Multiple Updates
2014-04-19 13:24:18	First insertion

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	6
CPE ID(s)	124
Sources(s)	8
Nessus® Exploit(s)	17

	Related
7.5	MDVSA-2015:061
7.5	MDVSA-2014:220
7.5	GLSA-201408-17
7.2	USN-2182-1
4.9	RHSA-2014:0435
4.9	RHSA-2014:0434
4.9	RHSA-2014:0420
4.9	DSA-2910
4.9	DSA-2909
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 9 more Alert(s)