5 - CVE-2015-2808

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	CVE-2015-2808	First vendor Publication	2015-03-31
Vendor	Cve	Last vendor Modification	2023-09-07

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-327	Use of a Broken or Risky Cryptographic Algorithm (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28927

Oval ID:	oval:org.mitre.oval:def:28927
Title:	Vulnerability in IBM SDK Java JSSE affects AIX
Description:	The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2015-2808	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND File Version Exists Java5.sdk less than 5.0.0.590 AND Java5_64.sdk less than 5.0.0.590 AND Java6.sdk less than 6.0.0.470 AND Java6_64.sdk less than 6.0.0.470 AND Java7.sdk less than 7.0.0.195 AND Java7_64.sdk less than 7.0.0.195 AND Java71.sdk less than 7.1.0.75 AND Java71_64.sdk less than 7.1.0.75

CPE : Common Platform Enumeration

Type	Description	Count
Application	Huawei Oceanstor Replicationdirector cpe:2.3:a:huawei:oceanstor_replicationdirector:v100r003c00:::::::*	1
Application	Huawei Policy Center cpe:2.3:a:huawei:policy_center:v100r003c10:::::::* cpe:2.3:a:huawei:policy_center:v100r003c00:::::::*	2
Application	Huawei smc2.0 cpe:2.3:a:huawei:smc2.0:v100r002c04:::::::* cpe:2.3:a:huawei:smc2.0:v100r002c03:::::::* cpe:2.3:a:huawei:smc2.0:v100r002c02:::::::* cpe:2.3:a:huawei:smc2.0:v100r002c01:::::::*	4
Application	Huawei Ultravr cpe:2.3:a:huawei:ultravr:v100r003c00:::::::*	1
Application	Ibm Cognos Metrics Manager cpe:2.3:a:ibm:cognos_metrics_manager:10.2.2:::::::* cpe:2.3:a:ibm:cognos_metrics_manager:10.2.1:::::::* cpe:2.3:a:ibm:cognos_metrics_manager:10.2:::::::* cpe:2.3:a:ibm:cognos_metrics_manager:10.1.1:::::::* cpe:2.3:a:ibm:cognos_metrics_manager:10.1:::::::*	5
Application	Oracle Communications Application Session Controller cpe:2.3:a:oracle:communications_application_session_controller:3.9m0p3:::::::* cpe:2.3:a:oracle:communications_application_session_controller:3.9m0p2:::::::* cpe:2.3:a:oracle:communications_application_session_controller:3.9m0p1:::::::* cpe:2.3:a:oracle:communications_application_session_controller:3.9.0:::::::* cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:::::::* cpe:2.3:a:oracle:communications_application_session_controller:3.8.0:::::::* cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:-:::::: cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:::::::* cpe:2.3:a:oracle:communications_application_session_controller::::::::	9
Application	Oracle Communications Policy Management cpe:2.3:a:oracle:communications_policy_management:9.9.1:::::::* cpe:2.3:a:oracle:communications_policy_management:9.7.3:::::::* cpe:2.3:a:oracle:communications_policy_management::::::::	3
Application	Oracle Http Server cpe:2.3:a:oracle:http_server:12.2.1.2.0:::::::* cpe:2.3:a:oracle:http_server:12.2.1.1.0:::::::* cpe:2.3:a:oracle:http_server:12.1.3.0.0:::::::* cpe:2.3:a:oracle:http_server:11.1.1.9.0:::::::* cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*	5
Application	Redhat Satellite cpe:2.3:a:redhat:satellite:5.7:::::::*	1
Application	Suse Linux Enterprise Debuginfo cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:::::: cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3::::::	2
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm::: cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::	3
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:8.0:::::::* cpe:2.3:o:debian:debian_linux:7.0:::::::*	2
Os	Opensuse cpe:2.3:o:opensuse:opensuse:13.2:::::::* cpe:2.3:o:opensuse:opensuse:13.1:::::::*	2
Os	Oracle Integrated Lights Out Manager Firmware cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.2:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.1:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.0:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.9:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.8:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.7:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.6:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.5:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.4:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.2:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.1:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.0:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.2:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.1:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.0:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.9:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.8:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.6:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.4:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.3:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.16:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.14:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.12:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.10:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.0:::::::* cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0:::::::*	28
Os	Redhat Enterprise Linux Desktop cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*	3
Os	Redhat Enterprise Linux Eus cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.1:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:6.6:::::::*	8
Os	Redhat Enterprise Linux Server cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*	3
Os	Redhat Enterprise Linux Server Aus cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:::::::*	5
Os	Redhat Enterprise Linux Server Tus cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*	3
Os	Redhat Enterprise Linux Workstation cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*	3
Os	Suse Linux Enterprise Desktop cpe:2.3:o:suse:linux_enterprise_desktop:12:-:::::: cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:::::: cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4::::::	3
Os	Suse Linux Enterprise Server cpe:2.3:o:suse:linux_enterprise_server:12:-:::::: cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::vmware::* cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::ltss:::* cpe:2.3:o:suse:linux_enterprise_server:11:sp2:::ltss:::* cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::ltss:::*	5
Os	Suse Linux Enterprise Software Development Kit cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:::::: cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3::::::	2

Information Assurance Vulnerability Management (IAVM)

Date	Description
2015-07-16	IAVM : 2015-A-0158 - Multiple Vulnerabilities in Oracle Java SE Severity : Category I - VMSKEY : V0061089

Snort® IPS/IDS

Date	Description
2017-04-12	SSL/TLS weak RC4 cipher suite use attempt RuleID : 41907 - Revision : 3 - Type : POLICY-OTHER
2016-04-05	SSL/TLS weak RC4 cipher suite use attempt RuleID : 37916 - Revision : 3 - Type : POLICY-OTHER
2016-04-05	SSL/TLS weak RC4 cipher suite use attempt RuleID : 37915 - Revision : 3 - Type : POLICY-OTHER
2016-04-05	SSL/TLS weak RC4 cipher suite use attempt RuleID : 37914 - Revision : 3 - Type : POLICY-OTHER
2016-04-05	SSL/TLS weak RC4 cipher suite use attempt RuleID : 37913 - Revision : 3 - Type : POLICY-OTHER
2016-04-05	SSL/TLS weak RC4 cipher suite use attempt RuleID : 37912 - Revision : 3 - Type : POLICY-OTHER
2016-03-14	SSL/TLS weak RC4 cipher suite use attempt RuleID : 37026 - Revision : 4 - Type : POLICY-OTHER
2016-03-14	SSL/TLS weak RC4 cipher suite use attempt RuleID : 37025 - Revision : 4 - Type : POLICY-OTHER

Nessus® Vulnerability Scanner

Date	Description
2017-12-04	Name : The remote host is missing a vendor-supplied security patch. File : check_point_gaia_sk106499.nasl - Type : ACT_GATHER_INFO
2016-07-25	Name : The remote web server is affected by multiple vulnerabilities. File : oracle_http_server_cpu_jul_2016.nasl - Type : ACT_GATHER_INFO
2016-07-14	Name : A video conferencing application running on the remote host is affected by mu... File : cisco_telepresence_vcs_multiple_880.nasl - Type : ACT_GATHER_INFO
2016-06-23	Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10727.nasl - Type : ACT_GATHER_INFO
2016-06-16	Name : The remote host is affected by a security feature bypass vulnerability. File : ibm_storwize_cve_2015_2808.nasl - Type : ACT_GATHER_INFO
2016-04-29	Name : The remote host is affected by multiple vulnerabilities. File : hp_data_protector_hpsbgn03580.nasl - Type : ACT_GATHER_INFO
2016-02-29	Name : The remote AIX host is missing a vendor-supplied security patch. File : aix_U867669.nasl - Type : ACT_GATHER_INFO
2016-01-14	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0113-1.nasl - Type : ACT_GATHER_INFO
2016-01-06	Name : The remote database server is affected by multiple vulnerabilities. File : db2_105fp7_win.nasl - Type : ACT_GATHER_INFO
2016-01-06	Name : The remote database server is affected by multiple vulnerabilities. File : db2_105fp7_nix.nasl - Type : ACT_GATHER_INFO
2016-01-04	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201512-10.nasl - Type : ACT_GATHER_INFO
2015-12-21	Name : The remote web server is affected by a security feature bypass vulnerability. File : ibm_http_server_bar_mitzvah.nasl - Type : ACT_GATHER_INFO
2015-12-07	Name : The remote web server hosts a web application that is potentially affected by... File : jira_6_4_10.nasl - Type : ACT_GATHER_INFO
2015-12-04	Name : The remote AIX host is missing a vendor-supplied security patch. File : aix_U863668.nasl - Type : ACT_GATHER_INFO
2015-12-03	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-2166-1.nasl - Type : ACT_GATHER_INFO
2015-10-23	Name : The remote web server is affected by multiple vulnerabilities. File : oracle_http_server_cpu_oct_2015.nasl - Type : ACT_GATHER_INFO
2015-09-18	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16864.nasl - Type : ACT_GATHER_INFO
2015-09-18	Name : The remote database server is affected by multiple vulnerabilities. File : db2_105fp6.nasl - Type : ACT_GATHER_INFO
2015-09-09	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1509-1.nasl - Type : ACT_GATHER_INFO
2015-08-31	Name : The remote Debian host is missing a security update. File : debian_DLA-303.nasl - Type : ACT_GATHER_INFO
2015-08-26	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-586.nasl - Type : ACT_GATHER_INFO
2015-08-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3339.nasl - Type : ACT_GATHER_INFO
2015-08-13	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1375-1.nasl - Type : ACT_GATHER_INFO
2015-08-07	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2706-1.nasl - Type : ACT_GATHER_INFO
2015-08-04	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1331-1.nasl - Type : ACT_GATHER_INFO
2015-08-04	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1329-1.nasl - Type : ACT_GATHER_INFO
2015-08-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150730_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-07-31	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1319-1.nasl - Type : ACT_GATHER_INFO
2015-07-31	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1526.nasl - Type : ACT_GATHER_INFO
2015-07-31	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1526.nasl - Type : ACT_GATHER_INFO
2015-07-31	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1526.nasl - Type : ACT_GATHER_INFO
2015-07-31	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1320-1.nasl - Type : ACT_GATHER_INFO
2015-07-31	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2696-1.nasl - Type : ACT_GATHER_INFO
2015-07-28	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3316.nasl - Type : ACT_GATHER_INFO
2015-07-27	Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-512.nasl - Type : ACT_GATHER_INFO
2015-07-27	Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-511.nasl - Type : ACT_GATHER_INFO
2015-07-23	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-570.nasl - Type : ACT_GATHER_INFO
2015-07-23	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-571.nasl - Type : ACT_GATHER_INFO
2015-07-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1242.nasl - Type : ACT_GATHER_INFO
2015-07-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1243.nasl - Type : ACT_GATHER_INFO
2015-07-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1241.nasl - Type : ACT_GATHER_INFO
2015-07-18	Name : The remote database server is affected by multiple vulnerabilities. File : db2_97fp10_multi_vuln.nasl - Type : ACT_GATHER_INFO
2015-07-18	Name : The remote database server is affected by multiple vulnerabilities. File : db2_101fp5.nasl - Type : ACT_GATHER_INFO
2015-07-17	Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_jul_2015.nasl - Type : ACT_GATHER_INFO
2015-07-17	Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_jul_2015_unix.nasl - Type : ACT_GATHER_INFO
2015-07-17	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1230.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150715_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1230.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1229.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1228.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150715_java_1_8_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1229.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1228.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : A programming platform installed on the remote Windows host is affected by mu... File : oracle_jrockit_cpu_jul_2015.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150715_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1230.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1229.nasl - Type : ACT_GATHER_INFO
2015-07-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1228.nasl - Type : ACT_GATHER_INFO
2015-07-09	Name : The remote application server is affected by multiple vulnerabilities. File : websphere_8_5_5_6.nasl - Type : ACT_GATHER_INFO
2015-06-29	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1086-4.nasl - Type : ACT_GATHER_INFO
2015-06-26	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1138-1.nasl - Type : ACT_GATHER_INFO
2015-06-26	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1086-3.nasl - Type : ACT_GATHER_INFO
2015-06-23	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1086-2.nasl - Type : ACT_GATHER_INFO
2015-06-19	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1086-1.nasl - Type : ACT_GATHER_INFO
2015-06-19	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1085-1.nasl - Type : ACT_GATHER_INFO
2015-06-18	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1073-1.nasl - Type : ACT_GATHER_INFO
2015-06-12	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1091.nasl - Type : ACT_GATHER_INFO
2015-06-10	Name : The remote AIX host has a version of Java SDK installed that is affected by m... File : aix_java_april2015_advisory.nasl - Type : ACT_GATHER_INFO
2015-05-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1021.nasl - Type : ACT_GATHER_INFO
2015-05-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1020.nasl - Type : ACT_GATHER_INFO
2015-05-13	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1007.nasl - Type : ACT_GATHER_INFO
2015-05-13	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1006.nasl - Type : ACT_GATHER_INFO
2015-04-30	Name : The remote AIX host has a version of Java SDK installed that is affected by m... File : aix_java_apr2015_advisory.nasl - Type : ACT_GATHER_INFO
2015-01-27	Name : The remote web server is affected by multiple vulnerabilities. File : oracle_http_server_cpu_jan_2015.nasl - Type : ACT_GATHER_INFO
2013-04-05	Name : The remote service supports the use of the RC4 cipher. File : ssl_rc4_supported_ciphers.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
AIXAPAR	http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888 http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892
BID	http://www.securityfocus.com/bid/73684 http://www.securityfocus.com/bid/91787
CONFIRM	http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 http://www-01.ibm.com/support/docview.wss?uid=swg21883640 http://www-304.ibm.com/support/docview.wss?uid=swg21903565 http://www-304.ibm.com/support/docview.wss?uid=swg21960015 http://www-304.ibm.com/support/docview.wss?uid=swg21960769 http://www.huawei.com/en/psirt/security-advisories/hw-454055 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisori... https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n... https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n... https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n... https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n... https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n... https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n... https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n... https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650 https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n... https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n... https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n... https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n... https://kb.juniper.net/JSA10783 https://kc.mcafee.com/corporate/index?page=content&id=SB10163 https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709
DEBIAN	http://www.debian.org/security/2015/dsa-3316 http://www.debian.org/security/2015/dsa-3339
GENTOO	https://security.gentoo.org/glsa/201512-10
HP	http://marc.info/?l=bugtraq&m=143456209711959&w=2 http://marc.info/?l=bugtraq&m=143629696317098&w=2 http://marc.info/?l=bugtraq&m=143741441012338&w=2 http://marc.info/?l=bugtraq&m=143817021313142&w=2 http://marc.info/?l=bugtraq&m=143817899717054&w=2 http://marc.info/?l=bugtraq&m=143818140118771&w=2 http://marc.info/?l=bugtraq&m=144043644216842&w=2 http://marc.info/?l=bugtraq&m=144059660127919&w=2 http://marc.info/?l=bugtraq&m=144059703728085&w=2 http://marc.info/?l=bugtraq&m=144060576831314&w=2 http://marc.info/?l=bugtraq&m=144060606031437&w=2 http://marc.info/?l=bugtraq&m=144069189622016&w=2 http://marc.info/?l=bugtraq&m=144102017024820&w=2 http://marc.info/?l=bugtraq&m=144104533800819&w=2 http://marc.info/?l=bugtraq&m=144104565600964&w=2 http://marc.info/?l=bugtraq&m=144493176821532&w=2 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na...
MISC	https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-At... https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/
REDHAT	http://rhn.redhat.com/errata/RHSA-2015-1006.html http://rhn.redhat.com/errata/RHSA-2015-1007.html http://rhn.redhat.com/errata/RHSA-2015-1020.html http://rhn.redhat.com/errata/RHSA-2015-1021.html http://rhn.redhat.com/errata/RHSA-2015-1091.html http://rhn.redhat.com/errata/RHSA-2015-1228.html http://rhn.redhat.com/errata/RHSA-2015-1229.html http://rhn.redhat.com/errata/RHSA-2015-1230.html http://rhn.redhat.com/errata/RHSA-2015-1241.html http://rhn.redhat.com/errata/RHSA-2015-1242.html http://rhn.redhat.com/errata/RHSA-2015-1243.html http://rhn.redhat.com/errata/RHSA-2015-1526.html
SECTRACK	http://www.securitytracker.com/id/1032599 http://www.securitytracker.com/id/1032600 http://www.securitytracker.com/id/1032707 http://www.securitytracker.com/id/1032708 http://www.securitytracker.com/id/1032734 http://www.securitytracker.com/id/1032788 http://www.securitytracker.com/id/1032858 http://www.securitytracker.com/id/1032868 http://www.securitytracker.com/id/1032910 http://www.securitytracker.com/id/1032990 http://www.securitytracker.com/id/1033071 http://www.securitytracker.com/id/1033072 http://www.securitytracker.com/id/1033386 http://www.securitytracker.com/id/1033415 http://www.securitytracker.com/id/1033431 http://www.securitytracker.com/id/1033432 http://www.securitytracker.com/id/1033737 http://www.securitytracker.com/id/1033769 http://www.securitytracker.com/id/1036222
SUSE	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html
UBUNTU	http://www.ubuntu.com/usn/USN-2696-1 http://www.ubuntu.com/usn/USN-2706-1

Alert History

If you want to see full details history, please login or register.

Date	Informations
2023-09-07 21:28:11	Multiple Updates
2021-11-30 01:18:24	Multiple Updates
2021-09-22 01:17:25	Multiple Updates
2021-05-05 01:17:47	Multiple Updates
2021-05-04 12:39:35	Multiple Updates
2021-04-22 01:48:26	Multiple Updates
2021-03-27 01:14:36	Multiple Updates
2020-12-24 01:13:09	Multiple Updates
2020-12-23 01:13:18	Multiple Updates
2020-11-24 00:22:47	Multiple Updates
2020-05-23 00:44:53	Multiple Updates
2019-03-19 12:07:03	Multiple Updates
2018-01-18 21:22:33	Multiple Updates
2018-01-05 09:23:28	Multiple Updates
2017-12-16 13:23:35	Multiple Updates
2017-12-05 13:24:05	Multiple Updates
2017-11-08 09:23:48	Multiple Updates
2017-11-04 09:23:38	Multiple Updates
2017-10-20 09:23:00	Multiple Updates
2017-09-23 09:24:30	Multiple Updates
2017-09-22 09:24:13	Multiple Updates
2017-09-21 09:25:20	Multiple Updates
2017-09-06 09:22:59	Multiple Updates
2017-09-01 09:24:43	Multiple Updates
2017-05-24 09:23:30	Multiple Updates
2017-01-03 09:23:15	Multiple Updates
2016-12-28 09:22:05	Multiple Updates
2016-12-24 09:24:11	Multiple Updates
2016-12-22 09:23:55	Multiple Updates
2016-12-08 09:23:42	Multiple Updates
2016-12-07 21:24:36	Multiple Updates
2016-12-03 09:24:10	Multiple Updates
2016-11-29 00:25:09	Multiple Updates
2016-11-22 09:23:01	Multiple Updates
2016-09-28 09:23:39	Multiple Updates
2016-08-27 13:26:29	Multiple Updates
2016-08-23 09:24:54	Multiple Updates
2016-08-20 09:22:29	Multiple Updates
2016-08-17 09:23:50	Multiple Updates
2016-08-09 09:24:05	Multiple Updates
2016-07-22 12:03:25	Multiple Updates
2016-07-18 13:25:13	Multiple Updates
2016-06-24 13:26:47	Multiple Updates
2016-06-17 13:28:10	Multiple Updates
2016-06-15 09:26:02	Multiple Updates
2016-06-03 09:25:26	Multiple Updates
2016-04-30 13:30:48	Multiple Updates
2016-04-22 09:25:27	Multiple Updates
2016-03-01 13:26:32	Multiple Updates
2016-01-15 13:26:45	Multiple Updates
2016-01-07 13:25:37	Multiple Updates
2016-01-05 13:26:00	Multiple Updates
2015-12-22 13:25:22	Multiple Updates
2015-12-08 13:26:38	Multiple Updates
2015-12-05 13:27:11	Multiple Updates
2015-12-04 13:26:21	Multiple Updates
2015-11-18 13:26:27	Multiple Updates
2015-10-18 17:24:41	Multiple Updates
2015-09-19 13:23:30	Multiple Updates
2015-09-10 13:26:34	Multiple Updates
2015-09-02 13:39:20	Multiple Updates
2015-08-27 13:38:45	Multiple Updates
2015-08-25 13:29:55	Multiple Updates
2015-08-19 00:24:09	Multiple Updates
2015-08-18 13:35:10	Multiple Updates
2015-08-18 09:20:00	Multiple Updates
2015-08-12 13:33:19	Multiple Updates
2015-07-31 13:29:01	Multiple Updates
2015-07-28 13:32:25	Multiple Updates
2015-07-24 13:29:48	Multiple Updates
2015-07-22 05:31:14	Multiple Updates
2015-07-18 13:29:08	Multiple Updates
2015-07-17 09:20:21	Multiple Updates
2015-07-06 09:26:28	Multiple Updates
2015-07-02 00:26:51	Multiple Updates
2015-06-30 13:26:53	Multiple Updates
2015-06-27 13:28:54	Multiple Updates
2015-06-26 09:26:44	Multiple Updates
2015-06-24 13:27:48	Multiple Updates
2015-06-20 13:30:20	Multiple Updates
2015-06-19 13:28:32	Multiple Updates
2015-06-13 13:28:09	Multiple Updates
2015-06-11 13:27:48	Multiple Updates
2015-05-22 13:29:27	Multiple Updates
2015-05-14 13:28:16	Multiple Updates
2015-05-01 13:28:26	Multiple Updates
2015-04-10 13:28:14	Multiple Updates
2015-04-01 21:27:59	Multiple Updates
2015-04-01 09:27:43	First insertion

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	1
CPE ID(s)	103
Sources(s)	101
IAVM(s)	1
Snort® Rule(s)	8
Nessus® Exploit(s)	75

	Related
10	USN-2706-1
10	USN-2696-1
10	RHSA-2015:1526
10	RHSA-2015:1243
10	RHSA-2015:1242
10	RHSA-2015:1241
10	RHSA-2015:1230
10	RHSA-2015:1229
10	RHSA-2015:1228
10	RHSA-2015:1021
10	RHSA-2015:1020
10	RHSA-2015:1007
10	RHSA-2015:1006
10	GLSA-201512-10
10	DSA-3339
10	DSA-3316
6.8	HPSBUX03512 SSR...
5	HPSBUX03435 SSR...
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 18 more Alert(s)