Executive Summary
Summary | |
---|---|
Title | php5 regression fix |
Informations | |||
---|---|---|---|
Name | DSA-2399 | First vendor Publication | 2012-01-31 |
Vendor | Debian | Last vendor Modification | 2012-01-31 |
Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A regression was found in the fix for PHP's XSLT transformations (CVE-2012-0057). Updated packages are now available to address this regression. For reference, the original advisory text follows. Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1938 The UNIX socket handling allowed attackers to trigger a buffer overflow via a long path name. CVE-2011-2483 The crypt_blowfish function did not properly handle 8-bit characters, which made it easier for attackers to determine a cleartext password by using knowledge of a password hash. CVE-2011-4566 When used on 32 bit platforms, the exif extension could be used to trigger an integer overflow in the exif_process_IFD_TAG function when processing a JPEG file. CVE-2011-4885 It was possible to trigger hash collisions predictably when parsing form parameters, which allows remote attackers to cause a denial of service by sending many crafted parameters. CVE-2012-0057 When applying a crafted XSLT transform, an attacker could write files to arbitrary places in the filesystem. NOTE: the fix for CVE-2011-2483 required changing the behaviour of this function: it is now incompatible with some old (wrongly) generated hashes for passwords containing 8-bit characters. See the package NEWS entry for details. This change has not been applied to the Lenny version of PHP. NOTE: at the time of release packages for some architectures are still being built. They will be installed into the archive as soon as they arrive. For the oldstable distribution (lenny), these problems have been fixed in version 5.2.6.dfsg.1-1+lenny15. For the stable distribution (squeeze), these problems have been fixed in version 5.3.3-7+squeeze6. For the testing distribution (wheezy) and unstable distribution (sid), these problems have been fixed in version 5.3.9-1. We recommend that you upgrade your php5 packages. |
Original Source
Url : http://www.debian.org/security/2012/dsa-2399 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
20 % | CWE-310 | Cryptographic Issues |
20 % | CWE-264 | Permissions, Privileges, and Access Controls |
20 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
20 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:14797 | |||
Oval ID: | oval:org.mitre.oval:def:14797 | ||
Title: | DSA-2399-2 php5 -- several | ||
Description: | A regression was found in the fix for PHP's XSLT transformations. Updated packages are now available to address this regression. For reference, the original advisory text follows. Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1938 The UNIX socket handling allowed attackers to trigger a buffer overflow via a long path name. CVE-2011-2483 The crypt_blowfish function did not properly handle 8-bit characters, which made it easier for attackers to determine a cleartext password by using knowledge of a password hash. CVE-2011-4566 When used on 32 bit platforms, the exif extension could be used to trigger an integer overflow in the exif_process_IFD_TAG function when processing a JPEG file. CVE-2011-4885 It was possible to trigger hash collisions predictably when parsing form parameters, which allows remote attackers to cause a denial of service by sending many crafted parameters. CVE-2012-0057 When applying a crafted XSLT transform, an attacker could write files to arbitrary places in the filesystem. NOTE: the fix for CVE-2011-2483 required changing the behaviour of this function: it is now incompatible with some old generated hashes for passwords containing 8-bit characters. See the package NEWS entry for details. This change has not been applied to the Lenny version of PHP. NOTE: at the time of release packages for some architectures are still being built. They will be installed into the archive as soon as they arrive. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2399-2 CVE-2011-1938 CVE-2011-2483 CVE-2011-4566 CVE-2011-4885 CVE-2012-0057 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15401 | |||
Oval ID: | oval:org.mitre.oval:def:15401 | ||
Title: | DSA-2399-1 php5 -- several | ||
Description: | Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1938 The UNIX socket handling allowed attackers to trigger a buffer overflow via a long path name. CVE-2011-2483 The crypt_blowfish function did not properly handle 8-bit characters, which made it easier for attackers to determine a cleartext password by using knowledge of a password hash. CVE-2011-4566 When used on 32 bit platforms, the exif extension could be used to trigger an integer overflow in the exif_process_IFD_TAG function when processing a JPEG file. CVE-2011-4885 It was possible to trigger hash collisions predictably when parsing form parameters, which allows remote attackers to cause a denial of service by sending many crafted parameters. CVE-2012-0057 When applying a crafted XSLT transform, an attacker could write files to arbitrary places in the filesystem. NOTE: the fix for CVE-2011-2483 required changing the behaviour of this function: it is now incompatible with some old generated hashes for passwords containing 8-bit characters. See the package NEWS entry for details. This change has not been applied to the Lenny version of PHP. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2399-1 CVE-2011-1938 CVE-2011-2483 CVE-2011-4566 CVE-2011-4885 CVE-2012-0057 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15450 | |||
Oval ID: | oval:org.mitre.oval:def:15450 | ||
Title: | USN-1307-1 -- PHP vulnerability | ||
Description: | php5: HTML-embedded scripting language interpreter PHP could be made to crash or disclose sensitive information if it processed a specially crafted image file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1307-1 CVE-2011-4566 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | PHP |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18286 | |||
Oval ID: | oval:org.mitre.oval:def:18286 | ||
Title: | DSA-2340-1 postgresql - weak password hashing | ||
Description: | magnum discovered that the blowfish password hashing used amongst others in PostgreSQL contained a weakness that would give passwords with 8 bit characters the same hash as weaker equivalents. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2340-1 CVE-2011-2483 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 Debian GNU/Linux 5.0 | Product(s): | postgresql-8.4 postgresql-8.3 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20579 | |||
Oval ID: | oval:org.mitre.oval:def:20579 | ||
Title: | USN-1229-1 -- postgresql-8.3, postgresql-8.4 vulnerability | ||
Description: | PostgreSQL incorrectly handled blowfish passwords. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1229-1 CVE-2011-2483 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 10.10 Ubuntu 10.04 Ubuntu 8.04 | Product(s): | postgresql-8.4 postgresql-8.3 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2012-01-03 | PHP Hash Table Collision Proof Of Concept |
2012-01-01 | PHP Hashtables Denial of Service |
2011-07-04 | PHP 5.3.6 Buffer Overflow PoC (ROP) CVE-2011-1938 |
2011-05-25 | PHP <= 5.3.5 socket_connect() Buffer Overflow Vulnerability |
OpenVAS Exploits
Date | Description |
---|---|
2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0426-1 (update) File : nvt/gb_suse_2012_0426_1.nasl |
2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-03 (php) File : nvt/glsa_201209_03.nasl |
2012-09-10 | Name : Slackware Advisory SSA:2011-237-01 php File : nvt/esoft_slk_ssa_2011_237_01.nasl |
2012-08-03 | Name : Mandriva Update for php MDVSA-2012:065 (php) File : nvt/gb_mandriva_MDVSA_2012_065.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0093 centos6 File : nvt/gb_CESA-2012_0093_php_centos6.nasl |
2012-07-30 | Name : CentOS Update for php53 CESA-2012:1047 centos5 File : nvt/gb_CESA-2012_1047_php53_centos5.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:1046 centos6 File : nvt/gb_CESA-2012_1046_php_centos6.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:1045 centos5 File : nvt/gb_CESA-2012_1045_php_centos5.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0093 centos5 File : nvt/gb_CESA-2012_0093_php_centos5.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0093 centos4 File : nvt/gb_CESA-2012_0093_php_centos4.nasl |
2012-07-30 | Name : CentOS Update for php53 CESA-2012:0092 centos5 File : nvt/gb_CESA-2012_0092_php53_centos5.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0071 centos4 File : nvt/gb_CESA-2012_0071_php_centos4.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0033 centos5 File : nvt/gb_CESA-2012_0033_php_centos5.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0019 centos6 File : nvt/gb_CESA-2012_0019_php_centos6.nasl |
2012-07-30 | Name : CentOS Update for php53 CESA-2011:1423 centos5 x86_64 File : nvt/gb_CESA-2011_1423_php53_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for postgresql84 CESA-2011:1378 centos5 x86_64 File : nvt/gb_CESA-2011_1378_postgresql84_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for postgresql CESA-2011:1377 centos5 x86_64 File : nvt/gb_CESA-2011_1377_postgresql_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for postgresql CESA-2011:1377 centos4 x86_64 File : nvt/gb_CESA-2011_1377_postgresql_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for php53 CESA-2012:0019 centos5 File : nvt/gb_CESA-2012_0019_php53_centos5.nasl |
2012-06-28 | Name : RedHat Update for php53 RHSA-2012:1047-01 File : nvt/gb_RHSA-2012_1047-01_php53.nasl |
2012-06-28 | Name : RedHat Update for php RHSA-2012:1046-01 File : nvt/gb_RHSA-2012_1046-01_php.nasl |
2012-06-28 | Name : RedHat Update for php RHSA-2012:1045-01 File : nvt/gb_RHSA-2012_1045-01_php.nasl |
2012-06-14 | Name : PHP versoin < 5.3.9 File : nvt/nopsec_php_5_3_9.nasl |
2012-05-18 | Name : Mac OS X Multiple Vulnerabilities (2012-002) File : nvt/gb_macosx_su12-002.nasl |
2012-04-12 | Name : PHP Security Bypass Vulnerability File : nvt/gb_php_51806.nasl |
2012-04-02 | Name : Fedora Update for php FEDORA-2012-0504 File : nvt/gb_fedora_2012_0504_php_fc16.nasl |
2012-04-02 | Name : Fedora Update for maniadrive FEDORA-2011-11464 File : nvt/gb_fedora_2011_11464_maniadrive_fc16.nasl |
2012-04-02 | Name : Fedora Update for maniadrive FEDORA-2012-0504 File : nvt/gb_fedora_2012_0504_maniadrive_fc16.nasl |
2012-04-02 | Name : Fedora Update for maniadrive FEDORA-2012-1262 File : nvt/gb_fedora_2012_1262_maniadrive_fc16.nasl |
2012-04-02 | Name : Fedora Update for php FEDORA-2012-1262 File : nvt/gb_fedora_2012_1262_php_fc16.nasl |
2012-03-19 | Name : Fedora Update for php-eaccelerator FEDORA-2012-0504 File : nvt/gb_fedora_2012_0504_php-eaccelerator_fc16.nasl |
2012-03-19 | Name : Fedora Update for php-eaccelerator FEDORA-2012-1262 File : nvt/gb_fedora_2012_1262_php-eaccelerator_fc16.nasl |
2012-03-19 | Name : Fedora Update for php-eaccelerator FEDORA-2011-11464 File : nvt/gb_fedora_2011_11464_php-eaccelerator_fc16.nasl |
2012-03-19 | Name : Fedora Update for php FEDORA-2011-11464 File : nvt/gb_fedora_2011_11464_php_fc16.nasl |
2012-02-21 | Name : Ubuntu Update for php5 USN-1358-2 File : nvt/gb_ubuntu_USN_1358_2.nasl |
2012-02-21 | Name : Fedora Update for php FEDORA-2012-1301 File : nvt/gb_fedora_2012_1301_php_fc15.nasl |
2012-02-21 | Name : Fedora Update for php-eaccelerator FEDORA-2012-1301 File : nvt/gb_fedora_2012_1301_php-eaccelerator_fc15.nasl |
2012-02-21 | Name : Fedora Update for maniadrive FEDORA-2012-1301 File : nvt/gb_fedora_2012_1301_maniadrive_fc15.nasl |
2012-02-13 | Name : Ubuntu Update for php5 USN-1358-1 File : nvt/gb_ubuntu_USN_1358_1.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-06 (php) File : nvt/glsa_201110_06.nasl |
2012-02-12 | Name : Debian Security Advisory DSA 2399-2 (php5) File : nvt/deb_2399_2.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-22 (postgresql-server postgresql-base) File : nvt/glsa_201110_22.nasl |
2012-02-12 | Name : Debian Security Advisory DSA 2399-1 (php5) File : nvt/deb_2399_1.nasl |
2012-02-12 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php514.nasl |
2012-02-12 | Name : FreeBSD Ports: php5, php5-exif File : nvt/freebsd_php515.nasl |
2012-02-06 | Name : Mac OS X Multiple Vulnerabilities (2012-001) File : nvt/gb_macosx_su12-001.nasl |
2012-02-03 | Name : RedHat Update for php RHSA-2012:0093-01 File : nvt/gb_RHSA-2012_0093-01_php.nasl |
2012-02-03 | Name : RedHat Update for php53 RHSA-2012:0092-01 File : nvt/gb_RHSA-2012_0092-01_php53.nasl |
2012-02-01 | Name : RedHat Update for php RHSA-2012:0071-01 File : nvt/gb_RHSA-2012_0071-01_php.nasl |
2012-02-01 | Name : Fedora Update for maniadrive FEDORA-2012-0420 File : nvt/gb_fedora_2012_0420_maniadrive_fc15.nasl |
2012-02-01 | Name : Fedora Update for php-eaccelerator FEDORA-2012-0420 File : nvt/gb_fedora_2012_0420_php-eaccelerator_fc15.nasl |
2012-02-01 | Name : Fedora Update for php FEDORA-2012-0420 File : nvt/gb_fedora_2012_0420_php_fc15.nasl |
2012-01-20 | Name : RedHat Update for php RHSA-2012:0033-01 File : nvt/gb_RHSA-2012_0033-01_php.nasl |
2012-01-13 | Name : RedHat Update for php53 and php RHSA-2012:0019-01 File : nvt/gb_RHSA-2012_0019-01_php53_and_php.nasl |
2012-01-03 | Name : PHP Web Form Hash Collision Denial of Service Vulnerability (Win) File : nvt/gb_php_web_form_hash_collision_dos_vuln_win.nasl |
2012-01-02 | Name : Mandriva Update for php MDVSA-2011:197 (php) File : nvt/gb_mandriva_MDVSA_2011_197.nasl |
2011-12-23 | Name : Mandriva Update for php-suhosin MDVSA-2011:180 (php-suhosin) File : nvt/gb_mandriva_MDVSA_2011_180.nasl |
2011-12-16 | Name : Ubuntu Update for php5 USN-1307-1 File : nvt/gb_ubuntu_USN_1307_1.nasl |
2011-12-01 | Name : PHP EXIF Header Denial of Service Vulnerability (Windows) File : nvt/gb_php_exif_header_dos_vuln.nasl |
2011-11-28 | Name : Mandriva Update for glibc MDVSA-2011:178 (glibc) File : nvt/gb_mandriva_MDVSA_2011_178.nasl |
2011-11-11 | Name : CentOS Update for postgresql CESA-2011:1377 centos4 i386 File : nvt/gb_CESA-2011_1377_postgresql_centos4_i386.nasl |
2011-11-08 | Name : Mandriva Update for php MDVSA-2011:165 (php) File : nvt/gb_mandriva_MDVSA_2011_165.nasl |
2011-11-03 | Name : CentOS Update for php53 CESA-2011:1423 centos5 i386 File : nvt/gb_CESA-2011_1423_php53_centos5_i386.nasl |
2011-11-03 | Name : RedHat Update for php53 and php RHSA-2011:1423-01 File : nvt/gb_RHSA-2011_1423-01_php53_and_php.nasl |
2011-10-31 | Name : Mandriva Update for postgresql MDVSA-2011:161 (postgresql) File : nvt/gb_mandriva_MDVSA_2011_161.nasl |
2011-10-21 | Name : CentOS Update for postgresql CESA-2011:1377 centos5 i386 File : nvt/gb_CESA-2011_1377_postgresql_centos5_i386.nasl |
2011-10-21 | Name : CentOS Update for postgresql84 CESA-2011:1378 centos5 i386 File : nvt/gb_CESA-2011_1378_postgresql84_centos5_i386.nasl |
2011-10-21 | Name : RedHat Update for postgresql RHSA-2011:1377-01 File : nvt/gb_RHSA-2011_1377-01_postgresql.nasl |
2011-10-21 | Name : RedHat Update for postgresql84 RHSA-2011:1378-01 File : nvt/gb_RHSA-2011_1378-01_postgresql84.nasl |
2011-10-21 | Name : Ubuntu Update for php5 USN-1231-1 File : nvt/gb_ubuntu_USN_1231_1.nasl |
2011-10-14 | Name : Ubuntu Update for postgresql-8.4 USN-1229-1 File : nvt/gb_ubuntu_USN_1229_1.nasl |
2011-09-21 | Name : FreeBSD Ports: php5, php5-sockets File : nvt/freebsd_php513.nasl |
2011-09-20 | Name : Fedora Update for php FEDORA-2011-11528 File : nvt/gb_fedora_2011_11528_php_fc15.nasl |
2011-09-20 | Name : Fedora Update for php FEDORA-2011-11537 File : nvt/gb_fedora_2011_11537_php_fc14.nasl |
2011-09-20 | Name : Fedora Update for php-eaccelerator FEDORA-2011-11537 File : nvt/gb_fedora_2011_11537_php-eaccelerator_fc14.nasl |
2011-09-20 | Name : Fedora Update for maniadrive FEDORA-2011-11537 File : nvt/gb_fedora_2011_11537_maniadrive_fc14.nasl |
2011-09-20 | Name : Fedora Update for php-eaccelerator FEDORA-2011-11528 File : nvt/gb_fedora_2011_11528_php-eaccelerator_fc15.nasl |
2011-09-20 | Name : Fedora Update for maniadrive FEDORA-2011-11528 File : nvt/gb_fedora_2011_11528_maniadrive_fc15.nasl |
2011-09-07 | Name : PHP Multiple Vulnerabilities (Windows) - Sep 2011 File : nvt/gb_php_mult_vuln_win_sep11.nasl |
2011-08-29 | Name : PHP Versions Prior to 5.3.7 Multiple Security Vulnerabilities File : nvt/gb_php_49241.nasl |
2011-08-27 | Name : SuSE Update for glibc,pam-modules,libxcrypt,pwdutils SUSE-SA:2011:035 File : nvt/gb_suse_2011_035.nasl |
2011-06-02 | Name : PHP 'socket_connect()' Buffer Overflow Vulnerability File : nvt/secpod_php_bof_vuln_win.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78115 | PHP Hash Collission Form Parameter Parsing Remote DoS PHP contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption. |
77446 | PHP exif.c exif_process_IFD_TAG Function EXIF Header JPEG File Handling Overflow |
74742 | PHP crypt_blowfish 8-bit Character Password Hash Cleartext Password Disclosure |
72644 | PHP ext/sockets/sockets.c socket_connect Function UNIX Socket Pathname Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | socket_connect buffer overflow attempt RuleID : 24195 - Revision : 7 - Type : SERVER-WEBAPP |
2014-01-10 | socket_connect buffer overflow attempt RuleID : 24194 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | socket_connect buffer overflow attempt RuleID : 24193 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | socket_connect buffer overflow attempt RuleID : 24192 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | EXIF header parsing integer overflow attempt little endian RuleID : 22951 - Revision : 6 - Type : SERVER-WEBAPP |
2014-01-10 | EXIF header parsing integer overflow attempt big endian RuleID : 22950 - Revision : 9 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1336-1.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-7.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13519.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13588.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-182.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-214.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-849.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-mod_php5-110907.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_glibc-110729.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libxcrypt-110824.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_man-pages-110823.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_yast2-core-110822.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_apache2-mod_php5-110907.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_glibc-110729.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libxcrypt-110824.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_man-pages-110823.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_yast2-core-110822.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-07.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-12.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-37.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-41.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1377.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1378.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1423.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0019.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0092.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0093.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1045.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1046.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1047.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1047.nasl - Type : ACT_GATHER_INFO |
2012-10-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_postgresql-8311.nasl - Type : ACT_GATHER_INFO |
2012-09-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-03.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-179.nasl - Type : ACT_GATHER_INFO |
2012-08-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_07234e78e89911e1b38d0023ae8e59f0.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111017_postgresql84_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111017_postgresql_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111102_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120111_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120118_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120130_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120202_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120202_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120627_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120627_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120627_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-07-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1046.nasl - Type : ACT_GATHER_INFO |
2012-07-05 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_1_1_1.nasl - Type : ACT_GATHER_INFO |
2012-06-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1045.nasl - Type : ACT_GATHER_INFO |
2012-06-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1045.nasl - Type : ACT_GATHER_INFO |
2012-06-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1046.nasl - Type : ACT_GATHER_INFO |
2012-06-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1047.nasl - Type : ACT_GATHER_INFO |
2012-05-10 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_7_4.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-065.nasl - Type : ACT_GATHER_INFO |
2012-04-20 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_0_0_24.nasl - Type : ACT_GATHER_INFO |
2012-04-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-120309.nasl - Type : ACT_GATHER_INFO |
2012-04-06 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php53-120309.nasl - Type : ACT_GATHER_INFO |
2012-04-03 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_glibc-blowfish-7663.nasl - Type : ACT_GATHER_INFO |
2012-03-26 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-8009.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote web server uses a version of PHP that is affected by a code execut... File : php_5_3_9_ace.nasl - Type : ACT_ATTACK |
2012-02-15 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-1301.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1358-2.nasl - Type : ACT_GATHER_INFO |
2012-02-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1358-1.nasl - Type : ACT_GATHER_INFO |
2012-02-09 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-1262.nasl - Type : ACT_GATHER_INFO |
2012-02-06 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-blowfish-110729.nasl - Type : ACT_GATHER_INFO |
2012-02-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0092.nasl - Type : ACT_GATHER_INFO |
2012-02-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0093.nasl - Type : ACT_GATHER_INFO |
2012-02-03 | Name : The remote web server uses a version of PHP that is affected by a code execut... File : php_5_3_10.nasl - Type : ACT_GATHER_INFO |
2012-02-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0092.nasl - Type : ACT_GATHER_INFO |
2012-02-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0093.nasl - Type : ACT_GATHER_INFO |
2012-02-02 | Name : The remote host is missing a Mac OS X update that fixes several security vuln... File : macosx_10_7_3.nasl - Type : ACT_GATHER_INFO |
2012-02-02 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2012-001.nasl - Type : ACT_GATHER_INFO |
2012-02-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2399.nasl - Type : ACT_GATHER_INFO |
2012-01-31 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
2012-01-27 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-0420.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
2012-01-20 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-0504.nasl - Type : ACT_GATHER_INFO |
2012-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
2012-01-13 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_9.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0019.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d39218103c8011e197e800215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0019.nasl - Type : ACT_GATHER_INFO |
2012-01-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-197.nasl - Type : ACT_GATHER_INFO |
2011-12-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1307-1.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7553.nasl - Type : ACT_GATHER_INFO |
2011-11-29 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-180.nasl - Type : ACT_GATHER_INFO |
2011-11-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-178.nasl - Type : ACT_GATHER_INFO |
2011-11-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2340.nasl - Type : ACT_GATHER_INFO |
2011-11-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-165.nasl - Type : ACT_GATHER_INFO |
2011-11-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1423.nasl - Type : ACT_GATHER_INFO |
2011-11-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1423.nasl - Type : ACT_GATHER_INFO |
2011-10-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-22.nasl - Type : ACT_GATHER_INFO |
2011-10-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-161.nasl - Type : ACT_GATHER_INFO |
2011-10-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1377.nasl - Type : ACT_GATHER_INFO |
2011-10-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1378.nasl - Type : ACT_GATHER_INFO |
2011-10-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1231-1.nasl - Type : ACT_GATHER_INFO |
2011-10-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1377.nasl - Type : ACT_GATHER_INFO |
2011-10-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1378.nasl - Type : ACT_GATHER_INFO |
2011-10-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1229-1.nasl - Type : ACT_GATHER_INFO |
2011-10-12 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-06.nasl - Type : ACT_GATHER_INFO |
2011-09-19 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-11528.nasl - Type : ACT_GATHER_INFO |
2011-09-19 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-11537.nasl - Type : ACT_GATHER_INFO |
2011-09-12 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-11464.nasl - Type : ACT_GATHER_INFO |
2011-09-01 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_yast2-core-110830.nasl - Type : ACT_GATHER_INFO |
2011-08-31 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libxcrypt-110824.nasl - Type : ACT_GATHER_INFO |
2011-08-31 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_man-pages-110825.nasl - Type : ACT_GATHER_INFO |
2011-08-26 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2011-237-01.nasl - Type : ACT_GATHER_INFO |
2011-08-22 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_3_7.nasl - Type : ACT_GATHER_INFO |
2011-08-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_057bf770cac411e0aea300215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2011-08-20 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12813.nasl - Type : ACT_GATHER_INFO |
2011-08-20 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_glibc-7659.nasl - Type : ACT_GATHER_INFO |
2011-06-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO |
2011-06-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7554.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:30:47 |
|