Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title iceweasel security update
Informations
Name DSA-2858 First vendor Publication 2014-02-10
Vendor Debian Last vendor Modification 2014-02-10
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security checks or information disclosure. This update also addresses security issues in the bundled version of the NSS crypto library.

This update updates Iceweasel to the ESR24 series of Firefox.

For the stable distribution (wheezy), these problems have been fixed in version 24.3.0esr-1~deb7u1.

For the unstable distribution (sid), these problems have been fixed in version 24.3.0esr-1.

We recommend that you upgrade your iceweasel packages.

Original Source

Url : http://www.debian.org/security/2014/dsa-2858

CWE : Common Weakness Enumeration

% Id Name
20 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
20 % CWE-416 Use After Free
20 % CWE-362 Race Condition
20 % CWE-346 Origin Validation Error
20 % CWE-326 Inadequate Encryption Strength

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:21707
 
Oval ID: oval:org.mitre.oval:def:21707
Title: RHSA-2014:0133: thunderbird security update (Important)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): RHSA-2014:0133-00
CESA-2014:0133
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 55
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22218
 
Oval ID: oval:org.mitre.oval:def:22218
Title: USN-2102-1 -- firefox vulnerabilities
Description: Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family: unix Class: patch
Reference(s): USN-2102-1
CVE-2014-1477
CVE-2014-1478
CVE-2014-1479
CVE-2014-1480
CVE-2014-1482
CVE-2014-1483
CVE-2014-1485
CVE-2014-1486
CVE-2014-1487
CVE-2014-1489
CVE-2014-1488
CVE-2014-1490
CVE-2014-1491
CVE-2014-1481
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 12.10
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22486
 
Oval ID: oval:org.mitre.oval:def:22486
Title: DSA-2858-1 iceweasel - several
Description: Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security checks or information disclosure. This update also addresses security issues in the bundled version of the NSS crypto library.
Family: unix Class: patch
Reference(s): DSA-2858-1
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
CVE-2014-1490
CVE-2014-1491
Version: 5
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22534
 
Oval ID: oval:org.mitre.oval:def:22534
Title: RHSA-2014:0132: firefox security update (Critical)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): RHSA-2014:0132-00
CESA-2014:0132
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 55
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23381
 
Oval ID: oval:org.mitre.oval:def:23381
Title: DEPRECATED: ELSA-2014:0133: thunderbird security update (Important)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): ELSA-2014:0133-00
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 30
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23452
 
Oval ID: oval:org.mitre.oval:def:23452
Title: DEPRECATED: ELSA-2014:0132: firefox security update (Critical)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): ELSA-2014:0132-00
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 30
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23732
 
Oval ID: oval:org.mitre.oval:def:23732
Title: USN-2102-2 -- firefox regression
Description: USN-2102-1 introduced a regression in Firefox.
Family: unix Class: patch
Reference(s): USN-2102-2
CVE-2014-1477
CVE-2014-1478
CVE-2014-1479
CVE-2014-1480
CVE-2014-1482
CVE-2014-1483
CVE-2014-1485
CVE-2014-1486
CVE-2014-1487
CVE-2014-1489
CVE-2014-1488
CVE-2014-1490
CVE-2014-1491
CVE-2014-1481
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 12.10
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23759
 
Oval ID: oval:org.mitre.oval:def:23759
Title: The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1487
Version: 9
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23766
 
Oval ID: oval:org.mitre.oval:def:23766
Title: ELSA-2014:0132: firefox security update (Critical)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): ELSA-2014:0132-00
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 29
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23821
 
Oval ID: oval:org.mitre.oval:def:23821
Title: RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create
Description: RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1482
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23934
 
Oval ID: oval:org.mitre.oval:def:23934
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1477
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23996
 
Oval ID: oval:org.mitre.oval:def:23996
Title: Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24 does not properly restrict public values in Diffie-Hellman key exchanges
Description: Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1491
Version: 12
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24030
 
Oval ID: oval:org.mitre.oval:def:24030
Title: Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines
Description: Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1481
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24056
 
Oval ID: oval:org.mitre.oval:def:24056
Title: The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes
Description: The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1479
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24156
 
Oval ID: oval:org.mitre.oval:def:24156
Title: ELSA-2014:0133: thunderbird security update (Important)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): ELSA-2014:0133-00
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 29
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24194
 
Oval ID: oval:org.mitre.oval:def:24194
Title: Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket
Description: Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1490
Version: 12
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24205
 
Oval ID: oval:org.mitre.oval:def:24205
Title: Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data
Description: Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1486
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24736
 
Oval ID: oval:org.mitre.oval:def:24736
Title: SUSE-SU-2014:0248-1 -- Security update for MozillaFirefox
Description: This updates the Mozilla Firefox browser to the 24.3.0ESR security release. The Mozilla NSS libraries are now on version 3.15.4.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0248-1
CVE-2014-1477
CVE-2014-1479
CVE-2014-1480
CVE-2014-1482
CVE-2014-1483
CVE-2014-1484
CVE-2014-1485
CVE-2014-1486
CVE-2014-1487
CVE-2014-1489
CVE-2014-1488
CVE-2014-1490
CVE-2014-1491
CVE-2014-1481
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): MozillaFirefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25463
 
Oval ID: oval:org.mitre.oval:def:25463
Title: SUSE-SU-2014:0248-2 -- Security update for Mozilla Firefox
Description: Mozilla Firefox was updated to the 24.3.0ESR security release.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0248-2
CVE-2014-1477
CVE-2014-1479
CVE-2014-1480
CVE-2014-1482
CVE-2014-1483
CVE-2014-1484
CVE-2014-1485
CVE-2014-1486
CVE-2014-1487
CVE-2014-1489
CVE-2014-1488
CVE-2014-1490
CVE-2014-1491
CVE-2014-1481
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27286
 
Oval ID: oval:org.mitre.oval:def:27286
Title: DEPRECATED: ELSA-2014-0132 -- firefox security update (critical)
Description: [24.3.0-2.0.1.el6_5] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Build with nspr-devel >= 4.10.0 to fix build failure [24.3.0-2] - Update to 24.3.0 ESR Build 2 [24.3.0-1] - Update to 24.3.0 ESR
Family: unix Class: patch
Reference(s): ELSA-2014-0132
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27369
 
Oval ID: oval:org.mitre.oval:def:27369
Title: DEPRECATED: ELSA-2014-0133 -- thunderbird security update (important)
Description: [24.3.0-2.0.1.el6_5] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Make sure build with nspr-devel >= 4.10.0 [24.3.0-2] - Update to 24.3.0 ESR Build 2 [24.3.0-1] - Update to 24.3.0 [24.2.0-2] - Fixed requested nspr/nss versions
Family: unix Class: patch
Reference(s): ELSA-2014-0133
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 353
Application 36
Application 68
Application 207
Application 246
Application 7
Application 1
Application 1
Os 3
Os 2
Os 2
Os 3
Os 1
Os 2
Os 1
Os 2
Os 1
Os 1
Os 1
Os 2
Os 1
Os 1
Os 1
Os 1
Os 2

Information Assurance Vulnerability Management (IAVM)

Date Description
2014-02-06 IAVM : 2014-A-0021 - Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0043921

Nessus® Vulnerability Scanner

Date Description
2016-05-18 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16716.nasl - Type : ACT_GATHER_INFO
2015-04-08 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201504-01.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-23.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2014-0979.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote host is affected by multiple vulnerabilities.
File : oracle_opensso_agent_cpu_oct_2014.nasl - Type : ACT_GATHER_INFO
2014-10-01 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1246.nasl - Type : ACT_GATHER_INFO
2014-09-29 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140916_nss_and_nspr_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-09-18 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1246.nasl - Type : ACT_GATHER_INFO
2014-09-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1246.nasl - Type : ACT_GATHER_INFO
2014-08-01 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2994.nasl - Type : ACT_GATHER_INFO
2014-07-31 Name : The remote host is running software with multiple vulnerabilities.
File : oracle_traffic_director_july_2014_cpu.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140722_nss_and_nspr_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0917.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0917.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0917.nasl - Type : ACT_GATHER_INFO
2014-07-18 Name : The remote web server is affected by multiple vulnerabilities.
File : sun_java_web_server_7_0_20.nasl - Type : ACT_GATHER_INFO
2014-07-18 Name : A web proxy server on the remote host is affected by multiple vulnerabilities.
File : iplanet_web_proxy_4_0_24.nasl - Type : ACT_GATHER_INFO
2014-07-18 Name : The remote web server is affected by multiple vulnerabilities.
File : glassfish_cpu_jul_2014.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-119.nasl - Type : ACT_GATHER_INFO
2014-03-02 Name : The remote Fedora host is missing a security update.
File : fedora_2014-2083.nasl - Type : ACT_GATHER_INFO
2014-02-20 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2119-1.nasl - Type : ACT_GATHER_INFO
2014-02-20 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2102-2.nasl - Type : ACT_GATHER_INFO
2014-02-18 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_firefox-201402-140207.nasl - Type : ACT_GATHER_INFO
2014-02-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2858.nasl - Type : ACT_GATHER_INFO
2014-02-11 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2102-1.nasl - Type : ACT_GATHER_INFO
2014-02-07 Name : The remote Fedora host is missing a security update.
File : fedora_2014-2041.nasl - Type : ACT_GATHER_INFO
2014-02-06 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2014-0133.nasl - Type : ACT_GATHER_INFO
2014-02-06 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2014-0132.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Windows host contains a web browser that is potentially affected b...
File : seamonkey_2_24.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0133.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0132.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2014-0133.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2014-0132.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Windows host contains a mail client that is potentially affected b...
File : mozilla_thunderbird_24_3.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Windows host contains a web browser that is potentially affected b...
File : mozilla_firefox_27.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Windows host contains a web browser that is potentially affected b...
File : mozilla_firefox_24_3_esr.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Mac OS X host contains a mail client that is potentially affected ...
File : macosx_thunderbird_24_3.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Mac OS X host contains a web browser that is potentially affected ...
File : macosx_firefox_27.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Mac OS X host contains a web browser that is potentially affected ...
File : macosx_firefox_24_3_esr.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_1753f0ff8dd511e39b45b4b52fce4ce8.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140204_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140204_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2016-01-22 09:26:08
  • Multiple Updates
2014-02-17 11:32:33
  • Multiple Updates
2014-02-10 17:18:55
  • First insertion