5 - DSA-2978

Executive Summary

Summary
Title	libxml2 security update

Informations
Name	DSA-2978	First vendor Publication	2014-07-11
Vendor	Debian	Last vendor Modification	2015-02-06
Severity (Vendor)	N/A	Revision	2

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

It was discovered that the update released for libxml2 in DSA 2978 fixing CVE-2014-0191 was incomplete. This caused libxml2 to still fetch external entities regardless of whether entity substitution or validation is enabled.

In addition, this update addresses a regression introduced in DSA 3057 by the patch fixing CVE-2014-3660. This caused libxml2 to not parse an entity when it's used first in another entity referenced from an attribute value.

For the stable distribution (wheezy), these problems have been fixed in version 2.8.0+dfsg1-7+wheezy3.

For the upcoming stable distribution (jessie), these problems have been fixed in version 2.9.1+dfsg1-4.

For the unstable distribution (sid), these problems have been fixed in version 2.9.1+dfsg1-4.

We recommend that you upgrade your libxml2 packages.

Original Source

Url : http://www.debian.org/security/2015/dsa-2978

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24407

Oval ID:	oval:org.mitre.oval:def:24407
Title:	RHSA-2014:0513: libxml2 security update (Moderate)
Description:	The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) An out-of-bounds read flaw was found in the way libxml2 detected the end of an XML file. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to crash. (CVE-2013-2877) The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat. All libxml2 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0513-00 CESA-2014:0513 CVE-2013-2877 CVE-2014-0191	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	libxml2
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section libxml2 is earlier than 0:2.7.6-14.el6_5.1 AND libxml2-devel is earlier than 0:2.7.6-14.el6_5.1 AND libxml2-python is earlier than 0:2.7.6-14.el6_5.1 AND libxml2-static is earlier than 0:2.7.6-14.el6_5.1

Definition Id: oval:org.mitre.oval:def:24762

Oval ID:	oval:org.mitre.oval:def:24762
Title:	USN-2214-1 -- libxml2 vulnerability
Description:	libxml2 could be made to consume resources if it processed a specially crafted file.
Family:	unix	Class:	patch
Reference(s):	USN-2214-1 CVE-2014-0191	Version:	5
Platform(s):	Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	libxml2
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed AND libxml2 DPKG is earlier than 0:2.9.1+dfsg1-3ubuntu4.1 AND Ubuntu 13.10 release section Ubuntu 13.10 is installed AND libxml2 DPKG is earlier than 0:2.9.1+dfsg1-3ubuntu2.1 AND Ubuntu 12.10 release section Ubuntu 12.10 is installed AND libxml2 DPKG is earlier than 0:2.8.0+dfsg1-5ubuntu2.5 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND libxml2 DPKG is earlier than 0:2.7.8.dfsg-5.1ubuntu4.7 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND libxml2 DPKG is earlier than 0:2.7.6.dfsg-1ubuntu1.11

Definition Id: oval:org.mitre.oval:def:24907

Oval ID:	oval:org.mitre.oval:def:24907
Title:	DSA-2978-1 -- libxml2 - security update
Description:	Daniel P. Berrange discovered a denial of service vulnerability in libxml2 entity substitution.
Family:	unix	Class:	patch
Reference(s):	DSA-2978-1 CVE-2014-0191	Version:	5
Platform(s):	Debian GNU/Linux 7 Debian GNU/kFreeBSD 7	Product(s):	libxml2
Definition Synopsis:
Debian 7 Debian 7 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxml2 DPKG is earlier than 0:2.8.0+dfsg1-7+wheezy1

Definition Id: oval:org.mitre.oval:def:25192

Oval ID:	oval:org.mitre.oval:def:25192
Title:	ELSA-2014:0513: libxml2 security update (Moderate)
Description:	The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) An out-of-bounds read flaw was found in the way libxml2 detected the end of an XML file. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to crash. (CVE-2013-2877) The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat. All libxml2 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0513-00 CVE-2013-2877 CVE-2014-0191	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	libxml2
Definition Synopsis:
Oracle Linux 6.x rpm test libxml2 is earlier than 0:2.7.6-14.el6_5.1 AND libxml2-devel is earlier than 0:2.7.6-14.el6_5.1 AND libxml2-python is earlier than 0:2.7.6-14.el6_5.1 AND libxml2-static is earlier than 0:2.7.6-14.el6_5.1

Definition Id: oval:org.mitre.oval:def:26123

Oval ID:	oval:org.mitre.oval:def:26123
Title:	AIX libxml2 vulnerability
Description:	The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-0191	Version:	6
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets File Version Exists bos.rte.control greater than or equal 6.1.8.0 AND bos.rte.control less than or equal 6.1.8.17 OR File Version Exists bos.rte.control greater than or equal 6.1.9.0 AND bos.rte.control less than or equal 6.1.9.15 OR File Version Exists bos.rte.control greater than or equal 7.1.2.0 AND bos.rte.control less than or equal 7.1.2.17 OR File Version Exists bos.rte.control greater than or equal 7.1.3.0 AND bos.rte.control less than or equal 7.1.3.15

Definition Id: oval:org.mitre.oval:def:27021

Oval ID:	oval:org.mitre.oval:def:27021
Title:	DSA-3057-1 libxml2 - security update
Description:	Sogeti found a denial of service flaw in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (<a href="https://security-tracker.debian.org/tracker/CVE-2014-3660">CVE-2014-3660</a>)
Family:	unix	Class:	patch
Reference(s):	DSA-3057-1 CVE-2014-3660	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	libxml2
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxml2 DPKG is earlier than 0:2.8.0+dfsg1-7+wheezy2

Definition Id: oval:org.mitre.oval:def:27098

Oval ID:	oval:org.mitre.oval:def:27098
Title:	ELSA-2014-1655 -- libxml2 security update
Description:	[2.9.1-5.0.1.el7_0.1] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.9.1-5.1] - CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149087)
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1655 CVE-2014-3660	Version:	4
Platform(s):	Oracle Linux 7	Product(s):	libxml2 libxml2-devel libxml2-python libxml2-static
Definition Synopsis:
Oracle Linux 7.x Packages match section libxml2 is earlier than 0:2.9.1-5.0.1.el7_0.1 AND libxml2-devel is earlier than 0:2.9.1-5.0.1.el7_0.1 AND libxml2-python is earlier than 0:2.9.1-5.0.1.el7_0.1 AND libxml2-static is earlier than 0:2.9.1-5.0.1.el7_0.1

Definition Id: oval:org.mitre.oval:def:27149

Oval ID:	oval:org.mitre.oval:def:27149
Title:	RHSA-2014:1655: libxml2 security update (Moderate)
Description:	The libxml2 library is a development toolbox providing the implementation of various XML standards. A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (CVE-2014-3660) All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1655-00 CVE-2014-3660 CESA-2014:1655-CentOS 7 CESA-2014:1655-CentOS 6	Version:	5
Platform(s):	Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6 CentOS Linux 7 CentOS Linux 6	Product(s):	libxml2
Definition Synopsis:
Red Hat Enterprise Linux 6 and CentOS Linux 6 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages match section libxml2 is earlier than 0:2.7.6-17.el6_6.1 AND libxml2-devel is earlier than 0:2.7.6-17.el6_6.1 AND libxml2-python is earlier than 0:2.7.6-17.el6_6.1 AND libxml2-static is earlier than 0:2.7.6-17.el6_6.1 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 AND libxml2-debuginfo is earlier than 0:2.7.6-17.el6_6.1 AND Red Hat Enterprise Linux 7 and CentOS Linux 7 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 7 AND The operating system installed on the system is CentOS Linux 7.x Packages match section libxml2 is earlier than 0:2.9.1-5.el7_0.1 AND libxml2-devel is earlier than 0:2.9.1-5.el7_0.1 AND libxml2-python is earlier than 0:2.9.1-5.el7_0.1 AND libxml2-static is earlier than 0:2.9.1-5.el7_0.1 AND Red Hat Enterprise Linux 7 release section The operating system installed on the system is Red Hat Enterprise Linux 7 AND libxml2-debuginfo is earlier than 0:2.9.1-5.el7_0.1

Definition Id: oval:org.mitre.oval:def:27354

Oval ID:	oval:org.mitre.oval:def:27354
Title:	DEPRECATED: ELSA-2014-0513 -- libxml2 security update (moderate)
Description:	[2.7.6-14.0.1.el6_5.1] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2-2.7.6-14.el6_5.1] - Improve handling of xmlStopParser(CVE-2013-2877) - Do not fetch external parameter entities (CVE-2014-0191)
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0513 CVE-2013-2877 CVE-2014-0191	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	libxml2
Definition Synopsis:
Oracle Linux 6.x Packages match section libxml2 is earlier than 0:2.7.6-14.0.1.el6_5.1 AND libxml2-devel is earlier than 0:2.7.6-14.0.1.el6_5.1 AND libxml2-python is earlier than 0:2.7.6-14.0.1.el6_5.1 AND libxml2-static is earlier than 0:2.7.6-14.0.1.el6_5.1

Definition Id: oval:org.mitre.oval:def:27531

Oval ID:	oval:org.mitre.oval:def:27531
Title:	USN-2389-1 -- libxml2 vulnerability
Description:	It was discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service.
Family:	unix	Class:	patch
Reference(s):	USN-2389-1 CVE-2014-3660	Version:	3
Platform(s):	Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04	Product(s):	libxml2
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed AND libxml2 is earlier than 0:2.9.1+dfsg1-3ubuntu4.4 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND libxml2 is earlier than 0:2.7.8.dfsg-5.1ubuntu4.11 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND libxml2 is earlier than 0:2.7.6.dfsg-1ubuntu1.15

Definition Id: oval:org.mitre.oval:def:27707

Oval ID:	oval:org.mitre.oval:def:27707
Title:	RHSA-2014:1885 -- libxml2 security update (Moderate)
Description:	The libxml2 library is a development toolbox providing the implementation of various XML standards. A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (CVE-2014-3660) All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1885 CESA-2014:1885 CVE-2014-3660	Version:	3
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	libxml2
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 AND libxml2-debuginfo is earlier than 0:2.6.26-2.1.25.el5_11 AND Red Hat Enterprise Linux 5 and CentOS Linux 5 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages match section libxml2-devel is earlier than 0:2.6.26-2.1.25.el5_11 AND libxml2 is earlier than 0:2.6.26-2.1.25.el5_11 AND libxml2-python is earlier than 0:2.6.26-2.1.25.el5_11

Definition Id: oval:org.mitre.oval:def:27924

Oval ID:	oval:org.mitre.oval:def:27924
Title:	SUSE-SU-2014:1440-1 -- Security update for libxml2 (moderate)
Description:	This update fixes a denial of service via recursive entity expansion. (CVE-2014-3660) Security Issues: * CVE-2014-3660 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:1440-1 CVE-2014-3660	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	libxml2
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section libxml2 is earlier than 0:2.7.6-0.31.1 AND libxml2-python is earlier than 0:2.7.6-0.31.1 AND libxml2-32bit is earlier than 0:2.7.6-0.31.1 AND SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed AND libxml2-doc is earlier than 0:2.7.6-0.31.1

Definition Id: oval:org.mitre.oval:def:28050

Oval ID:	oval:org.mitre.oval:def:28050
Title:	ELSA-2014-1885 -- libxml2 security update (moderate)
Description:	[2.6.26-2.1.25.0.1.el5_11] - Add libxml2-enterprise.patch - Replaced doc/redhat.gif in tarball with updated image [2.6.26-2.1.25.el5] - CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1161841) [2.6.26-2.1.24.el5] - fixed one regexp bug and added a (rhbz#922450) - Another small change on the algorithm for the elimination of epsilon (rhbz#922450) [2.6.26-2.1.23.el5] - detect and stop excessive entities expansion upon replacement (rhbz#912573) [2.6.26-2.1.22.el5] - fix validation issues with some XSD (rhbz#877348) - xmlDOMWrapCloneNode discards namespace of the node parameter (rhbz#884707)
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1885 CVE-2014-3660	Version:	3
Platform(s):	Oracle Linux 5	Product(s):	libxml2
Definition Synopsis:
Oracle Linux 5.x Packages match section libxml2 is earlier than 0:2.6.26-2.1.25.0.1.el5_11 AND libxml2-devel is earlier than 0:2.6.26-2.1.25.0.1.el5_11 AND libxml2-python is earlier than 0:2.6.26-2.1.25.0.1.el5_11

CPE : Common Platform Enumeration

Type	Description	Count
Application	Apple Mac Os X cpe:2.3:a:apple:mac_os_x:10.5.6:::::::* cpe:2.3:a:apple:mac_os_x::::::::	2
Application	Oracle Fusion Middleware cpe:2.3:a:oracle:fusion_middleware:12.1.3.0.0:::::::* cpe:2.3:a:oracle:fusion_middleware:12.1.2.0.0:::::::* cpe:2.3:a:oracle:fusion_middleware:11.1.1.7.0:::::::*	3
Application	Xmlsoft libxml2 cpe:2.3:a:xmlsoft:libxml2:2.9.8:-:::::: cpe:2.3:a:xmlsoft:libxml2:2.9.5:rc1:::::: cpe:2.3:a:xmlsoft:libxml2:2.9.5:rc2:::::: cpe:2.3:a:xmlsoft:libxml2:2.9.5:-:::::: cpe:2.3:a:xmlsoft:libxml2:2.9.4:-:::::: cpe:2.3:a:xmlsoft:libxml2:2.9.4:rc1:::::: cpe:2.3:a:xmlsoft:libxml2:2.9.4:rc2:::::: cpe:2.3:a:xmlsoft:libxml2:2.9.3:::::::* cpe:2.3:a:xmlsoft:libxml2:2.9.2:-:::::: cpe:2.3:a:xmlsoft:libxml2:2.9.10:-:::::: cpe:2.3:a:xmlsoft:libxml2:2.9.1:::::::* cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc1:::::: cpe:2.3:a:xmlsoft:libxml2:2.9.0:-:::::: cpe:2.3:a:xmlsoft:libxml2:2.8.0:-:::::: cpe:2.3:a:xmlsoft:libxml2:2.7.8:::::::* cpe:2.3:a:xmlsoft:libxml2:2.7.7:::::::* cpe:2.3:a:xmlsoft:libxml2:2.7.6:::::::* cpe:2.3:a:xmlsoft:libxml2:2.7.5:::::::* cpe:2.3:a:xmlsoft:libxml2:2.7.4:::::::* cpe:2.3:a:xmlsoft:libxml2:2.7.3:::::::* cpe:2.3:a:xmlsoft:libxml2:2.7.2:::::::* cpe:2.3:a:xmlsoft:libxml2:2.7.1:::::::* cpe:2.3:a:xmlsoft:libxml2:2.7.0:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.9:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.8:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.7:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.6:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.5:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.4:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.32:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.31:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.30:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.3:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.29:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.28:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.27:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.26:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.25:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.24:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.23:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.22:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.21:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.20:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.2:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.19:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.18:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.17:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.16:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.15:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.14:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.13:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.12:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.11:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.10:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.1:::::::* cpe:2.3:a:xmlsoft:libxml2:2.6.0:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.9:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.8:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.7:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.6:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.5:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.4:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.3:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.2:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.11:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.10:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.1:::::::* cpe:2.3:a:xmlsoft:libxml2:2.5.0:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.9:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.8:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.7:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.6:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.5:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.4:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.30:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.3:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.29:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.28:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.27:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.26:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.25:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.24:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.23:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.22:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.21:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.20:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.2:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.19:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.18:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.17:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.16:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.15:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.14:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.13:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.12:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.11:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.10:::::::* cpe:2.3:a:xmlsoft:libxml2:2.4.1:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.9:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.8:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.7:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.6:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.5:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.4:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.3:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.2:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.14:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.13:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.12:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.11:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.10:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.1:::::::* cpe:2.3:a:xmlsoft:libxml2:2.3.0:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.9:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.8:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.7:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.6:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.5:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.4:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.3:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.2:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.11:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.10:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.1:::::::* cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:::::: cpe:2.3:a:xmlsoft:libxml2:2.2.0:::::::* cpe:2.3:a:xmlsoft:libxml2:2.1.1:::::::* cpe:2.3:a:xmlsoft:libxml2:2.1.0:::::::* cpe:2.3:a:xmlsoft:libxml2:2.0.0:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.9:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.7:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.6:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.5:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.4:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.3:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.2:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.16:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.14:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.13:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.10:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.1:::::::* cpe:2.3:a:xmlsoft:libxml2:1.8.0:::::::* cpe:2.3:a:xmlsoft:libxml2:1.7.4:::::::* cpe:2.3:a:xmlsoft:libxml2:1.7.3:::::::* cpe:2.3:a:xmlsoft:libxml2:1.7.2:::::::* cpe:2.3:a:xmlsoft:libxml2:1.7.1:::::::* cpe:2.3:a:xmlsoft:libxml2:1.7.0:::::::* cpe:2.3:a:xmlsoft:libxml2:::::::: cpe:2.3:a:xmlsoft:libxml2:-:::::::*	149
Os	Apple Mac Os X cpe:2.3:o:apple:mac_os_x:10.9.5:::::::* cpe:2.3:o:apple:mac_os_x:10.9.4:::::::* cpe:2.3:o:apple:mac_os_x:10.9.3:::::::* cpe:2.3:o:apple:mac_os_x:10.9.2:::::::* cpe:2.3:o:apple:mac_os_x:10.9.1:::::::* cpe:2.3:o:apple:mac_os_x:10.9:::::::* cpe:2.3:o:apple:mac_os_x:10.8.5:::::::* cpe:2.3:o:apple:mac_os_x:10.8.5:supplemental_update:::::: cpe:2.3:o:apple:mac_os_x:10.8.4:::::::* cpe:2.3:o:apple:mac_os_x:10.8.3:::::::* cpe:2.3:o:apple:mac_os_x:10.8.2:::::::* cpe:2.3:o:apple:mac_os_x:10.8.1:::::::* cpe:2.3:o:apple:mac_os_x:10.8.0:::::::* cpe:2.3:o:apple:mac_os_x:10.7.5:::::::* cpe:2.3:o:apple:mac_os_x:10.7.4:::::::* cpe:2.3:o:apple:mac_os_x:10.7.3:::::::* cpe:2.3:o:apple:mac_os_x:10.7.2:::::::* cpe:2.3:o:apple:mac_os_x:10.7.1:::::::* cpe:2.3:o:apple:mac_os_x:10.7.0:::::::* cpe:2.3:o:apple:mac_os_x:10.6.9:::::::* cpe:2.3:o:apple:mac_os_x:10.6.8:::::::* cpe:2.3:o:apple:mac_os_x:10.6.7:::::::* cpe:2.3:o:apple:mac_os_x:10.6.6:::::::* cpe:2.3:o:apple:mac_os_x:10.6.5:::::::* cpe:2.3:o:apple:mac_os_x:10.6.4:::::::* cpe:2.3:o:apple:mac_os_x:10.6.3:::::::* cpe:2.3:o:apple:mac_os_x:10.6.2:::::::* cpe:2.3:o:apple:mac_os_x:10.6.1:::::::* cpe:2.3:o:apple:mac_os_x:10.6.1::server::::: cpe:2.3:o:apple:mac_os_x:10.6.0:::::::* cpe:2.3:o:apple:mac_os_x:10.6:::::::* cpe:2.3:o:apple:mac_os_x:10.6:server:::::: cpe:2.3:o:apple:mac_os_x:10.5.8:::::::* cpe:2.3:o:apple:mac_os_x:10.5.8::server::::: cpe:2.3:o:apple:mac_os_x:10.5.7:::::::* cpe:2.3:o:apple:mac_os_x:10.5.6:::::::* cpe:2.3:o:apple:mac_os_x:10.5.5:::::::* cpe:2.3:o:apple:mac_os_x:10.5.4:::::::* cpe:2.3:o:apple:mac_os_x:10.5.3:::::::* cpe:2.3:o:apple:mac_os_x:10.5.2:::::::* cpe:2.3:o:apple:mac_os_x:10.5.2:2008-002:::::: cpe:2.3:o:apple:mac_os_x:10.5.1:::::::* cpe:2.3:o:apple:mac_os_x:10.5.0:::::::* cpe:2.3:o:apple:mac_os_x:10.5:::::::* cpe:2.3:o:apple:mac_os_x:10.4.9:::::::* cpe:2.3:o:apple:mac_os_x:10.4.8:::::::* cpe:2.3:o:apple:mac_os_x:10.4.8::macbook::::: cpe:2.3:o:apple:mac_os_x:10.4.8::mac_mini::::: cpe:2.3:o:apple:mac_os_x:10.4.8::macbook_pro::::: cpe:2.3:o:apple:mac_os_x:10.4.7:::::::* cpe:2.3:o:apple:mac_os_x:10.4.6:::::::* cpe:2.3:o:apple:mac_os_x:10.4.5:::::::* cpe:2.3:o:apple:mac_os_x:10.4.4:::::::* cpe:2.3:o:apple:mac_os_x:10.4.3:::::::* cpe:2.3:o:apple:mac_os_x:10.4.2:::::::* cpe:2.3:o:apple:mac_os_x:10.4.11:::::::* cpe:2.3:o:apple:mac_os_x:10.4.10:::::::* cpe:2.3:o:apple:mac_os_x:10.4.1:::::::* cpe:2.3:o:apple:mac_os_x:10.4.0:::::::* cpe:2.3:o:apple:mac_os_x:10.4.:::::::* cpe:2.3:o:apple:mac_os_x:10.4:::::::* cpe:2.3:o:apple:mac_os_x:10.3.9:::::::* cpe:2.3:o:apple:mac_os_x:10.3.8:::::::* cpe:2.3:o:apple:mac_os_x:10.3.7:::::::* cpe:2.3:o:apple:mac_os_x:10.3.6:::::::* cpe:2.3:o:apple:mac_os_x:10.3.5:::::::* cpe:2.3:o:apple:mac_os_x:10.3.4:::::::* cpe:2.3:o:apple:mac_os_x:10.3.3:::::::* cpe:2.3:o:apple:mac_os_x:10.3.2:::::::* cpe:2.3:o:apple:mac_os_x:10.3.1:::::::* cpe:2.3:o:apple:mac_os_x:10.3.0:::::::* cpe:2.3:o:apple:mac_os_x:10.3:::::::* cpe:2.3:o:apple:mac_os_x:10.2.8:::::::* cpe:2.3:o:apple:mac_os_x:10.2.7:::::::* cpe:2.3:o:apple:mac_os_x:10.2.6:::::::* cpe:2.3:o:apple:mac_os_x:10.2.5:::::::* cpe:2.3:o:apple:mac_os_x:10.2.4:::::::* cpe:2.3:o:apple:mac_os_x:10.2.3:::::::* cpe:2.3:o:apple:mac_os_x:10.2.2:::::::* cpe:2.3:o:apple:mac_os_x:10.2.1:::::::* cpe:2.3:o:apple:mac_os_x:10.2.0:::::::* cpe:2.3:o:apple:mac_os_x:10.2:::::::* cpe:2.3:o:apple:mac_os_x:10.10.4:::::::* cpe:2.3:o:apple:mac_os_x:10.10.3:::::::* cpe:2.3:o:apple:mac_os_x:10.10.2:::::::* cpe:2.3:o:apple:mac_os_x:10.10.1:::::::* cpe:2.3:o:apple:mac_os_x:10.10.0:::::::* cpe:2.3:o:apple:mac_os_x:10.1.5:::::::* cpe:2.3:o:apple:mac_os_x:10.1.4:::::::* cpe:2.3:o:apple:mac_os_x:10.1.3:::::::* cpe:2.3:o:apple:mac_os_x:10.1.2:::::::* cpe:2.3:o:apple:mac_os_x:10.1.1:::::::* cpe:2.3:o:apple:mac_os_x:10.1.0:::::::* cpe:2.3:o:apple:mac_os_x:10.1:::::::* cpe:2.3:o:apple:mac_os_x:10.0.4:::::::* cpe:2.3:o:apple:mac_os_x:10.0.3:::::::* cpe:2.3:o:apple:mac_os_x:10.0.2:::::::* cpe:2.3:o:apple:mac_os_x:10.0.1:::::::* cpe:2.3:o:apple:mac_os_x:10.0.0:::::::* cpe:2.3:o:apple:mac_os_x:10.0:::::::* cpe:2.3:o:apple:mac_os_x:::::::: cpe:2.3:o:apple:mac_os_x:-:::::::*	102
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts::: cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts::: cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::	3
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:7.0:::::::*	1
Os	Redhat Enterprise Linux cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*	1

Information Assurance Vulnerability Management (IAVM)

Date	Description
2015-08-20	IAVM : 2015-A-0199 - Multiple Vulnerabilities in Apple Mac OS X Severity : Category I - VMSKEY : V0061337
2015-02-05	IAVM : 2015-B-0014 - Multiple Vulnerabilities in VMware ESXi 5.5 Severity : Category I - VMSKEY : V0058513
2015-02-05	IAVM : 2015-B-0013 - Multiple Vulnerabilities in VMware ESXi 5.1 Severity : Category I - VMSKEY : V0058515
2014-12-11	IAVM : 2014-B-0161 - Multiple Vulnerabilities in VMware ESXi 5.1 Severity : Category I - VMSKEY : V0057717

Nessus® Vulnerability Scanner

Date	Description
2017-05-23	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-1366-1.nasl - Type : ACT_GATHER_INFO
2016-06-22	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0063.nasl - Type : ACT_GATHER_INFO
2016-04-04	Name : The remote device is affected by multiple vulnerabilities. File : appletv_7_2_1.nasl - Type : ACT_GATHER_INFO
2016-02-16	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL61570943.nasl - Type : ACT_GATHER_INFO
2015-12-30	Name : The remote VMware ESXi host is missing a security-related patch. File : vmware_VMSA-2014-0012_remote.nasl - Type : ACT_GATHER_INFO
2015-12-29	Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-959.nasl - Type : ACT_GATHER_INFO
2015-10-23	Name : The remote web server is affected by multiple vulnerabilities. File : oracle_http_server_cpu_oct_2015.nasl - Type : ACT_GATHER_INFO
2015-08-17	Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-006.nasl - Type : ACT_GATHER_INFO
2015-08-17	Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_5.nasl - Type : ACT_GATHER_INFO
2015-07-31	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0097.nasl - Type : ACT_GATHER_INFO
2015-05-27	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0003-1.nasl - Type : ACT_GATHER_INFO
2015-04-13	Name : The remote Fedora host is missing a security update. File : fedora_2015-4719.nasl - Type : ACT_GATHER_INFO
2015-04-08	Name : The remote Fedora host is missing a security update. File : fedora_2015-4658.nasl - Type : ACT_GATHER_INFO
2015-04-01	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0749.nasl - Type : ACT_GATHER_INFO
2015-03-31	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150330_libxml2_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-03-31	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0749.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-111.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0749.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-80.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-16.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-151.nasl - Type : ACT_GATHER_INFO
2015-01-29	Name : The remote VMware ESXi 5.5 host is affected by multiple vulnerabilities. File : vmware_esxi_5_5_build_2352327_remote.nasl - Type : ACT_GATHER_INFO
2015-01-29	Name : The remote VMware ESXi host is missing one or more security-related patches. File : vmware_VMSA-2015-0001.nasl - Type : ACT_GATHER_INFO
2015-01-27	Name : The remote web server is affected by multiple vulnerabilities. File : oracle_http_server_cpu_jan_2015.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_libxml2_20140819.nasl - Type : ACT_GATHER_INFO
2015-01-02	Name : The remote Fedora host is missing a security update. File : fedora_2014-17609.nasl - Type : ACT_GATHER_INFO
2015-01-02	Name : The remote Fedora host is missing a security update. File : fedora_2014-17573.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-244.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-06.nasl - Type : ACT_GATHER_INFO
2014-12-12	Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2014-0012.nasl - Type : ACT_GATHER_INFO
2014-12-12	Name : The remote VMware ESXi 5.1 host is affected by multiple vulnerabilities. File : vmware_esxi_5_1_build_2323236_remote.nasl - Type : ACT_GATHER_INFO
2014-12-06	Name : The remote VMware ESXi host is missing a security-related patch. File : vmware_VMSA-2014-0012.nasl - Type : ACT_GATHER_INFO
2014-12-05	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15872.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2014-0031.nasl - Type : ACT_GATHER_INFO
2014-11-24	Name : The remote Fedora host is missing a security update. File : fedora_2014-13047.nasl - Type : ACT_GATHER_INFO
2014-11-21	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141120_libxml2_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-11-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1885.nasl - Type : ACT_GATHER_INFO
2014-11-21	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1885.nasl - Type : ACT_GATHER_INFO
2014-11-21	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1885.nasl - Type : ACT_GATHER_INFO
2014-11-18	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libxml2-141020.nasl - Type : ACT_GATHER_INFO
2014-11-18	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-444.nasl - Type : ACT_GATHER_INFO
2014-11-10	Name : The remote AIX host is missing a vendor-supplied security patch. File : aix_U862099.nasl - Type : ACT_GATHER_INFO
2014-11-10	Name : The remote AIX host is missing a vendor-supplied security patch. File : aix_U861276.nasl - Type : ACT_GATHER_INFO
2014-11-03	Name : The remote Fedora host is missing a security update. File : fedora_2014-12915.nasl - Type : ACT_GATHER_INFO
2014-10-30	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-606.nasl - Type : ACT_GATHER_INFO
2014-10-28	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2389-1.nasl - Type : ACT_GATHER_INFO
2014-10-28	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3057.nasl - Type : ACT_GATHER_INFO
2014-10-24	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-204.nasl - Type : ACT_GATHER_INFO
2014-10-23	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141016_libxml2_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-10-22	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1655.nasl - Type : ACT_GATHER_INFO
2014-10-20	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_0642b06456c411e48b87bcaec565249c.nasl - Type : ACT_GATHER_INFO
2014-10-20	Name : The remote Fedora host is missing a security update. File : fedora_2014-12995.nasl - Type : ACT_GATHER_INFO
2014-10-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1655.nasl - Type : ACT_GATHER_INFO
2014-10-17	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1655.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-341.nasl - Type : ACT_GATHER_INFO
2014-09-22	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201409-08.nasl - Type : ACT_GATHER_INFO
2014-08-20	Name : The remote AIX host is missing a security patch. File : aix_IV62450.nasl - Type : ACT_GATHER_INFO
2014-08-20	Name : The remote AIX host is missing a security patch. File : aix_IV62449.nasl - Type : ACT_GATHER_INFO
2014-08-20	Name : The remote AIX host is missing a security patch. File : aix_IV62448.nasl - Type : ACT_GATHER_INFO
2014-08-20	Name : The remote AIX host is missing a security patch. File : aix_IV62447.nasl - Type : ACT_GATHER_INFO
2014-07-15	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2978.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-409.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-363.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-394.nasl - Type : ACT_GATHER_INFO
2014-05-20	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140519_libxml2_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-05-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0513.nasl - Type : ACT_GATHER_INFO
2014-05-20	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0513.nasl - Type : ACT_GATHER_INFO
2014-05-20	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0513.nasl - Type : ACT_GATHER_INFO
2014-05-16	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2214-1.nasl - Type : ACT_GATHER_INFO
2014-05-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_efdd0edcda3d11e39ecb2c4138874f7d.nasl - Type : ACT_GATHER_INFO
2014-05-13	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-086.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2015-03-27 13:29:07	Multiple Updates
2015-02-07 00:22:57	Multiple Updates
2015-01-22 21:27:38	Multiple Updates
2015-01-21 17:25:37	Multiple Updates
2014-07-16 13:25:05	Multiple Updates
2014-07-11 17:21:20	First insertion

Global Informations

Type	Count
Oval ID(s)	13
CPE ID(s)	261
IAVM(s)	4
Nessus® Exploit(s)	71

	Related
5	DSA-3057
5	CVE-2014-3660
4.3	CVE-2014-0191
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 3 more Alert(s)

5 - DSA-2978

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU