Executive Summary
Summary | |
---|---|
Title | GnuPG, Libgcrypt: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201402-24 | First vendor Publication | 2014-02-21 |
Vendor | Gentoo | Last vendor Modification | 2014-02-21 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 5.8 | Attack Range | Network |
Cvss Impact Score | 4.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been discovered in GnuPG and Libgcrypt, which may result in execution of arbitrary code, Denial of Service, or the disclosure of private keys. Background Description Impact Workaround Resolution All GnuPG 1.4 users should upgrade to the latest version: All Libgcrypt users should upgrade to the latest version: References Availability http://security.gentoo.org/glsa/glsa-201402-24.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201402-24.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-20 | Improper Input Validation |
25 % | CWE-310 | Cryptographic Issues |
25 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:17831 | |||
Oval ID: | oval:org.mitre.oval:def:17831 | ||
Title: | USN-1682-1 -- gnupg, gnupg2 vulnerability | ||
Description: | GnuPG could be made to corrupt the keyring if it imported a specially crafted key. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1682-1 CVE-2012-6085 | Version: | 7 |
Platform(s): | Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 8.04 | Product(s): | gnupg gnupg2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17876 | |||
Oval ID: | oval:org.mitre.oval:def:17876 | ||
Title: | USN-1923-1 -- gnupg, libgcrypt11 vulnerability | ||
Description: | GnuPG and Libgcrypt could be made to expose sensitive information. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1923-1 CVE-2013-4242 | Version: | 7 |
Platform(s): | Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | gnupg libgcrypt11 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18341 | |||
Oval ID: | oval:org.mitre.oval:def:18341 | ||
Title: | DSA-2601-1 gnupg - missing input sanitation | ||
Description: | KB Sriram discovered that GnuPG, the GNU Privacy Guard did not sufficiently sanitise public keys on import, which could lead to memory and keyring corruption. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2601-1 CVE-2012-6085 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | gnupg gnupg2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18882 | |||
Oval ID: | oval:org.mitre.oval:def:18882 | ||
Title: | DSA-2730-1 gnupg - information leak | ||
Description: | Yarom and Falkner discovered that RSA secret keys could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2730-1 CVE-2013-4242 | Version: | 8 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | gnupg |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18887 | |||
Oval ID: | oval:org.mitre.oval:def:18887 | ||
Title: | DSA-2731-1 libgcrypt11 - information leak | ||
Description: | Yarom and Falkner discovered that RSA secret keys in applications using the libgcrypt11 library, for example GnuPG 2.x, could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2731-1 CVE-2013-4242 | Version: | 8 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | libgcrypt11 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19160 | |||
Oval ID: | oval:org.mitre.oval:def:19160 | ||
Title: | USN-1987-1 -- gnupg, gnupg2 vulnerabilities | ||
Description: | Several security issues were fixed in GnuPG. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1987-1 CVE-2013-4351 CVE-2013-4402 | Version: | 5 |
Platform(s): | Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | gnupg gnupg2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19904 | |||
Oval ID: | oval:org.mitre.oval:def:19904 | ||
Title: | DSA-2773-1 gnupg - several | ||
Description: | Two vulnerabilities were discovered in GnuPG, the GNU privacy guard, a free PGP replacement. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2773-1 CVE-2013-4351 CVE-2013-4402 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | gnupg |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20090 | |||
Oval ID: | oval:org.mitre.oval:def:20090 | ||
Title: | DSA-2774-1 gnupg2 - several | ||
Description: | Two vulnerabilities were discovered in GnuPG 2, the GNU privacy guard, a free PGP replacement. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2774-1 CVE-2013-4351 CVE-2013-4402 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | gnupg2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20690 | |||
Oval ID: | oval:org.mitre.oval:def:20690 | ||
Title: | RHSA-2013:1459: gnupg2 security update (Moderate) | ||
Description: | The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:1459-00 CESA-2013:1459 CVE-2012-6085 CVE-2013-4351 CVE-2013-4402 | Version: | 45 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | gnupg2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20833 | |||
Oval ID: | oval:org.mitre.oval:def:20833 | ||
Title: | RHSA-2013:1458: gnupg security update (Moderate) | ||
Description: | The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:1458-00 CESA-2013:1458 CVE-2012-6085 CVE-2013-4242 CVE-2013-4351 CVE-2013-4402 | Version: | 59 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gnupg |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21277 | |||
Oval ID: | oval:org.mitre.oval:def:21277 | ||
Title: | RHSA-2013:1457: libgcrypt security update (Moderate) | ||
Description: | GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:1457-00 CESA-2013:1457 CVE-2013-4242 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | libgcrypt |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23444 | |||
Oval ID: | oval:org.mitre.oval:def:23444 | ||
Title: | DEPRECATED: ELSA-2013:1457: libgcrypt security update (Moderate) | ||
Description: | GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:1457-00 CVE-2013-4242 | Version: | 7 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libgcrypt |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23451 | |||
Oval ID: | oval:org.mitre.oval:def:23451 | ||
Title: | ELSA-2013:1458: gnupg security update (Moderate) | ||
Description: | The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:1458-00 CVE-2012-6085 CVE-2013-4242 CVE-2013-4351 CVE-2013-4402 | Version: | 21 |
Platform(s): | Oracle Linux 5 | Product(s): | gnupg |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23470 | |||
Oval ID: | oval:org.mitre.oval:def:23470 | ||
Title: | DEPRECATED: ELSA-2013:1459: gnupg2 security update (Moderate) | ||
Description: | The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:1459-00 CVE-2012-6085 CVE-2013-4351 CVE-2013-4402 | Version: | 18 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | gnupg2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23894 | |||
Oval ID: | oval:org.mitre.oval:def:23894 | ||
Title: | ELSA-2013:1459: gnupg2 security update (Moderate) | ||
Description: | The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:1459-00 CVE-2012-6085 CVE-2013-4351 CVE-2013-4402 | Version: | 17 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | gnupg2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24005 | |||
Oval ID: | oval:org.mitre.oval:def:24005 | ||
Title: | ELSA-2013:1457: libgcrypt security update (Moderate) | ||
Description: | GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:1457-00 CVE-2013-4242 | Version: | 6 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libgcrypt |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24793 | |||
Oval ID: | oval:org.mitre.oval:def:24793 | ||
Title: | SUSE-SU-2013:1578-1 -- Security update for gpg | ||
Description: | This GnuPG LTSS roll-up update fixes two security issues: * CVE-2013-4351: GnuPG treated no-usage-permitted keys as all-usages-permitted. * CVE-2013-4402: An infinite recursion in the compressed packet parser was fixed. * CVE-2013-4242: GnuPG allowed local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. * CVE-2012-6085: The read_block function in g10/import.c in GnuPG 1.4.x, when importing a key, allowed remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1578-1 CVE-2013-4351 CVE-2013-4402 CVE-2013-4242 CVE-2012-6085 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | gpg |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25073 | |||
Oval ID: | oval:org.mitre.oval:def:25073 | ||
Title: | SUSE-SU-2013:1058-1 -- Security update for gpg2 | ||
Description: | This update for gpg2 provides the following fixes: * Set proper file permissions when en/de-crypting files (bnc#780943) * Fix an issue that could cause corruption of the public keys database. (CVE-2012-6085, #798465) * Select proper ciphers when running in FIPS mode (bnc#808958) Security Issue reference * CVE-2012-6085 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 > | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1058-1 CVE-2012-6085 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | gpg2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25232 | |||
Oval ID: | oval:org.mitre.oval:def:25232 | ||
Title: | SUSE-SU-2013:1058-2 -- Security update for gpg2 | ||
Description: | This update for gpg2 provides the following fixes: * #780943: Set proper file permissions when en/de-crypting files. * #798465: Fix an issue that could cause corruption of the public keys database. (CVE-2012-6085) * #808958: Select proper ciphers when running in FIPS mode. Security Issue reference: * CVE-2012-6085 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 > | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1058-2 CVE-2012-6085 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | gpg2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25288 | |||
Oval ID: | oval:org.mitre.oval:def:25288 | ||
Title: | SUSE-SU-2013:1576-1 -- Security update for gpg2 | ||
Description: | This GnuPG update fixes two security issues: * CVE-2013-4351: GnuPG treated no-usage-permitted keys as all-usages-permitted. * CVE-2013-4402: An infinite recursion in the compressed packet parser was fixed. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1576-1 CVE-2013-4351 CVE-2013-4402 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | gpg2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25331 | |||
Oval ID: | oval:org.mitre.oval:def:25331 | ||
Title: | SUSE-SU-2014:0704-1 -- Security update for libgcrypt | ||
Description: | libgcrypt has been updated to fix a cryptographic weakness. * CVE-2013-4242: libgcrypt was affected by the Yarom/Falkner flush+reload side-channel attach on RSA secret keys, that could have potentially leaked the key data to attackers on the same machine. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0704-1 CVE-2013-4242 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | libgcrypt |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25338 | |||
Oval ID: | oval:org.mitre.oval:def:25338 | ||
Title: | SUSE-SU-2014:0750-1 -- Security update for gpg2 | ||
Description: | This is a SLES 11 SP1 LTSS rollup update for gpg2. The following security issues have been fixed: * CVE-2013-4402: The compressed packet parser in GnuPG allowed remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message. * CVE-2013-4351: GnuPG treated a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might have allowed remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey. * CVE-2012-6085: The read_block function in g10/import.c in GnuPG, when importing a key, allowed remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet. Also the following non-security bugs have been fixed: * set the umask before opening a file for writing (bnc#780943) * select proper ciphers when running in FIPS mode (bnc#808958) * add missing options to opts table (bnc#778723) | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0750-1 CVE-2013-4402 CVE-2013-4351 CVE-2012-6085 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | gpg2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25485 | |||
Oval ID: | oval:org.mitre.oval:def:25485 | ||
Title: | SUSE-SU-2013:1352-1 -- Security update for libgcrypt | ||
Description: | This update of libgcrypt mitigates the Yarom/Falkner flush+reload side-channel attack on RSA secret keys (CVE-2013-4242). Security Issue reference: * CVE-2013-4242 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242 > | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1352-1 CVE-2013-4242 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | libgcrypt |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25751 | |||
Oval ID: | oval:org.mitre.oval:def:25751 | ||
Title: | SUSE-SU-2013:1577-1 -- Security update for gpg | ||
Description: | This GnuPG LTSS roll-up update fixes two security issues: * CVE-2013-4351: GnuPG treated no-usage-permitted keys as all-usages-permitted. * CVE-2013-4402: An infinite recursion in the compressed packet parser was fixed. * CVE-2013-4242: GnuPG allowed local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. * CVE-2012-6085: The read_block function in g10/import.c in GnuPG 1.4.x, when importing a key, allowed remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1577-1 CVE-2013-4351 CVE-2013-4402 CVE-2013-4242 CVE-2012-6085 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | gpg |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26022 | |||
Oval ID: | oval:org.mitre.oval:def:26022 | ||
Title: | SUSE-SU-2013:1061-1 -- Security update for gpg | ||
Description: | This update for gpg provides the following fixes: * Set proper file permissions when en/de-crypting files (bnc#780943) * Fix an issue that could cause corruption of the public keys database. (CVE-2012-6085, bnc#798465) Security Issue reference: * CVE-2012-6085 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 > | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1061-1 CVE-2012-6085 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10 | Product(s): | gpg |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26955 | |||
Oval ID: | oval:org.mitre.oval:def:26955 | ||
Title: | DEPRECATED: ELSA-2013-1458 -- gnupg security update (moderate) | ||
Description: | [1.4.5-18] - fix CVE-2013-4351 gpg treats no-usage-permitted keys as all-usages-permitted [1.4.5-17] - fix CVE-2012-6085 GnuPG: read_block() corrupt key input validation - fix CVE-2013-4242 GnuPG susceptible to Yarom/Falkner side-channel attack - fix CVE-2013-4402 GnuPG: infinite recursion in the compressed packet parser [1.4.5-15] - fix error when decrypting certain files (#510500) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-1458 CVE-2013-4242 CVE-2012-6085 CVE-2013-4351 CVE-2013-4402 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | gnupg |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27177 | |||
Oval ID: | oval:org.mitre.oval:def:27177 | ||
Title: | DEPRECATED: ELSA-2013-1457 -- libgcrypt security update (moderate) | ||
Description: | [1.4.5-11] - fix CVE-2013-4242 GnuPG/libgcrypt susceptible to cache side-channel attack [1.4.5-10] - Add GCRYCTL_SET_ENFORCED_FIPS_FLAG command | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-1457 CVE-2013-4242 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libgcrypt |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27428 | |||
Oval ID: | oval:org.mitre.oval:def:27428 | ||
Title: | DEPRECATED: ELSA-2013-1459 -- gnupg2 security update (moderate) | ||
Description: | [2.0.14-6] - fix CVE-2013-4351 gpg treats no-usage-permitted keys as all-usages-permitted [2.0.14-5] - fix CVE-2012-6085 GnuPG: read_block() corrupt key input validation - fix CVE-2013-4402 GnuPG: infinite recursion in the compressed packet parser | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-1459 CVE-2012-6085 CVE-2013-4351 CVE-2013-4402 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | gnupg2 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-05-01 | IAVM : 2014-A-0062 - Multiple Vulnerabilities In McAfee Email Gateway Severity : Category I - VMSKEY : V0050005 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-06-22 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2016-0062.nasl - Type : ACT_GATHER_INFO |
2016-02-22 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL75253136.nasl - Type : ACT_GATHER_INFO |
2016-02-22 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL50413110.nasl - Type : ACT_GATHER_INFO |
2016-02-22 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL40131068.nasl - Type : ACT_GATHER_INFO |
2016-02-22 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL11785283.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1061-1.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_gnupg_20140731.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_libgcrypt_20140512.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-1527.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-736.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-455.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-716.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-758.nasl - Type : ACT_GATHER_INFO |
2014-06-10 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6851.nasl - Type : ACT_GATHER_INFO |
2014-02-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201402-24.nasl - Type : ACT_GATHER_INFO |
2013-11-14 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-237.nasl - Type : ACT_GATHER_INFO |
2013-11-14 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-236.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote Fedora host is missing a security update. File : fedora_2013-18647.nasl - Type : ACT_GATHER_INFO |
2013-10-27 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-1458.nasl - Type : ACT_GATHER_INFO |
2013-10-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1457.nasl - Type : ACT_GATHER_INFO |
2013-10-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1459.nasl - Type : ACT_GATHER_INFO |
2013-10-27 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-18814.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1457.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-1458.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1459.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1457.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1458.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1459.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131024_gnupg2_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131024_gnupg_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131024_libgcrypt_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gpg2-131008.nasl - Type : ACT_GATHER_INFO |
2013-10-15 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-287-01.nasl - Type : ACT_GATHER_INFO |
2013-10-15 | Name : The remote Fedora host is missing a security update. File : fedora_2013-18866.nasl - Type : ACT_GATHER_INFO |
2013-10-15 | Name : The remote Fedora host is missing a security update. File : fedora_2013-18807.nasl - Type : ACT_GATHER_INFO |
2013-10-15 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-287-02.nasl - Type : ACT_GATHER_INFO |
2013-10-13 | Name : The remote Fedora host is missing a security update. File : fedora_2013-18676.nasl - Type : ACT_GATHER_INFO |
2013-10-11 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-247.nasl - Type : ACT_GATHER_INFO |
2013-10-11 | Name : The remote Fedora host is missing a security update. File : fedora_2013-18543.nasl - Type : ACT_GATHER_INFO |
2013-10-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2773.nasl - Type : ACT_GATHER_INFO |
2013-10-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2774.nasl - Type : ACT_GATHER_INFO |
2013-10-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1987-1.nasl - Type : ACT_GATHER_INFO |
2013-10-06 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_749b55872da111e3b1a9b499baab0cbe.nasl - Type : ACT_GATHER_INFO |
2013-10-01 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-225.nasl - Type : ACT_GATHER_INFO |
2013-10-01 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-226.nasl - Type : ACT_GATHER_INFO |
2013-08-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_689c2bf7070111e39a25002590860428.nasl - Type : ACT_GATHER_INFO |
2013-08-16 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libgcrypt-130813.nasl - Type : ACT_GATHER_INFO |
2013-08-15 | Name : The remote Fedora host is missing a security update. File : fedora_2013-13940.nasl - Type : ACT_GATHER_INFO |
2013-08-10 | Name : The remote Fedora host is missing a security update. File : fedora_2013-13975.nasl - Type : ACT_GATHER_INFO |
2013-08-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-215-01.nasl - Type : ACT_GATHER_INFO |
2013-08-02 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-205.nasl - Type : ACT_GATHER_INFO |
2013-08-02 | Name : The remote Fedora host is missing a security update. File : fedora_2013-13678.nasl - Type : ACT_GATHER_INFO |
2013-08-02 | Name : The remote Fedora host is missing a security update. File : fedora_2013-13671.nasl - Type : ACT_GATHER_INFO |
2013-08-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1923-1.nasl - Type : ACT_GATHER_INFO |
2013-07-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2731.nasl - Type : ACT_GATHER_INFO |
2013-07-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2730.nasl - Type : ACT_GATHER_INFO |
2013-07-18 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gpg2-130613.nasl - Type : ACT_GATHER_INFO |
2013-07-18 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gpg2-130612.nasl - Type : ACT_GATHER_INFO |
2013-06-21 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gpg2-8576.nasl - Type : ACT_GATHER_INFO |
2013-06-21 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gpg-8575.nasl - Type : ACT_GATHER_INFO |
2013-06-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gpg2-130516.nasl - Type : ACT_GATHER_INFO |
2013-01-21 | Name : The remote Fedora host is missing a security update. File : fedora_2013-0477.nasl - Type : ACT_GATHER_INFO |
2013-01-21 | Name : The remote Fedora host is missing a security update. File : fedora_2013-0459.nasl - Type : ACT_GATHER_INFO |
2013-01-21 | Name : The remote Fedora host is missing a security update. File : fedora_2013-0222.nasl - Type : ACT_GATHER_INFO |
2013-01-14 | Name : The remote Fedora host is missing a security update. File : fedora_2013-0258.nasl - Type : ACT_GATHER_INFO |
2013-01-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1682-1.nasl - Type : ACT_GATHER_INFO |
2013-01-10 | Name : The remote Fedora host is missing a security update. File : fedora_2013-0148.nasl - Type : ACT_GATHER_INFO |
2013-01-10 | Name : The remote Fedora host is missing a security update. File : fedora_2013-0377.nasl - Type : ACT_GATHER_INFO |
2013-01-07 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2601.nasl - Type : ACT_GATHER_INFO |
2013-01-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-001.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2017-08-29 09:26:23 |
|
2016-12-08 09:25:39 |
|
2016-09-09 09:24:45 |
|
2016-04-27 01:11:11 |
|
2014-02-23 13:21:09 |
|
2014-02-21 17:22:57 |
|
2014-02-21 17:18:40 |
|