Executive Summary
Summary | |
---|---|
Title | OpenSSL: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201506-02 | First vendor Publication | 2015-06-22 |
Vendor | Gentoo | Last vendor Modification | 2015-06-22 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been found in OpenSSL that can result in either Denial of Service or information disclosure. Background Description Impact Workaround Resolution All OpenSSL 0.9.8 users should upgrade to the latest version: References Availability https://security.gentoo.org/glsa/201506-02 |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201506-02.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-399 | Resource Management Errors |
33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
17 % | CWE-362 | Race Condition |
17 % | CWE-310 | Cryptographic Issues |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:28506 | |||
Oval ID: | oval:org.mitre.oval:def:28506 | ||
Title: | AIX OpenSSL NewSessionTicket vulnerability | ||
Description: | Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-1791 | Version: | 5 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28583 | |||
Oval ID: | oval:org.mitre.oval:def:28583 | ||
Title: | USN-2639-1 -- openssl vulnerabilities | ||
Description: | openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2639-1 CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 12.04 Ubuntu 15.04 Ubuntu 14.10 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29017 | |||
Oval ID: | oval:org.mitre.oval:def:29017 | ||
Title: | AIX OpenSSL PKCS#7 parsing code vulnerability | ||
Description: | The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-1790 | Version: | 5 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29160 | |||
Oval ID: | oval:org.mitre.oval:def:29160 | ||
Title: | USN-2639-1 -- openssl vulnerabilities | ||
Description: | openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2639-1 CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 12.04 Ubuntu 15.04 Ubuntu 14.10 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29191 | |||
Oval ID: | oval:org.mitre.oval:def:29191 | ||
Title: | HP-UX OpenSSL Vulnerability (Exploitable out-of-bounds read in X509_cmp_time) | ||
Description: | The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-1789 | Version: | 1 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29224 | |||
Oval ID: | oval:org.mitre.oval:def:29224 | ||
Title: | HP-UX OpenSSL Vulnerability (Malformed ECParameters causes infinite loop) | ||
Description: | The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-1788 | Version: | 1 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29229 | |||
Oval ID: | oval:org.mitre.oval:def:29229 | ||
Title: | HP-UX OpenSSL Vulnerability (PKCS7 crash with missing EnvelopedContent) | ||
Description: | The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-1790 | Version: | 1 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29239 | |||
Oval ID: | oval:org.mitre.oval:def:29239 | ||
Title: | HP-UX OpenSSL Vulnerability (Race condition handling NewSessionTicket) | ||
Description: | Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-1791 | Version: | 1 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29305 | |||
Oval ID: | oval:org.mitre.oval:def:29305 | ||
Title: | AIX OpenSSL X509_cmp_time vulnerability | ||
Description: | The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-1789 | Version: | 5 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29329 | |||
Oval ID: | oval:org.mitre.oval:def:29329 | ||
Title: | AIX Logjam Vulnerability | ||
Description: | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-4000 | Version: | 5 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29344 | |||
Oval ID: | oval:org.mitre.oval:def:29344 | ||
Title: | AIX OpenSSL binary polynomial field vulnerability | ||
Description: | The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-1788 | Version: | 5 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29364 | |||
Oval ID: | oval:org.mitre.oval:def:29364 | ||
Title: | AIX OpenSSL DTLS peer vulnerability (segmentation fault or memory corruption) | ||
Description: | The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-8176 | Version: | 5 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29435 | |||
Oval ID: | oval:org.mitre.oval:def:29435 | ||
Title: | AIX OpenSSL CMS Code vulnerability | ||
Description: | The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-1792 | Version: | 5 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29466 | |||
Oval ID: | oval:org.mitre.oval:def:29466 | ||
Title: | HP-UX OpenSSL Vulnerability (CMS verify infinite loop with unknown hash function) | ||
Description: | The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-1792 | Version: | 1 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29478 | |||
Oval ID: | oval:org.mitre.oval:def:29478 | ||
Title: | HP-UX OpenSSL Vulnerability (DHE man-in-the-middle protection (Logjam)) | ||
Description: | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-4000 | Version: | 1 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-08-20 | IAVM : 2015-A-0199 - Multiple Vulnerabilities in Apple Mac OS X Severity : Category I - VMSKEY : V0061337 |
2015-07-16 | IAVM : 2015-A-0158 - Multiple Vulnerabilities in Oracle Java SE Severity : Category I - VMSKEY : V0061089 |
Snort® IPS/IDS
Date | Description |
---|---|
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33806 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33805 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33804 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33803 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33802 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33801 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33800 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33799 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33798 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33797 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33796 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33795 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33794 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33793 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33792 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33791 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33790 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33789 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33788 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33787 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33786 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade cipher suite attempt RuleID : 33785 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33784 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33783 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33782 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33781 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33780 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33779 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33778 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33777 - Revision : 6 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-12-04 | Name : The remote host is missing a vendor-supplied security patch. File : check_point_gaia_sk106499.nasl - Type : ACT_GATHER_INFO |
2017-01-20 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201701-46.nasl - Type : ACT_GATHER_INFO |
2016-10-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3688.nasl - Type : ACT_GATHER_INFO |
2016-09-27 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2385-1.nasl - Type : ACT_GATHER_INFO |
2016-09-09 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-1064.nasl - Type : ACT_GATHER_INFO |
2016-09-08 | Name : The remote host is affected by multiple vulnerabilities. File : screenos_JSA10733.nasl - Type : ACT_GATHER_INFO |
2016-09-02 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2209-1.nasl - Type : ACT_GATHER_INFO |
2016-08-29 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1618-1.nasl - Type : ACT_GATHER_INFO |
2016-06-23 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10727.nasl - Type : ACT_GATHER_INFO |
2016-06-08 | Name : The remote Debian host is missing a security update. File : debian_DLA-507.nasl - Type : ACT_GATHER_INFO |
2016-06-01 | Name : The remote device is affected by multiple vulnerabilities. File : cisco_ace_A5_3_3.nasl - Type : ACT_GATHER_INFO |
2016-05-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201605-06.nasl - Type : ACT_GATHER_INFO |
2016-05-13 | Name : A web application running on the remote host is affected by multiple vulnerab... File : solarwinds_srm_profiler_6_2_3.nasl - Type : ACT_GATHER_INFO |
2016-03-29 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_2_6.nasl - Type : ACT_GATHER_INFO |
2016-03-24 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_5_4.nasl - Type : ACT_GATHER_INFO |
2016-03-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201603-11.nasl - Type : ACT_GATHER_INFO |
2016-03-10 | Name : The remote AIX host has a version of OpenSSL installed that is affected by mu... File : aix_openssl_advisory17.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-294.nasl - Type : ACT_GATHER_INFO |
2016-02-18 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-218.nasl - Type : ACT_GATHER_INFO |
2016-02-17 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-215.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-102.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-104.nasl - Type : ACT_GATHER_INFO |
2016-02-02 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_1r.nasl - Type : ACT_GATHER_INFO |
2016-02-02 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_2f.nasl - Type : ACT_GATHER_INFO |
2016-01-28 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16898.nasl - Type : ACT_GATHER_INFO |
2016-01-28 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16913.nasl - Type : ACT_GATHER_INFO |
2016-01-26 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-92.nasl - Type : ACT_GATHER_INFO |
2016-01-26 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0224-1.nasl - Type : ACT_GATHER_INFO |
2016-01-21 | Name : The application installed on the remote host is affected by multiple vulnerab... File : oracle_secure_global_desktop_jan_2016_cpu.nasl - Type : ACT_GATHER_INFO |
2016-01-06 | Name : The remote database server is affected by multiple vulnerabilities. File : db2_105fp7_nix.nasl - Type : ACT_GATHER_INFO |
2016-01-06 | Name : The remote database server is affected by multiple vulnerabilities. File : db2_105fp7_win.nasl - Type : ACT_GATHER_INFO |
2016-01-04 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201512-10.nasl - Type : ACT_GATHER_INFO |
2015-12-21 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-2303-1.nasl - Type : ACT_GATHER_INFO |
2015-12-17 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-889.nasl - Type : ACT_GATHER_INFO |
2015-12-11 | Name : The remote multi-function device is affected by multiple vulnerabilities. File : xerox_xrx15av.nasl - Type : ACT_GATHER_INFO |
2015-11-19 | Name : The remote Nessus installation is affected by multiple denial of service vuln... File : nessus_tns_2015_07.nasl - Type : ACT_GATHER_INFO |
2015-11-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1851-1.nasl - Type : ACT_GATHER_INFO |
2015-11-02 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1840-1.nasl - Type : ACT_GATHER_INFO |
2015-10-12 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1695-1.nasl - Type : ACT_GATHER_INFO |
2015-10-09 | Name : The remote host allows SSH connections with one or more Diffie-Hellman moduli... File : ssh_logjam.nasl - Type : ACT_GATHER_INFO |
2015-10-06 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-635.nasl - Type : ACT_GATHER_INFO |
2015-09-22 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1581-1.nasl - Type : ACT_GATHER_INFO |
2015-09-18 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16914.nasl - Type : ACT_GATHER_INFO |
2015-09-18 | Name : The remote IBM HTTP Server is affected by multiple vulnerabilities. File : websphere_8_5_5_7.nasl - Type : ACT_GATHER_INFO |
2015-09-16 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16674.nasl - Type : ACT_GATHER_INFO |
2015-09-15 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1547-2.nasl - Type : ACT_GATHER_INFO |
2015-09-14 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1544-1.nasl - Type : ACT_GATHER_INFO |
2015-09-14 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1547-1.nasl - Type : ACT_GATHER_INFO |
2015-09-11 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1526-1.nasl - Type : ACT_GATHER_INFO |
2015-09-09 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1509-1.nasl - Type : ACT_GATHER_INFO |
2015-09-04 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1482-1.nasl - Type : ACT_GATHER_INFO |
2015-09-01 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1449-1.nasl - Type : ACT_GATHER_INFO |
2015-08-31 | Name : The remote Debian host is missing a security update. File : debian_DLA-303.nasl - Type : ACT_GATHER_INFO |
2015-08-26 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-586.nasl - Type : ACT_GATHER_INFO |
2015-08-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3339.nasl - Type : ACT_GATHER_INFO |
2015-08-21 | Name : The remote web server is running an application that is affected by multiple ... File : splunk_625.nasl - Type : ACT_GATHER_INFO |
2015-08-19 | Name : The remote AIX host is missing a security patch. File : aix_IV75967.nasl - Type : ACT_GATHER_INFO |
2015-08-17 | Name : The remote AIX host has a version of Java SDK installed that is affected by m... File : aix_java_july2015_advisory.nasl - Type : ACT_GATHER_INFO |
2015-08-17 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_5.nasl - Type : ACT_GATHER_INFO |
2015-08-17 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-006.nasl - Type : ACT_GATHER_INFO |
2015-08-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1604.nasl - Type : ACT_GATHER_INFO |
2015-08-13 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1375-1.nasl - Type : ACT_GATHER_INFO |
2015-08-11 | Name : The remote AIX host is missing a security patch. File : aix_IV75643.nasl - Type : ACT_GATHER_INFO |
2015-08-11 | Name : The remote AIX host is missing a security patch. File : aix_IV75644.nasl - Type : ACT_GATHER_INFO |
2015-08-11 | Name : The remote AIX host is missing a security patch. File : aix_IV75645.nasl - Type : ACT_GATHER_INFO |
2015-08-11 | Name : The remote AIX host is missing a security patch. File : aix_IV75646.nasl - Type : ACT_GATHER_INFO |
2015-08-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2706-1.nasl - Type : ACT_GATHER_INFO |
2015-08-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1544.nasl - Type : ACT_GATHER_INFO |
2015-08-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150730_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2015-08-04 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1329-1.nasl - Type : ACT_GATHER_INFO |
2015-08-04 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1331-1.nasl - Type : ACT_GATHER_INFO |
2015-08-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3324.nasl - Type : ACT_GATHER_INFO |
2015-07-31 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1526.nasl - Type : ACT_GATHER_INFO |
2015-07-31 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1526.nasl - Type : ACT_GATHER_INFO |
2015-07-31 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1526.nasl - Type : ACT_GATHER_INFO |
2015-07-31 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1319-1.nasl - Type : ACT_GATHER_INFO |
2015-07-31 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1320-1.nasl - Type : ACT_GATHER_INFO |
2015-07-31 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2696-1.nasl - Type : ACT_GATHER_INFO |
2015-07-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3316.nasl - Type : ACT_GATHER_INFO |
2015-07-27 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-507.nasl - Type : ACT_GATHER_INFO |
2015-07-27 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-511.nasl - Type : ACT_GATHER_INFO |
2015-07-27 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-512.nasl - Type : ACT_GATHER_INFO |
2015-07-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1488.nasl - Type : ACT_GATHER_INFO |
2015-07-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-569.nasl - Type : ACT_GATHER_INFO |
2015-07-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-570.nasl - Type : ACT_GATHER_INFO |
2015-07-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-571.nasl - Type : ACT_GATHER_INFO |
2015-07-23 | Name : A web application on the remote host is affected by multiple vulnerabilities. File : puppet_enterprise_activemq_psql_ssl.nasl - Type : ACT_GATHER_INFO |
2015-07-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1485.nasl - Type : ACT_GATHER_INFO |
2015-07-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1486.nasl - Type : ACT_GATHER_INFO |
2015-07-21 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1268-2.nasl - Type : ACT_GATHER_INFO |
2015-07-21 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1269-1.nasl - Type : ACT_GATHER_INFO |
2015-07-21 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2673-1.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote AIX host has a version of OpenSSL installed that is affected by mu... File : aix_openssl_advisory14.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-495.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1241.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1242.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1243.nasl - Type : ACT_GATHER_INFO |
2015-07-18 | Name : The remote database server is affected by multiple vulnerabilities. File : db2_97fp10_multi_vuln.nasl - Type : ACT_GATHER_INFO |
2015-07-17 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_jul_2015.nasl - Type : ACT_GATHER_INFO |
2015-07-17 | Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_jul_2015_unix.nasl - Type : ACT_GATHER_INFO |
2015-07-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1230.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1228.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1229.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1230.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_44d9daee940c417986bb6e3ffd617869.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : A programming platform installed on the remote Windows host is affected by mu... File : oracle_jrockit_cpu_jul_2015.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1228.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1229.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1228.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1229.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1230.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150715_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150715_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150715_java_1_8_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2656-2.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-480.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1177-2.nasl - Type : ACT_GATHER_INFO |
2015-07-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-479.nasl - Type : ACT_GATHER_INFO |
2015-07-13 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2656-1.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-474.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_31_8_esr.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_38_1_esr.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_39_0.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote Mac OS X host contains a mail client that is affected by multiple ... File : macosx_thunderbird_38_1.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_31_8_esr.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_38_1_esr.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_39_0.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_38_1.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1181-2.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1182-2.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1183-2.nasl - Type : ACT_GATHER_INFO |
2015-07-07 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1184-2.nasl - Type : ACT_GATHER_INFO |
2015-07-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1197.nasl - Type : ACT_GATHER_INFO |
2015-07-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3300.nasl - Type : ACT_GATHER_INFO |
2015-07-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150625_nss_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-07-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150630_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2015-07-06 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1177-1.nasl - Type : ACT_GATHER_INFO |
2015-07-06 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1184-1.nasl - Type : ACT_GATHER_INFO |
2015-07-01 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_4.nasl - Type : ACT_GATHER_INFO |
2015-07-01 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-005.nasl - Type : ACT_GATHER_INFO |
2015-07-01 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1197.nasl - Type : ACT_GATHER_INFO |
2015-06-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1197.nasl - Type : ACT_GATHER_INFO |
2015-06-29 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1150-1.nasl - Type : ACT_GATHER_INFO |
2015-06-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1185.nasl - Type : ACT_GATHER_INFO |
2015-06-26 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-447.nasl - Type : ACT_GATHER_INFO |
2015-06-26 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1185.nasl - Type : ACT_GATHER_INFO |
2015-06-26 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1143-1.nasl - Type : ACT_GATHER_INFO |
2015-06-25 | Name : The remote Fedora host is missing a security update. File : fedora_2015-10108.nasl - Type : ACT_GATHER_INFO |
2015-06-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1185.nasl - Type : ACT_GATHER_INFO |
2015-06-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201506-02.nasl - Type : ACT_GATHER_INFO |
2015-06-22 | Name : The remote Fedora host is missing a security update. File : fedora_2015-10047.nasl - Type : ACT_GATHER_INFO |
2015-06-18 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-550.nasl - Type : ACT_GATHER_INFO |
2015-06-18 | Name : The remote Debian host is missing a security update. File : debian_DLA-247.nasl - Type : ACT_GATHER_INFO |
2015-06-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150615_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-06-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1115.nasl - Type : ACT_GATHER_INFO |
2015-06-16 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1115.nasl - Type : ACT_GATHER_INFO |
2015-06-16 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2015-0070.nasl - Type : ACT_GATHER_INFO |
2015-06-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1115.nasl - Type : ACT_GATHER_INFO |
2015-06-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3287.nasl - Type : ACT_GATHER_INFO |
2015-06-15 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2015-9161.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2015-162-01.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8305e215108011e58ba2000c2980a9f3.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_0_9_8zg.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_0s.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_1n.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_2b.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2639-1.nasl - Type : ACT_GATHER_INFO |
2015-06-08 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150604_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-06-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1072.nasl - Type : ACT_GATHER_INFO |
2015-06-05 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1072.nasl - Type : ACT_GATHER_INFO |
2015-06-05 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2015-0065.nasl - Type : ACT_GATHER_INFO |
2015-06-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1072.nasl - Type : ACT_GATHER_INFO |
2015-06-03 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2015-9048.nasl - Type : ACT_GATHER_INFO |
2015-06-02 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2015-9130.nasl - Type : ACT_GATHER_INFO |
2015-05-28 | Name : The remote host allows SSL/TLS connections with one or more Diffie-Hellman mo... File : ssl_logjam.nasl - Type : ACT_GATHER_INFO |
2015-05-21 | Name : The remote host supports a set of weak ciphers. File : ssl_dh_export_supported_ciphers.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-01-22 09:26:18 |
|
2015-06-24 13:27:51 |
|
2015-06-22 17:25:05 |
|