Executive Summary

Informations
Name MDVSA-2008:226 First vendor Publication 2008-11-06
Vendor Mandriva Last vendor Modification 2008-11-06
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A denial of service condition was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite loop and crash (CVE-2008-3443).

A number of flaws were found in Ruby that could allow an attacker to create a carefully crafted script that could allow for the bypass of certain safe-level restrictions (CVE-2008-3655).

A denial of service vulnerability was found in Ruby's HTTP server toolkit, WEBrick. A remote attacker could send a specially-crafted HTTP request to a WEBrick server that would cause it to use an excessive amount of CPU time (CVE-2008-3656).

An insufficient taintness check issue was found in Ruby's DL module, a module that provides direct access to the C language functions. This flaw could be used by an attacker to bypass intended safe-level restrictions by calling external C functions with the arguments from an untrusted tainted input (CVE-2008-3657).

A denial of service condition in Ruby's XML document parsing module (REXML) could cause a Ruby application using the REXML module to use an excessive amount of CPU and memory via XML documents with large XML entitity definitions recursion (CVE-2008-3790).

The Ruby DNS resolver library used predictable transaction IDs and a fixed source port when sending DNS requests. This could be used by a remote attacker to spoof a malicious reply to a DNS query (CVE-2008-3905).

The updated packages have been patched to correct these issues.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:226

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-399 Resource Management Errors
33 % CWE-20 Improper Input Validation
17 % CWE-287 Improper Authentication
17 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10034
 
Oval ID: oval:org.mitre.oval:def:10034
Title: resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
Description: resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
Family: unix Class: vulnerability
Reference(s): CVE-2008-3905
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10393
 
Oval ID: oval:org.mitre.oval:def:10393
Title: The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML document with recursively nested entities, aka an "XML entity explosion."
Description: The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML document with recursively nested entities, aka an "XML entity explosion."
Family: unix Class: vulnerability
Reference(s): CVE-2008-3790
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11602
 
Oval ID: oval:org.mitre.oval:def:11602
Title: Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via (1) untrace_var, (2) $PROGRAM_NAME, and (3) syslog at safe level 4, and (4) insecure methods at safe levels 1 through 3.
Description: Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via (1) untrace_var, (2) $PROGRAM_NAME, and (3) syslog at safe level 4, and (4) insecure methods at safe levels 1 through 3.
Family: unix Class: vulnerability
Reference(s): CVE-2008-3655
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13642
 
Oval ID: oval:org.mitre.oval:def:13642
Title: DSA-1695-1 ruby1.8, ruby1.9 -- memory leak
Description: The regular expression engine of Ruby, a scripting language, contains a memory leak which can be triggered remotely under certain circumstances, leading to a denial of service condition. In addition, this security update addresses a regression in the REXML XML parser of the ruby1.8 package; the regression was introduced in DSA-1651-1. For the stable distribution, this problem has been fixed in version 1.8.5-4etch4 of the ruby1.8 package, and version 1.9.0+20060609-1etch4 of the ruby1.9 package. For the unstable distribution, this problem has been fixed in version 1.8.7.72-1 of the ruby1.8 package. The ruby1.9 package will be fixed soon. We recommend that you upgrade your Ruby packages.
Family: unix Class: patch
Reference(s): DSA-1695-1
CVE-2008-3443
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): ruby1.8
ruby1.9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17113
 
Oval ID: oval:org.mitre.oval:def:17113
Title: USN-691-1 -- ruby1.9 vulnerability
Description: Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures.
Family: unix Class: patch
Reference(s): USN-691-1
CVE-2008-3443
CVE-2008-3790
Version: 7
Platform(s): Ubuntu 8.10
Product(s): ruby1.9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17538
 
Oval ID: oval:org.mitre.oval:def:17538
Title: USN-651-1 -- ruby1.8 vulnerabilities
Description: Akira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow.
Family: unix Class: patch
Reference(s): USN-651-1
CVE-2008-2376
CVE-2008-3443
CVE-2008-3655
CVE-2008-3656
CVE-2008-3657
CVE-2008-3790
CVE-2008-1447
CVE-2008-3905
Version: 7
Platform(s): Ubuntu 6.06
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04
Product(s): ruby1.8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18456
 
Oval ID: oval:org.mitre.oval:def:18456
Title: DSA-1652-1 ruby1.9 - several vulnerabilities
Description: Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems.
Family: unix Class: patch
Reference(s): DSA-1652-1
CVE-2008-3655
CVE-2008-3656
CVE-2008-3657
CVE-2008-3790
CVE-2008-3905
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): ruby1.9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20309
 
Oval ID: oval:org.mitre.oval:def:20309
Title: DSA-1651-1 ruby1.8 - several vulnerabilities
Description: Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems.
Family: unix Class: patch
Reference(s): DSA-1651-1
CVE-2008-3655
CVE-2008-3656
CVE-2008-3657
CVE-2008-3790
CVE-2008-3905
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): ruby1.8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28242
 
Oval ID: oval:org.mitre.oval:def:28242
Title: RHSA-2008:0897 -- ruby security update (Moderate)
Description: Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905)
Family: unix Class: patch
Reference(s): RHSA-2008:0897
CESA-2008:0897-CentOS 5
CVE-2008-1145
CVE-2008-3443
CVE-2008-3655
CVE-2008-3656
CVE-2008-3657
CVE-2008-3790
CVE-2008-3905
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
CentOS Linux 5
Product(s): ruby
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7525
 
Oval ID: oval:org.mitre.oval:def:7525
Title: DSA-1695 ruby1.8, ruby1.9 -- memory leak
Description: The regular expression engine of Ruby, a scripting language, contains a memory leak which can be triggered remotely under certain circumstances, leading to a denial of service condition (CVE-2008-3443). In addition, this security update addresses a regression in the REXML XML parser of the ruby1.8 package; the regression was introduced in DSA-1651-1.
Family: unix Class: patch
Reference(s): DSA-1695
CVE-2008-3443
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): ruby1.8
ruby1.9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7935
 
Oval ID: oval:org.mitre.oval:def:7935
Title: DSA-1651 ruby1.8 -- several vulnerabilities
Description: Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems: Keita Yamaguchi discovered that several safe level restrictions are insufficiently enforced. Christian Neukirchen discovered that the WebRick module uses inefficient algorithms for HTTP header splitting, resulting in denial of service through resource exhaustion. It was discovered that the dl module doesn't perform taintness checks. Luka Treiber and Mitja Kolsek discovered that recursively nested XML entities can lead to denial of service through resource exhaustion in rexml. Tanaka Akira discovered that the resolv module uses sequential transaction IDs and a fixed source port for DNS queries, which makes it more vulnerable to DNS spoofing attacks.
Family: unix Class: patch
Reference(s): DSA-1651
CVE-2008-3655
CVE-2008-3656
CVE-2008-3657
CVE-2008-3790
CVE-2008-3905
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): ruby1.8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8055
 
Oval ID: oval:org.mitre.oval:def:8055
Title: DSA-1652 ruby1.9 -- several vulnerabilities
Description: Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems: Keita Yamaguchi discovered that several safe level restrictions are insufficiently enforced. Christian Neukirchen discovered that the WebRick module uses inefficient algorithms for HTTP header splitting, resulting in denial of service through resource exhaustion. It was discovered that the dl module doesn't perform taintness checks. Luka Treiber and Mitja Kolsek discovered that recursively nested XML entities can lead to denial of service through resource exhaustion in rexml. Tanaka Akira discovered that the resolv module uses sequential transaction IDs and a fixed source port for DNS queries, which makes it more vulnerable to DNS spoofing attacks.
Family: unix Class: patch
Reference(s): DSA-1652
CVE-2008-3655
CVE-2008-3656
CVE-2008-3657
CVE-2008-3790
CVE-2008-3905
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): ruby1.9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9570
 
Oval ID: oval:org.mitre.oval:def:9570
Title: The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick.
Description: The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick.
Family: unix Class: vulnerability
Reference(s): CVE-2008-3443
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9682
 
Oval ID: oval:org.mitre.oval:def:9682
Title: Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.
Description: Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.
Family: unix Class: vulnerability
Reference(s): CVE-2008-3656
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9793
 
Oval ID: oval:org.mitre.oval:def:9793
Title: The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen.
Description: The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen.
Family: unix Class: vulnerability
Reference(s): CVE-2008-3657
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 869

OpenVAS Exploits

Date Description
2010-05-12 Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2009-12-14 Name : Fedora Core 10 FEDORA-2009-13066 (ruby)
File : nvt/fcore_2009_13066.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-11 Name : SLES11: Security update for ruby
File : nvt/sles11_ruby.nasl
2009-10-10 Name : SLES9: Security update for ruby
File : nvt/sles9p5053737.nasl
2009-07-29 Name : SuSE Security Advisory SUSE-SA:2009:037 (dhcp-client)
File : nvt/suse_sa_2009_037.nasl
2009-06-05 Name : Ubuntu USN-698-3 (nagios2)
File : nvt/ubuntu_698_3.nasl
2009-04-09 Name : Mandriva Update for ruby MDVSA-2008:226 (ruby)
File : nvt/gb_mandriva_MDVSA_2008_226.nasl
2009-03-23 Name : Ubuntu Update for ruby1.9 vulnerability USN-691-1
File : nvt/gb_ubuntu_USN_691_1.nasl
2009-03-23 Name : Ubuntu Update for ruby1.8 vulnerabilities USN-651-1
File : nvt/gb_ubuntu_USN_651_1.nasl
2009-03-06 Name : RedHat Update for ruby RHSA-2008:0896-01
File : nvt/gb_RHSA-2008_0896-01_ruby.nasl
2009-03-06 Name : RedHat Update for ruby RHSA-2008:0981-02
File : nvt/gb_RHSA-2008_0981-02_ruby.nasl
2009-03-06 Name : RedHat Update for ruby RHSA-2008:0897-01
File : nvt/gb_RHSA-2008_0897-01_ruby.nasl
2009-03-06 Name : RedHat Update for ruby RHSA-2008:0895-02
File : nvt/gb_RHSA-2008_0895-02_ruby.nasl
2009-02-27 Name : CentOS Update for irb CESA-2008:0981 centos4 x86_64
File : nvt/gb_CESA-2008_0981_irb_centos4_x86_64.nasl
2009-02-27 Name : CentOS Update for irb CESA-2008:0981 centos4 i386
File : nvt/gb_CESA-2008_0981_irb_centos4_i386.nasl
2009-02-27 Name : CentOS Update for irb CESA-2008:0897 centos4 x86_64
File : nvt/gb_CESA-2008_0897_irb_centos4_x86_64.nasl
2009-02-27 Name : CentOS Update for irb CESA-2008:0897 centos4 i386
File : nvt/gb_CESA-2008_0897_irb_centos4_i386.nasl
2009-02-27 Name : CentOS Update for irb CESA-2008:0896 centos3 x86_64
File : nvt/gb_CESA-2008_0896_irb_centos3_x86_64.nasl
2009-02-27 Name : CentOS Update for irb CESA-2008:0896 centos3 i386
File : nvt/gb_CESA-2008_0896_irb_centos3_i386.nasl
2009-02-27 Name : CentOS Update for ruby CESA-2008:0895-02 centos2 i386
File : nvt/gb_CESA-2008_0895-02_ruby_centos2_i386.nasl
2009-02-17 Name : Fedora Update for ruby FEDORA-2008-8736
File : nvt/gb_fedora_2008_8736_ruby_fc8.nasl
2009-02-17 Name : Fedora Update for ruby FEDORA-2008-8738
File : nvt/gb_fedora_2008_8738_ruby_fc9.nasl
2009-01-07 Name : Debian Security Advisory DSA 1695-1 (ruby1.8, ruby1.9)
File : nvt/deb_1695_1.nasl
2008-12-23 Name : Gentoo Security Advisory GLSA 200812-17 (ruby)
File : nvt/glsa_200812_17.nasl
2008-11-01 Name : Debian Security Advisory DSA 1651-1 (ruby1.8)
File : nvt/deb_1651_1.nasl
2008-11-01 Name : Debian Security Advisory DSA 1652-1 (ruby1.9)
File : nvt/deb_1652_1.nasl
2008-09-04 Name : FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma
File : nvt/freebsd_ruby8.nasl
2008-09-04 Name : FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma
File : nvt/freebsd_ruby7.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
47800 Ruby Regexp Engine (regex.c) Crafted Socket Request DoS

47753 Ruby REXML Library Crafted XML Document Handling DoS

47472 Ruby dl Module DL.dlopen Arbitrary Library Access

47471 WEBrick in Ruby WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS

Ruby contains a flaw that may allow a remote denial of service. The issue is triggered when WEBrick receives a specially crafted HTTP request with malformed regular expressions, and will result in loss of availability for the platform.
47470 Ruby Safe Level Multiple Function Restriction Bypass

47469 Ruby resolv.rb DNS Query ID Field Prediction Cache Poisoning

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0981.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0897.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0896.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20081204_ruby_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20081021_ruby_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_ruby-6338.nasl - Type : ACT_GATHER_INFO
2009-10-06 Name : The remote openSUSE host is missing a security update.
File : suse_ruby-6339.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_ruby-090703.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12452.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_ruby-090703.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_ruby-090703.nasl - Type : ACT_GATHER_INFO
2009-05-13 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO
2009-05-13 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2009-002.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-691-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-651-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-226.nasl - Type : ACT_GATHER_INFO
2009-01-06 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1695.nasl - Type : ACT_GATHER_INFO
2008-12-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0981.nasl - Type : ACT_GATHER_INFO
2008-12-17 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200812-17.nasl - Type : ACT_GATHER_INFO
2008-12-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0981.nasl - Type : ACT_GATHER_INFO
2008-12-01 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2008-334-01.nasl - Type : ACT_GATHER_INFO
2008-10-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0897.nasl - Type : ACT_GATHER_INFO
2008-10-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0897.nasl - Type : ACT_GATHER_INFO
2008-10-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0896.nasl - Type : ACT_GATHER_INFO
2008-10-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0895.nasl - Type : ACT_GATHER_INFO
2008-10-22 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0896.nasl - Type : ACT_GATHER_INFO
2008-10-13 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1652.nasl - Type : ACT_GATHER_INFO
2008-10-13 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1651.nasl - Type : ACT_GATHER_INFO
2008-10-10 Name : The remote Fedora host is missing a security update.
File : fedora_2008-8738.nasl - Type : ACT_GATHER_INFO
2008-10-10 Name : The remote Fedora host is missing a security update.
File : fedora_2008-8736.nasl - Type : ACT_GATHER_INFO
2008-08-17 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c329712a6b5b11dd9d79001fc61c2a55.nasl - Type : ACT_GATHER_INFO
2008-08-17 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f7ba20aa6b5a11dd9d79001fc61c2a55.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:39:47
  • Multiple Updates