Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2009:037 | First vendor Publication | 2009-02-16 |
Vendor | Mandriva | Last vendor Modification | 2009-02-16 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025. In this particular case the DSA_verify function was fixed with MDVSA-2009:002, this update does however address the RSA_verify function (CVE-2009-0265). |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:037 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
25 % | CWE-295 | Certificate Issues |
25 % | CWE-287 | Improper Authentication |
25 % | CWE-252 | Unchecked Return Value |
25 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10879 | |||
Oval ID: | oval:org.mitre.oval:def:10879 | ||
Title: | BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | ||
Description: | BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0025 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13365 | |||
Oval ID: | oval:org.mitre.oval:def:13365 | ||
Title: | DSA-1703-1 bind9 -- interpretation conflict | ||
Description: | It was discovered that BIND, an implementation of the DNS protocol suite, does not properly check the result of an OpenSSL function which is used to verify DSA cryptographic signatures. As a result, incorrect DNS resource records in zones protected by DNSSEC could be accepted as genuine. For the stable distribution, this problem has been fixed in version 1:9.3.4-2etch4. For the unstable distribution and the testing distribution, this problem will be fixed soon. We recommend that you upgrade your BIND packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1703-1 CVE-2009-0025 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | bind9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13504 | |||
Oval ID: | oval:org.mitre.oval:def:13504 | ||
Title: | DSA-1701-1 openssl, openssl097 -- interpretation conflict | ||
Description: | It was discovered that OpenSSL does not properly verify DSA signatures on X.509 certificates due to an API misuse, potentially leading to the acceptance of incorrect X.509 certificates as genuine. For the stable distribution, this problem has been fixed in version 0.9.8c-4etch4 of the openssl package, and version 0.9.7k-3.1etch2 of the openssl097 package. For the unstable distribution, this problem has been fixed in version 0.9.8g-15. The testing distribution will be fixed soon. We recommend that you upgrade your OpenSSL packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1701-1 CVE-2008-5077 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | openssl openssl097 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13925 | |||
Oval ID: | oval:org.mitre.oval:def:13925 | ||
Title: | USN-704-1 -- openssl vulnerability | ||
Description: | It was discovered that OpenSSL did not properly perform signature verification on DSA and ECDSA keys. If user or automated system connected to a malicious server or a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-704-1 CVE-2008-5077 | Version: | 5 |
Platform(s): | Ubuntu 7.10 Ubuntu 8.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21048 | |||
Oval ID: | oval:org.mitre.oval:def:21048 | ||
Title: | Multiple vulnerabilities in AIX BIND | ||
Description: | BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0025 | Version: | 6 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21759 | |||
Oval ID: | oval:org.mitre.oval:def:21759 | ||
Title: | ELSA-2009:0004: openssl security update (Important) | ||
Description: | OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:0004-01 CVE-2008-5077 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | openssl openssl095a openssl096 openssl096b openssl097a |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22671 | |||
Oval ID: | oval:org.mitre.oval:def:22671 | ||
Title: | ELSA-2009:0020: bind security update (Moderate) | ||
Description: | BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:0020-01 CVE-2009-0025 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | bind |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28712 | |||
Oval ID: | oval:org.mitre.oval:def:28712 | ||
Title: | RHSA-2009:0004 -- openssl security update (Important) | ||
Description: | Updated OpenSSL packages that correct a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength, general purpose, cryptography library. The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a malicious server, or able to effect a man in the middle attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client and bypass validation. (CVE-2008-5077) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:0004 CESA-2009:0004-CentOS 3 CESA-2009:0004-CentOS 5 CESA-2009:0004-CentOS 2 CVE-2008-5077 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 3 CentOS Linux 5 CentOS Linux 2 | Product(s): | openssl openssl095a openssl096 openssl096b openssl097a |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28987 | |||
Oval ID: | oval:org.mitre.oval:def:28987 | ||
Title: | RHSA-2009:0020 -- bind security update (Moderate) | ||
Description: | Updated Bind packages to correct a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. A flaw was discovered in the way BIND checked the return value of the OpenSSL DSA_do_verify function. On systems using DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation, allowing spoofing attacks. (CVE-2009-0025) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:0020 CESA-2009:0020-CentOS 5 CESA-2009:0020-CentOS 2 CESA-2009:0020-CentOS 3 CVE-2009-0025 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 5 CentOS Linux 2 CentOS Linux 3 | Product(s): | bind |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5569 | |||
Oval ID: | oval:org.mitre.oval:def:5569 | ||
Title: | Avaya Solaris BIND "EVP_VerifyFinal()" Signature Spoofing Vulnerability | ||
Description: | BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0025 | Version: | 1 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6380 | |||
Oval ID: | oval:org.mitre.oval:def:6380 | ||
Title: | OpenSSL DSA and ECDSA "EVP_VerifyFinal()" Spoofing Vulnerability | ||
Description: | OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-5077 | Version: | 1 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7738 | |||
Oval ID: | oval:org.mitre.oval:def:7738 | ||
Title: | DSA-1701 openssl, openssl097 -- interpretation conflict | ||
Description: | It was discovered that OpenSSL does not properly verify DSA signatures on X.509 certificates due to an API misuse, potentially leading to the acceptance of incorrect X.509 certificates as genuine (CVE-2008-5077). | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1701 CVE-2008-5077 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | openssl openssl097 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7929 | |||
Oval ID: | oval:org.mitre.oval:def:7929 | ||
Title: | DSA-1703 bind9 -- interpretation conflict | ||
Description: | It was discovered that BIND, an implementation of the DNS protocol suite, does not properly check the result of an OpenSSL function, which is used to verify DSA cryptographic signatures. As a result, incorrect DNS resource records in zones protected by DNSSEC could be accepted as genuine. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1703 CVE-2009-0025 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | bind9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9155 | |||
Oval ID: | oval:org.mitre.oval:def:9155 | ||
Title: | OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. | ||
Description: | OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-5077 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for bind CESA-2009:0020 centos5 i386 File : nvt/gb_CESA-2009_0020_bind_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for openssl CESA-2009:0004 centos4 i386 File : nvt/gb_CESA-2009_0004_openssl_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for openssl097a CESA-2009:0004 centos5 i386 File : nvt/gb_CESA-2009_0004_openssl097a_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for openssl096b CESA-2009:0004 centos3 i386 File : nvt/gb_CESA-2009_0004_openssl096b_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for openssl CESA-2009:0004-01 centos2 i386 File : nvt/gb_CESA-2009_0004-01_openssl_centos2_i386.nasl |
2011-08-09 | Name : CentOS Update for openssl CESA-2009:0004 centos5 i386 File : nvt/gb_CESA-2009_0004_openssl_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for bind CESA-2009:0020-01 centos2 i386 File : nvt/gb_CESA-2009_0020-01_bind_centos2_i386.nasl |
2011-08-09 | Name : CentOS Update for bind CESA-2009:0020 centos3 i386 File : nvt/gb_CESA-2009_0020_bind_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for bind CESA-2009:0020 centos4 i386 File : nvt/gb_CESA-2009_0020_bind_centos4_i386.nasl |
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-19 | Name : Mandrake Security Advisory MDVSA-2009:271 (libnasl) File : nvt/mdksa_2009_271.nasl |
2009-10-13 | Name : SLES10: Security update for compat-openssl097g File : nvt/sles10_compat-openssl00.nasl |
2009-10-13 | Name : Solaris Update for sshd 140119-11 File : nvt/gb_solaris_140119_11.nasl |
2009-10-13 | Name : SLES10: Security update for openssl File : nvt/sles10_openssl.nasl |
2009-10-13 | Name : SLES10: Security update for bind File : nvt/sles10_bind.nasl |
2009-10-10 | Name : SLES9: Security update for bind File : nvt/sles9p5041320.nasl |
2009-10-10 | Name : SLES9: Security update for openssl File : nvt/sles9p5041421.nasl |
2009-09-23 | Name : Solaris Update for sshd 140119-07 File : nvt/gb_solaris_140119_07.nasl |
2009-09-23 | Name : Solaris Update for sshd 140119-09 File : nvt/gb_solaris_140119_09.nasl |
2009-06-23 | Name : Fedora Core 10 FEDORA-2009-5412 (openssl) File : nvt/fcore_2009_5412.nasl |
2009-06-23 | Name : Fedora Core 9 FEDORA-2009-5423 (openssl) File : nvt/fcore_2009_5423.nasl |
2009-06-05 | Name : Ubuntu USN-776-2 (kvm) File : nvt/ubuntu_776_2.nasl |
2009-06-05 | Name : Ubuntu USN-707-1 (cupsys) File : nvt/ubuntu_707_1.nasl |
2009-06-03 | Name : Solaris Update for Kernel 139555-08 File : nvt/gb_solaris_139555_08.nasl |
2009-06-03 | Name : Solaris Update for sshd 140119-06 File : nvt/gb_solaris_140119_06.nasl |
2009-05-05 | Name : HP-UX Update for OpenSSL HPSBUX02418 File : nvt/gb_hp_ux_HPSBUX02418.nasl |
2009-04-06 | Name : Gentoo Security Advisory GLSA 200904-05 (ntp) File : nvt/glsa_200904_05.nasl |
2009-03-13 | Name : Gentoo Security Advisory GLSA 200903-14 (bind) File : nvt/glsa_200903_14.nasl |
2009-02-18 | Name : Mandrake Security Advisory MDVSA-2009:037 (bind) File : nvt/mdksa_2009_037.nasl |
2009-02-13 | Name : Gentoo Security Advisory GLSA 200902-02 (openssl) File : nvt/glsa_200902_02.nasl |
2009-02-10 | Name : CentOS Security Advisory CESA-2009:0020-01 (bind) File : nvt/ovcesa2009_0020_01.nasl |
2009-02-10 | Name : CentOS Security Advisory CESA-2009:0004-01 (openssl) File : nvt/ovcesa2009_0004_01.nasl |
2009-01-26 | Name : SuSE Security Advisory SUSE-SA:2009:006 (openssl) File : nvt/suse_sa_2009_006.nasl |
2009-01-26 | Name : SuSE Security Advisory SUSE-SA:2009:005 (bind) File : nvt/suse_sa_2009_005.nasl |
2009-01-26 | Name : Fedora Core 10 FEDORA-2009-0544 (ntp) File : nvt/fcore_2009_0544.nasl |
2009-01-26 | Name : Fedora Core 9 FEDORA-2009-0547 (ntp) File : nvt/fcore_2009_0547.nasl |
2009-01-22 | Name : OpenSSL DSA_do_verify() Security Bypass Vulnerability in NASL File : nvt/secpod_nasl_sec_bypass_vuln.nasl |
2009-01-20 | Name : FreeBSD Security Advisory (FreeBSD-SA-09:04.bind.asc) File : nvt/freebsdsa_bind6.nasl |
2009-01-20 | Name : Fedora Core 9 FEDORA-2009-0350 (bind) File : nvt/fcore_2009_0350.nasl |
2009-01-20 | Name : Fedora Core 10 FEDORA-2009-0419 (tqsllib) File : nvt/fcore_2009_0419.nasl |
2009-01-20 | Name : Fedora Core 10 FEDORA-2009-0451 (bind) File : nvt/fcore_2009_0451.nasl |
2009-01-20 | Name : Fedora Core 9 FEDORA-2009-0543 (tqsllib) File : nvt/fcore_2009_0543.nasl |
2009-01-15 | Name : OpenSSL DSA_verify() Security Bypass Vulnerability in BIND File : nvt/gb_bind_sec_bypass_vuln.nasl |
2009-01-13 | Name : Ubuntu USN-704-1 (openssl) File : nvt/ubuntu_704_1.nasl |
2009-01-13 | Name : Ubuntu USN-706-1 (bind9) File : nvt/ubuntu_706_1.nasl |
2009-01-13 | Name : RedHat Security Advisory RHSA-2009:0020 File : nvt/RHSA_2009_0020.nasl |
2009-01-13 | Name : CentOS Security Advisory CESA-2009:0020 (bind) File : nvt/ovcesa2009_0020.nasl |
2009-01-13 | Name : CentOS Security Advisory CESA-2009:0004 (openssl) File : nvt/ovcesa2009_0004.nasl |
2009-01-13 | Name : Mandrake Security Advisory MDVSA-2009:002 (bind) File : nvt/mdksa_2009_002.nasl |
2009-01-13 | Name : FreeBSD Security Advisory (FreeBSD-SA-09:02.openssl.asc) File : nvt/freebsdsa_openssl6.nasl |
2009-01-13 | Name : Fedora Core 10 FEDORA-2009-0331 (openssl) File : nvt/fcore_2009_0331.nasl |
2009-01-13 | Name : Fedora Core 9 FEDORA-2009-0325 (openssl) File : nvt/fcore_2009_0325.nasl |
2009-01-13 | Name : Debian Security Advisory DSA 1703-1 (bind9) File : nvt/deb_1703_1.nasl |
2009-01-13 | Name : Debian Security Advisory DSA 1701-1 (openssl, openssl097) File : nvt/deb_1701_1.nasl |
2009-01-09 | Name : libcrypt-openssl-dsa-perl Security Bypass Vulnerability in OpenSSL File : nvt/gb_openssl_sec_bypass_vuln.nasl |
2009-01-07 | Name : RedHat Security Advisory RHSA-2009:0004 File : nvt/RHSA_2009_0004.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-014-03 ntp File : nvt/esoft_slk_ssa_2009_014_03.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-014-02 bind File : nvt/esoft_slk_ssa_2009_014_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-014-01 openssl File : nvt/esoft_slk_ssa_2009_014_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
62878 | SSH Tectia Audit Player EVP_VerifyFinal Function DSA / ECDSA Key Validation W... |
53115 | ISC BIND EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Wea... |
51368 | OpenSSL DSA_verify Function SSL/TLS Signature Validation Weakness |
51164 | OpenSSL EVP_VerifyFinal Function DSA / ECDSA Key Validation Weakness OpenSSL contains a flaw that may allow a malicious user to perform a 'man in the middle' attack. The issue is triggered when several functions within OpenSSL incorrectly check the result of the EVP_VerifyFinal function. It is possible that the flaw may allow a malformed signature to be treated as a good signature instead of an error, resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-04-21 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO |
2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0004_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2009-0011.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL11503.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL9754.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0004.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0020.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2009-0046.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IV11742.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IV11743.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IV11744.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IV09978.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IV09491.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IV10049.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090108_bind_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090107_openssl_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-01-04 | Name : The remote server is affected by a signature validation bypass vulnerability. File : openssl_0_9_8j.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_compat-openssl097g-7645.nasl - Type : ACT_GATHER_INFO |
2011-07-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO |
2011-07-28 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_compat-openssl097g-7644.nasl - Type : ACT_GATHER_INFO |
2011-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-014-02.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2009-0046.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_compat-openssl097g-5957.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-5949.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_bind-5905.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12328.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12341.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2009-0004.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_bind-090126.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libopenssl-devel-090121.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_compat-openssl097g-090204.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_compat-openssl097g-090127.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_bind-090112.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libopenssl-devel-090121.nasl - Type : ACT_GATHER_INFO |
2009-05-20 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_3_0_1_73.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-002.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-05-12 | Name : The remote name server is affected by a signature validation weakness. File : bind_sig_return_checks.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0331.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-704-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-705-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-706-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0451.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0544.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-037.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-002.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-001.nasl - Type : ACT_GATHER_INFO |
2009-04-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200904-05.nasl - Type : ACT_GATHER_INFO |
2009-03-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200903-14.nasl - Type : ACT_GATHER_INFO |
2009-02-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200902-02.nasl - Type : ACT_GATHER_INFO |
2009-02-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0020.nasl - Type : ACT_GATHER_INFO |
2009-01-29 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-0046.nasl - Type : ACT_GATHER_INFO |
2009-01-28 | Name : The remote openSUSE host is missing a security update. File : suse_compat-openssl097g-5964.nasl - Type : ACT_GATHER_INFO |
2009-01-26 | Name : The remote openSUSE host is missing a security update. File : suse_libopenssl-devel-5951.nasl - Type : ACT_GATHER_INFO |
2009-01-26 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0547.nasl - Type : ACT_GATHER_INFO |
2009-01-22 | Name : The remote openSUSE host is missing a security update. File : suse_bind-5915.nasl - Type : ACT_GATHER_INFO |
2009-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0350.nasl - Type : ACT_GATHER_INFO |
2009-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0325.nasl - Type : ACT_GATHER_INFO |
2009-01-15 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-014-01.nasl - Type : ACT_GATHER_INFO |
2009-01-15 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-014-03.nasl - Type : ACT_GATHER_INFO |
2009-01-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1703.nasl - Type : ACT_GATHER_INFO |
2009-01-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1702.nasl - Type : ACT_GATHER_INFO |
2009-01-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1701.nasl - Type : ACT_GATHER_INFO |
2009-01-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0020.nasl - Type : ACT_GATHER_INFO |
2009-01-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0004.nasl - Type : ACT_GATHER_INFO |
2009-01-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0004.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote host is missing Sun Security Patch number 114265-23 File : solaris9_x86_114265.nasl - Type : ACT_GATHER_INFO |
2007-09-25 | Name : The remote host is missing Sun Security Patch number 112837-24 File : solaris9_112837.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-04-05 00:27:32 |
|
2014-02-17 11:39:58 |
|