Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2014:014 | First vendor Publication | 2014-01-21 |
Vendor | Mandriva | Last vendor Modification | 2014-01-21 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities has been discovered and corrected in php: The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2013-4248). The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function (CVE-2013-6420). The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification (CVE-2013-6712). The updated php packages have been upgraded to the 5.5.8 version which is not vulnerable to these issues. Additionally, the PECL packages which requires so has been rebuilt for php-5.5.8 and some has been upgraded to their latest versions. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:014 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
25 % | CWE-295 | Certificate Issues |
25 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10751 | |||
Oval ID: | oval:org.mitre.oval:def:10751 | ||
Title: | Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5. | ||
Description: | Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2408 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18760 | |||
Oval ID: | oval:org.mitre.oval:def:18760 | ||
Title: | DSA-2742-1 php5 - interpretation conflict | ||
Description: | It was discovered that PHP, a general-purpose scripting language commonly used for web application development, did not properly process embedded NUL characters in the subjectAltName extension of X.509 certificates. Depending on the application and with insufficient CA-level checks, this could be abused for impersonating other users. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2742-1 CVE-2013-4248 | Version: | 8 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18927 | |||
Oval ID: | oval:org.mitre.oval:def:18927 | ||
Title: | USN-1937-1 -- php5 vulnerability | ||
Description: | Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1937-1 CVE-2013-4248 | Version: | 7 |
Platform(s): | Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20214 | |||
Oval ID: | oval:org.mitre.oval:def:20214 | ||
Title: | USN-2055-1 -- php5 vulnerabilities | ||
Description: | Several security issues were fixed in PHP. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2055-1 CVE-2013-6420 CVE-2013-6712 | Version: | 5 |
Platform(s): | Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20542 | |||
Oval ID: | oval:org.mitre.oval:def:20542 | ||
Title: | DSA-2816-1 php5 - several | ||
Description: | Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2816-1 CVE-2013-6420 CVE-2013-6712 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27044 | |||
Oval ID: | oval:org.mitre.oval:def:27044 | ||
Title: | RHSA-2013:1615 -- php security, bug fix, and enhancement update (Moderate) | ||
Description: | PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2006-7243) A flaw was found in PHP's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. If an attacker was able to get a carefully crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate to conduct man-in-the-middle attacks to spoof SSL servers. (CVE-2013-4248) It was found that the PHP SOAP parser allowed the expansion of external XML entities during SOAP message parsing. A remote attacker could possibly use this flaw to read arbitrary files that are accessible to a PHP application using a SOAP extension. (CVE-2013-1643) This update fixes the following bugs: * Previously, when the allow_call_time_pass_reference setting was disabled, a virtual host on the Apache server could terminate with a segmentation fault when attempting to process certain PHP content. This bug has been fixed and virtual hosts no longer crash when allow_call_time_pass_reference is off. (BZ#892158, BZ#910466) * Prior to this update, if an error occurred during the operation of the fclose(), file_put_contents(), or copy() function, the function did not report it. This could have led to data loss. With this update, the aforementioned functions have been modified to properly report any errors. (BZ#947429) * The internal buffer for the SQLSTATE error code can store maximum of 5 characters. Previously, when certain calls exceeded this limit, a buffer overflow occurred. With this update, messages longer than 5 characters are automatically replaced with the default "HY000" string, thus preventing the overflow. (BZ#969110) In addition, this update adds the following enhancement: * This update adds the following rpm macros to the php package: %__php, %php_inidir, %php_incldir. (BZ#953814) Users of php are advised to upgrade to these updated packages, which fix these bugs and add this enhancement. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:1615 CESA-2013:1615 CVE-2006-7243 CVE-2013-1643 CVE-2013-4248 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | php |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8458 | |||
Oval ID: | oval:org.mitre.oval:def:8458 | ||
Title: | VMware Network Security Services (NSS) does not properly handle '\0' character | ||
Description: | Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2408 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2013-12-17 | PHP openssl_x509_parse() - Memory Corruption Vulnerability |
OpenVAS Exploits
Date | Description |
---|---|
2011-11-03 | Name : Mandriva Update for kdelibs4 MDVSA-2011:162 (kdelibs4) File : nvt/gb_mandriva_MDVSA_2011_162.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1432 centos3 i386 File : nvt/gb_CESA-2009_1432_seamonkey_centos3_i386.nasl |
2010-10-19 | Name : Mandriva Update for libesmtp MDVSA-2010:195 (libesmtp) File : nvt/gb_mandriva_MDVSA_2010_195.nasl |
2010-05-12 | Name : Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006 File : nvt/macosx_upd_10_6_2_secupd_2009-006.nasl |
2010-04-06 | Name : Debian Security Advisory DSA 2025-1 (icedove) File : nvt/deb_2025_1.nasl |
2010-01-29 | Name : Mandriva Update for kdelibs4 MDVSA-2010:028 (kdelibs4) File : nvt/gb_mandriva_MDVSA_2010_028.nasl |
2010-01-29 | Name : Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4) File : nvt/gb_mandriva_MDVSA_2010_027.nasl |
2010-01-29 | Name : Mandriva Update for openldap MDVSA-2010:026 (openldap) File : nvt/gb_mandriva_MDVSA_2010_026.nasl |
2010-01-19 | Name : Mandriva Update for sendmail MDVSA-2010:003 (sendmail) File : nvt/gb_mandriva_MDVSA_2010_003.nasl |
2009-12-30 | Name : FreeBSD Ports: postgresql-client, postgresql-server File : nvt/freebsd_postgresql-client.nasl |
2009-12-14 | Name : Mandriva Security Advisory MDVSA-2009:330 (kdelibs) File : nvt/mdksa_2009_330.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:197-3 (nss) File : nvt/mdksa_2009_197_3.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:201-1 (fetchmail) File : nvt/mdksa_2009_201_1.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:203-1 (curl) File : nvt/mdksa_2009_203_1.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:206-1 (wget) File : nvt/mdksa_2009_206_1.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:217-3 (mozilla-thunderbird) File : nvt/mdksa_2009_217_3.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:315 (libneon) File : nvt/mdksa_2009_315.nasl |
2009-11-11 | Name : SLES11: Security update for libneon File : nvt/sles11_libneon27.nasl |
2009-11-11 | Name : SLES10: Security update for neon File : nvt/sles10_neon.nasl |
2009-11-11 | Name : SuSE Security Summary SUSE-SR:2009:018 File : nvt/suse_sr_2009_018.nasl |
2009-10-27 | Name : Mandrake Security Advisory MDVSA-2009:288 (proftpd) File : nvt/mdksa_2009_288.nasl |
2009-10-27 | Name : SLES9: Security update for epiphany File : nvt/sles9p5060741.nasl |
2009-10-27 | Name : SuSE Security Advisory SUSE-SA:2009:048 (MozillaFirefox) File : nvt/suse_sa_2009_048.nasl |
2009-10-27 | Name : SLES10: Security update for Mozilla NSS File : nvt/sles10_mozilla-nspr.nasl |
2009-10-19 | Name : SuSE Security Summary SUSE-SR:2009:016 File : nvt/suse_sr_2009_016.nasl |
2009-10-13 | Name : Mandrake Security Advisory MDVSA-2009:217-2 (mozilla-thunderbird) File : nvt/mdksa_2009_217_2.nasl |
2009-10-13 | Name : Mandrake Security Advisory MDVSA-2009:217-1 (mozilla-thunderbird) File : nvt/mdksa_2009_217_1.nasl |
2009-10-13 | Name : SLES10: Security update for OpenLDAP2 File : nvt/sles10_openldap2.nasl |
2009-10-13 | Name : SLES10: Security update for mutt File : nvt/sles10_mutt.nasl |
2009-10-11 | Name : SLES11: Security update for Mozilla Firefox File : nvt/sles11_libfreebl3.nasl |
2009-10-11 | Name : SLES11: Security update for OpenLDAP2 File : nvt/sles11_libldap-2_4-2.nasl |
2009-10-11 | Name : SLES11: Security update for mutt File : nvt/sles11_mutt.nasl |
2009-10-10 | Name : SLES9: Security update for mutt File : nvt/sles9p5058752.nasl |
2009-10-10 | Name : SLES9: Security update for OpenLDAP2 File : nvt/sles9p5058840.nasl |
2009-09-15 | Name : Mandrake Security Advisory MDVSA-2009:197-2 (nss) File : nvt/mdksa_2009_197_2.nasl |
2009-09-15 | Name : CentOS Security Advisory CESA-2009:1432 (seamonkey) File : nvt/ovcesa2009_1432.nasl |
2009-09-15 | Name : Mandrake Security Advisory MDVSA-2009:228 (libneon) File : nvt/mdksa_2009_228.nasl |
2009-09-15 | Name : Mandrake Security Advisory MDVSA-2009:225 (qt4) File : nvt/mdksa_2009_225.nasl |
2009-09-15 | Name : RedHat Security Advisory RHSA-2009:1432 File : nvt/RHSA_2009_1432.nasl |
2009-09-02 | Name : Mandrake Security Advisory MDVSA-2009:221 (libneon0.27) File : nvt/mdksa_2009_221.nasl |
2009-09-02 | Name : Mandrake Security Advisory MDVSA-2009:217 (mozilla-thunderbird) File : nvt/mdksa_2009_217.nasl |
2009-09-02 | Name : Mandrake Security Advisory MDVSA-2009:216 (mozilla-thunderbird) File : nvt/mdksa_2009_216.nasl |
2009-09-02 | Name : Debian Security Advisory DSA 1874-1 (nss) File : nvt/deb_1874_1.nasl |
2009-09-02 | Name : Mandrake Security Advisory MDVSA-2009:206 (wget) File : nvt/mdksa_2009_206.nasl |
2009-09-02 | Name : Mandrake Security Advisory MDVSA-2009:203 (curl) File : nvt/mdksa_2009_203.nasl |
2009-08-17 | Name : Ubuntu USN-810-1 (nss) File : nvt/ubuntu_810_1.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1184 File : nvt/RHSA_2009_1184.nasl |
2009-08-17 | Name : Ubuntu USN-810-2 (fixed) File : nvt/ubuntu_810_2.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:201 (fetchmail) File : nvt/mdksa_2009_201.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:198 (firefox) File : nvt/mdksa_2009_198.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:197 (nss) File : nvt/mdksa_2009_197.nasl |
2009-08-17 | Name : FreeBSD Ports: firefox, linux-firefox-devel File : nvt/freebsd_firefox40.nasl |
2009-08-17 | Name : FreeBSD Ports: fetchmail File : nvt/freebsd_fetchmail12.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1207 File : nvt/RHSA_2009_1207.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1190 File : nvt/RHSA_2009_1190.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1186 File : nvt/RHSA_2009_1186.nasl |
2009-08-05 | Name : Firefox SSL Server Spoofing Vulnerability (Win) File : nvt/gb_firefox_ssl_spoof_vuln_win.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
56723 | Mozilla Multiple Products Certificate Authority (CA) Common Name Null Byte Ha... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-02-27 | IAVM : 2014-A-0030 - Apple Mac OS X Security Update 2014-001 Severity : Category I - VMSKEY : V0044547 |
2013-08-22 | IAVM : 2013-B-0093 - Multiple Vulnerabilities in PHP Severity : Category I - VMSKEY : V0040108 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-04-17 | PHP DateInterval heap buffer overread denial of service attempt RuleID : 30200 - Revision : 3 - Type : SERVER-WEBAPP |
2014-04-17 | PHP DateInterval heap buffer overread denial of service attempt RuleID : 30199 - Revision : 3 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-07-31 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_jsa10804.nasl - Type : ACT_GATHER_INFO |
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0001_remote.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0064-1.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_3.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-004.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_php_20140401.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_php_20140522.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_ruby_20130924.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1615.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1824.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1825.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-393.nasl - Type : ACT_GATHER_INFO |
2014-10-08 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_4.nasl - Type : ACT_GATHER_INFO |
2014-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-11.nasl - Type : ACT_GATHER_INFO |
2014-08-20 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_3_29.nasl - Type : ACT_GATHER_INFO |
2014-08-19 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_d2a892b9260511e49da000a0986f28c4.nasl - Type : ACT_GATHER_INFO |
2014-08-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO |
2014-08-07 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1012.nasl - Type : ACT_GATHER_INFO |
2014-08-07 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140806_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-1032.nasl - Type : ACT_GATHER_INFO |
2014-02-25 | Name : The remote host is missing a Mac OS X update that fixes a certificate validat... File : macosx_10_9_2.nasl - Type : ACT_GATHER_INFO |
2014-02-25 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2014-001.nasl - Type : ACT_GATHER_INFO |
2014-01-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-024.nasl - Type : ACT_GATHER_INFO |
2014-01-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-014.nasl - Type : ACT_GATHER_INFO |
2014-01-15 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-131220.nasl - Type : ACT_GATHER_INFO |
2014-01-15 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php53-131218.nasl - Type : ACT_GATHER_INFO |
2014-01-14 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-013-03.nasl - Type : ACT_GATHER_INFO |
2014-01-13 | Name : The remote web server uses a version of PHP that is potentially affected by m... File : php_5_4_24.nasl - Type : ACT_GATHER_INFO |
2014-01-13 | Name : The remote web server uses a version of PHP that is potentially affected by m... File : php_5_5_8.nasl - Type : ACT_GATHER_INFO |
2013-12-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-262.nasl - Type : ACT_GATHER_INFO |
2013-12-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-263.nasl - Type : ACT_GATHER_INFO |
2013-12-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-264.nasl - Type : ACT_GATHER_INFO |
2013-12-20 | Name : The remote Fedora host is missing a security update. File : fedora_2013-23164.nasl - Type : ACT_GATHER_INFO |
2013-12-20 | Name : The remote Fedora host is missing a security update. File : fedora_2013-23215.nasl - Type : ACT_GATHER_INFO |
2013-12-16 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_47b4e713651311e3868f0025905a4771.nasl - Type : ACT_GATHER_INFO |
2013-12-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2816.nasl - Type : ACT_GATHER_INFO |
2013-12-14 | Name : The remote web server uses a version of PHP that is potentially affected by m... File : php_5_3_28.nasl - Type : ACT_GATHER_INFO |
2013-12-14 | Name : The remote web server uses a version of PHP that is potentially affected by a... File : php_5_4_23.nasl - Type : ACT_GATHER_INFO |
2013-12-14 | Name : The remote web server uses a version of PHP that is potentially affected by a... File : php_5_5_7.nasl - Type : ACT_GATHER_INFO |
2013-12-13 | Name : The remote Fedora host is missing a security update. File : fedora_2013-23208.nasl - Type : ACT_GATHER_INFO |
2013-12-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2055-1.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1813.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1814.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1814.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131211_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131211_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1813.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1813.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1814.nasl - Type : ACT_GATHER_INFO |
2013-12-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131121_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-11-27 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1615.nasl - Type : ACT_GATHER_INFO |
2013-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1615.nasl - Type : ACT_GATHER_INFO |
2013-11-14 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-241.nasl - Type : ACT_GATHER_INFO |
2013-10-11 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130930_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-10-03 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1307.nasl - Type : ACT_GATHER_INFO |
2013-10-01 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-220.nasl - Type : ACT_GATHER_INFO |
2013-10-01 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-224.nasl - Type : ACT_GATHER_INFO |
2013-10-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO |
2013-09-09 | Name : The remote Fedora host is missing a security update. File : fedora_2013-14985.nasl - Type : ACT_GATHER_INFO |
2013-09-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1937-1.nasl - Type : ACT_GATHER_INFO |
2013-09-02 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-242-02.nasl - Type : ACT_GATHER_INFO |
2013-08-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-221.nasl - Type : ACT_GATHER_INFO |
2013-08-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2742.nasl - Type : ACT_GATHER_INFO |
2013-08-25 | Name : The remote Fedora host is missing a security update. File : fedora_2013-14998.nasl - Type : ACT_GATHER_INFO |
2013-08-21 | Name : The remote web server uses a version of PHP that is potentially affected by m... File : php_5_4_18.nasl - Type : ACT_GATHER_INFO |
2013-08-21 | Name : The remote web server uses a version of PHP that is potentially affected by m... File : php_5_5_2.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1184.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-810-3.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaThunderbird-090915.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ70637.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ72510.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ72515.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ72528.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ72834.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ72835.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ72836.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ72837.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1190.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1207.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090731_nspr_and_nss_for_SL_4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090731_nspr_and_nss_for_SL_5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090909_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2011-11-02 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-162.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_neon-6549.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openldap2-6598.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-195.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-027.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-028.nasl - Type : ACT_GATHER_INFO |
2010-04-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2025.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1874.nasl - Type : ACT_GATHER_INFO |
2010-01-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-026.nasl - Type : ACT_GATHER_INFO |
2010-01-13 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-003.nasl - Type : ACT_GATHER_INFO |
2010-01-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0001.nasl - Type : ACT_GATHER_INFO |
2009-12-17 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e7bc5600eaa011debd9c00215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2009-12-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-315.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_2.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-006.nasl - Type : ACT_GATHER_INFO |
2009-10-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libneon-devel-091012.nasl - Type : ACT_GATHER_INFO |
2009-10-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libneon-devel-091012.nasl - Type : ACT_GATHER_INFO |
2009-10-30 | Name : The remote openSUSE host is missing a security update. File : suse_libneon-devel-6550.nasl - Type : ACT_GATHER_INFO |
2009-10-30 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-6538.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libneon-devel-091012.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_neon-6548.nasl - Type : ACT_GATHER_INFO |
2009-10-26 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-288.nasl - Type : ACT_GATHER_INFO |
2009-10-22 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12521.nasl - Type : ACT_GATHER_INFO |
2009-10-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-091007.nasl - Type : ACT_GATHER_INFO |
2009-10-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-091007.nasl - Type : ACT_GATHER_INFO |
2009-10-20 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-nspr-6541.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-6493.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_libfreebl3-6494.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_libldap-2_4-2-6488.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_mutt-6487.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12505.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12506.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libfreebl3-090812.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libldap-2_4-2-090915.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_mutt-090909.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mutt-6484.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openldap2-6485.nasl - Type : ACT_GATHER_INFO |
2009-09-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libldap-2_4-2-090909.nasl - Type : ACT_GATHER_INFO |
2009-09-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mutt-090909.nasl - Type : ACT_GATHER_INFO |
2009-09-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libldap-2_4-2-090909.nasl - Type : ACT_GATHER_INFO |
2009-09-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_mutt-090909.nasl - Type : ACT_GATHER_INFO |
2009-09-18 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-090914.nasl - Type : ACT_GATHER_INFO |
2009-09-18 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-090914.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2009-09-09 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-225.nasl - Type : ACT_GATHER_INFO |
2009-09-04 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1118.nasl - Type : ACT_GATHER_INFO |
2009-08-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-221.nasl - Type : ACT_GATHER_INFO |
2009-08-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-217.nasl - Type : ACT_GATHER_INFO |
2009-08-21 | Name : The remote Windows host contains a mail client that is affected by a security... File : mozilla_thunderbird_20023.nasl - Type : ACT_GATHER_INFO |
2009-08-20 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2009-206.nasl - Type : ACT_GATHER_INFO |
2009-08-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libfreebl3-090812.nasl - Type : ACT_GATHER_INFO |
2009-08-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libfreebl3-090812.nasl - Type : ACT_GATHER_INFO |
2009-08-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-203.nasl - Type : ACT_GATHER_INFO |
2009-08-13 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-201.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-197.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-198.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_49e8f2ee814711dea9940030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-810-1.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-810-2.nasl - Type : ACT_GATHER_INFO |
2009-08-04 | Name : The remote Windows host contains a web browser that is affected by multiple f... File : mozilla_firefox_3013.nasl - Type : ACT_GATHER_INFO |
2009-07-31 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1184.nasl - Type : ACT_GATHER_INFO |
2009-07-31 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1186.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:44:16 |
|
2014-01-29 21:26:27 |
|
2014-01-22 00:18:29 |
|