4.3 - MDVSA-2014:026

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	MDVSA-2014:026	First vendor Publication	2014-02-12
Vendor	Mandriva	Last vendor Modification	2014-02-12
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score	4.3	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability has been discovered and corrected in openldap:

The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search (CVE-2013-4449).

The updated packages have been patched to correct this issue.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:026

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-189	Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:22531

Oval ID:	oval:org.mitre.oval:def:22531
Title:	RHSA-2014:0126: openldap security and bug fix update (Moderate)
Description:	The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0126-00 CESA-2014:0126 CVE-2013-4449	Version:	8
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	openldap
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section openldap-servers is earlier than 0:2.4.23-34.el6_5.1 AND openldap-servers-sql is earlier than 0:2.4.23-34.el6_5.1 AND openldap is earlier than 0:2.4.23-34.el6_5.1 AND openldap-clients is earlier than 0:2.4.23-34.el6_5.1 AND openldap-devel is earlier than 0:2.4.23-34.el6_5.1

Definition Id: oval:org.mitre.oval:def:23794

Oval ID:	oval:org.mitre.oval:def:23794
Title:	ELSA-2014:0126: openldap security and bug fix update (Moderate)
Description:	The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0126-00 CVE-2013-4449	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	openldap
Definition Synopsis:
Oracle Linux 6.x rpm test openldap-servers is earlier than 0:2.4.23-34.el6_5.1 AND openldap-servers-sql is earlier than 0:2.4.23-34.el6_5.1 AND openldap is earlier than 0:2.4.23-34.el6_5.1 AND openldap-clients is earlier than 0:2.4.23-34.el6_5.1 AND openldap-devel is earlier than 0:2.4.23-34.el6_5.1

Definition Id: oval:org.mitre.oval:def:24289

Oval ID:	oval:org.mitre.oval:def:24289
Title:	ELSA-2014:0206: openldap security update (Moderate)
Description:	OpenLDAP is an open source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. A denial of service flaw was found in the way the OpenLDAP server daemon (slapd) performed reference counting when using the rwm (rewrite/remap) overlay. A remote attacker able to query the OpenLDAP server could use this flaw to crash the server by immediately unbinding from the server after sending a search request. (CVE-2013-4449) Red Hat would like to thank Michael Vishchers from Seven Principles AG for reporting this issue. All openldap users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0206-00 CVE-2013-4449	Version:	5
Platform(s):	Oracle Linux 5	Product(s):	openldap
Definition Synopsis:
Oracle Linux 5.x rpm test openldap-devel is earlier than 0:2.3.43-27.el5_10 AND openldap-servers-sql is earlier than 0:2.3.43-27.el5_10 AND openldap-clients is earlier than 0:2.3.43-27.el5_10 AND openldap-servers is earlier than 0:2.3.43-27.el5_10 AND openldap-servers-overlays is earlier than 0:2.3.43-27.el5_10 AND compat-openldap is earlier than 0:2.3.43_2.2.29-27.el5_10 AND openldap is earlier than 0:2.3.43-27.el5_10

Definition Id: oval:org.mitre.oval:def:24327

Oval ID:	oval:org.mitre.oval:def:24327
Title:	RHSA-2014:0206: openldap security update (Moderate)
Description:	The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0206-00 CESA-2014:0206 CVE-2013-4449	Version:	7
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	openldap
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section openldap-devel is earlier than 0:2.3.43-27.el5_10 AND openldap-servers-sql is earlier than 0:2.3.43-27.el5_10 AND openldap-clients is earlier than 0:2.3.43-27.el5_10 AND openldap-servers is earlier than 0:2.3.43-27.el5_10 AND openldap-servers-overlays is earlier than 0:2.3.43-27.el5_10 AND compat-openldap is earlier than 0:2.3.43_2.2.29-27.el5_10 AND openldap is earlier than 0:2.3.43-27.el5_10

Definition Id: oval:org.mitre.oval:def:27309

Oval ID:	oval:org.mitre.oval:def:27309
Title:	DEPRECATED: ELSA-2014-0126 -- openldap security and bug fix update (moderate)
Description:	[2.4.23-34.1] - fix: segfault on certain queries with rwm overlay (#1058250) [2.4.23-34] - fix: deadlock during SSL_ForceHandshake (#996373) + revert nss-handshake-threadsafe.patch
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0126 CVE-2013-4449	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	openldap
Definition Synopsis:
Oracle Linux 6.x Packages match section openldap is earlier than 0:2.4.23-34.el6_5.1 AND openldap-clients is earlier than 0:2.4.23-34.el6_5.1 AND openldap-devel is earlier than 0:2.4.23-34.el6_5.1 AND openldap-servers is earlier than 0:2.4.23-34.el6_5.1 AND openldap-servers-sql is earlier than 0:2.4.23-34.el6_5.1

Definition Id: oval:org.mitre.oval:def:27346

Oval ID:	oval:org.mitre.oval:def:27346
Title:	DEPRECATED: ELSA-2014-0206 -- openldap security update (moderate)
Description:	[2.3.43-27] - fix: CVE-2013-4449 segfault on certain queries with rwm overlay (#1064145) [2.3.43-26] - fix: do not send IPv6 DNS queries when IPv6 is disabled on the host (#812772)
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0206 CVE-2013-4449	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	openldap
Definition Synopsis:
Oracle Linux 5.x Packages match section openldap is earlier than 0:2.3.43-27.el5_10 AND compat-openldap is earlier than 0:2.3.43_2.2.29-27.el5_10 AND openldap-clients is earlier than 0:2.3.43-27.el5_10 AND openldap-devel is earlier than 0:2.3.43-27.el5_10 AND openldap-servers is earlier than 0:2.3.43-27.el5_10 AND openldap-servers-overlays is earlier than 0:2.3.43-27.el5_10 AND openldap-servers-sql is earlier than 0:2.3.43-27.el5_10

CPE : Common Platform Enumeration

Type	Description	Count
Application	Openldap cpe:2.3:a:openldap:openldap:2.4.9:::::::* cpe:2.3:a:openldap:openldap:2.4.8:::::::* cpe:2.3:a:openldap:openldap:2.4.7:::::::* cpe:2.3:a:openldap:openldap:2.4.6:::::::* cpe:2.3:a:openldap:openldap:2.4.36:::::::* cpe:2.3:a:openldap:openldap:2.4.35:::::::* cpe:2.3:a:openldap:openldap:2.4.34:::::::* cpe:2.3:a:openldap:openldap:2.4.33:::::::* cpe:2.3:a:openldap:openldap:2.4.32:::::::* cpe:2.3:a:openldap:openldap:2.4.31:::::::* cpe:2.3:a:openldap:openldap:2.4.30:::::::* cpe:2.3:a:openldap:openldap:2.4.3:::::::* cpe:2.3:a:openldap:openldap:2.4.29:::::::* cpe:2.3:a:openldap:openldap:2.4.28:::::::* cpe:2.3:a:openldap:openldap:2.4.27:::::::* cpe:2.3:a:openldap:openldap:2.4.26:::::::* cpe:2.3:a:openldap:openldap:2.4.25:::::::* cpe:2.3:a:openldap:openldap:2.4.24:::::::* cpe:2.3:a:openldap:openldap:2.4.23:::::::* cpe:2.3:a:openldap:openldap:2.4.22:::::::* cpe:2.3:a:openldap:openldap:2.4.21:::::::* cpe:2.3:a:openldap:openldap:2.4.20:::::::* cpe:2.3:a:openldap:openldap:2.4.19:::::::* cpe:2.3:a:openldap:openldap:2.4.18:::::::* cpe:2.3:a:openldap:openldap:2.4.17:::::::* cpe:2.3:a:openldap:openldap:2.4.16:::::::* cpe:2.3:a:openldap:openldap:2.4.15:::::::* cpe:2.3:a:openldap:openldap:2.4.14:::::::* cpe:2.3:a:openldap:openldap:2.4.13:::::::* cpe:2.3:a:openldap:openldap:2.4.12:::::::* cpe:2.3:a:openldap:openldap:2.4.11:::::::* cpe:2.3:a:openldap:openldap:2.4.10:::::::* cpe:2.3:a:openldap:openldap:2.4:::::::* cpe:2.3:a:openldap:openldap:2.3.9:::::::* cpe:2.3:a:openldap:openldap:2.3.8:::::::* cpe:2.3:a:openldap:openldap:2.3.7:::::::* cpe:2.3:a:openldap:openldap:2.3.6:::::::* cpe:2.3:a:openldap:openldap:2.3.5:::::::* cpe:2.3:a:openldap:openldap:2.3.43:::::::* cpe:2.3:a:openldap:openldap:2.3.42:::::::* cpe:2.3:a:openldap:openldap:2.3.41:::::::* cpe:2.3:a:openldap:openldap:2.3.40:::::::* cpe:2.3:a:openldap:openldap:2.3.4:::::::* cpe:2.3:a:openldap:openldap:2.3.39:::::::* cpe:2.3:a:openldap:openldap:2.3.38:::::::* cpe:2.3:a:openldap:openldap:2.3.37:::::::* cpe:2.3:a:openldap:openldap:2.3.36:::::::* cpe:2.3:a:openldap:openldap:2.3.35:::::::* cpe:2.3:a:openldap:openldap:2.3.34:::::::* cpe:2.3:a:openldap:openldap:2.3.33:::::::* cpe:2.3:a:openldap:openldap:2.3.32:::::::* cpe:2.3:a:openldap:openldap:2.3.31:::::::* cpe:2.3:a:openldap:openldap:2.3.30:::::::* cpe:2.3:a:openldap:openldap:2.3.29:::::::* cpe:2.3:a:openldap:openldap:2.3.28_e1.0.0:::::::* cpe:2.3:a:openldap:openldap:2.3.28_20061022:::::::* cpe:2.3:a:openldap:openldap:2.3.28_2006-10-22:::::::* cpe:2.3:a:openldap:openldap:2.3.28_2.20061022:::::::* cpe:2.3:a:openldap:openldap:2.3.28_2_2006-10-22:::::::* cpe:2.3:a:openldap:openldap:2.3.28:::::::* cpe:2.3:a:openldap:openldap:2.3.27_2.20061018:::::::* cpe:2.3:a:openldap:openldap:2.3.27_2_2006-10-18:::::::* cpe:2.3:a:openldap:openldap:2.3.27:::::::* cpe:2.3:a:openldap:openldap:2.3.26:::::::* cpe:2.3:a:openldap:openldap:2.3.25:::::::* cpe:2.3:a:openldap:openldap:2.3.24:::::::* cpe:2.3:a:openldap:openldap:2.3.23:::::::* cpe:2.3:a:openldap:openldap:2.3.22:::::::* cpe:2.3:a:openldap:openldap:2.3.21:::::::* cpe:2.3:a:openldap:openldap:2.3.20:::::::* cpe:2.3:a:openldap:openldap:2.3.19:::::::* cpe:2.3:a:openldap:openldap:2.3.18:::::::* cpe:2.3:a:openldap:openldap:2.3.17:::::::* cpe:2.3:a:openldap:openldap:2.3.16:::::::* cpe:2.3:a:openldap:openldap:2.3.15:::::::* cpe:2.3:a:openldap:openldap:2.3.14:::::::* cpe:2.3:a:openldap:openldap:2.3.13:::::::* cpe:2.3:a:openldap:openldap:2.3.12:::::::* cpe:2.3:a:openldap:openldap:2.3.11:::::::* cpe:2.3:a:openldap:openldap:2.3.10:::::::* cpe:2.3:a:openldap:openldap:2.2.9:::::::* cpe:2.3:a:openldap:openldap:2.2.8:::::::* cpe:2.3:a:openldap:openldap:2.2.7:::::::* cpe:2.3:a:openldap:openldap:2.2.6:::::::* cpe:2.3:a:openldap:openldap:2.2.5:::::::* cpe:2.3:a:openldap:openldap:2.2.4:::::::* cpe:2.3:a:openldap:openldap:2.2.29_rev_1.134:::::::* cpe:2.3:a:openldap:openldap:2.2.28_r2:::::::* cpe:2.3:a:openldap:openldap:2.2.27:::::::* cpe:2.3:a:openldap:openldap:2.2.26:::::::* cpe:2.3:a:openldap:openldap:2.2.25:::::::* cpe:2.3:a:openldap:openldap:2.2.24:::::::* cpe:2.3:a:openldap:openldap:2.2.23:::::::* cpe:2.3:a:openldap:openldap:2.2.22:::::::* cpe:2.3:a:openldap:openldap:2.2.21:::::::* cpe:2.3:a:openldap:openldap:2.2.20:::::::* cpe:2.3:a:openldap:openldap:2.2.19:::::::* cpe:2.3:a:openldap:openldap:2.2.18:::::::* cpe:2.3:a:openldap:openldap:2.2.17:::::::* cpe:2.3:a:openldap:openldap:2.2.16:::::::* cpe:2.3:a:openldap:openldap:2.2.15:::::::* cpe:2.3:a:openldap:openldap:2.2.14:::::::* cpe:2.3:a:openldap:openldap:2.2.13:::::::* cpe:2.3:a:openldap:openldap:2.2.12:::::::* cpe:2.3:a:openldap:openldap:2.2.11:::::::* cpe:2.3:a:openldap:openldap:2.2.10:::::::* cpe:2.3:a:openldap:openldap:2.2.1:::::::* cpe:2.3:a:openldap:openldap:2.2.0:::::::* cpe:2.3:a:openldap:openldap:2.1.9:::::::* cpe:2.3:a:openldap:openldap:2.1.8:::::::* cpe:2.3:a:openldap:openldap:2.1.7:::::::* cpe:2.3:a:openldap:openldap:2.1.6:::::::* cpe:2.3:a:openldap:openldap:2.1.5:::::::* cpe:2.3:a:openldap:openldap:2.1.4:::::::* cpe:2.3:a:openldap:openldap:2.1.30:::::::* cpe:2.3:a:openldap:openldap:2.1.3:::::::* cpe:2.3:a:openldap:openldap:2.1.29:::::::* cpe:2.3:a:openldap:openldap:2.1.28:::::::* cpe:2.3:a:openldap:openldap:2.1.27:::::::* cpe:2.3:a:openldap:openldap:2.1.26:::::::* cpe:2.3:a:openldap:openldap:2.1.25:::::::* cpe:2.3:a:openldap:openldap:2.1.24:::::::* cpe:2.3:a:openldap:openldap:2.1.23:::::::* cpe:2.3:a:openldap:openldap:2.1.22:::::::* cpe:2.3:a:openldap:openldap:2.1.21:::::::* cpe:2.3:a:openldap:openldap:2.1.20:::::::* cpe:2.3:a:openldap:openldap:2.1.2:::::::* cpe:2.3:a:openldap:openldap:2.1.19:::::::* cpe:2.3:a:openldap:openldap:2.1.18:::::::* cpe:2.3:a:openldap:openldap:2.1.17:::::::* cpe:2.3:a:openldap:openldap:2.1.16:::::::* cpe:2.3:a:openldap:openldap:2.1.15:::::::* cpe:2.3:a:openldap:openldap:2.1.14:::::::* cpe:2.3:a:openldap:openldap:2.1.13:::::::* cpe:2.3:a:openldap:openldap:2.1.12:::::::* cpe:2.3:a:openldap:openldap:2.1.11:::::::* cpe:2.3:a:openldap:openldap:2.1.10:::::::* cpe:2.3:a:openldap:openldap:2.1_.20:::::::* cpe:2.3:a:openldap:openldap:2.0.9:::::::* cpe:2.3:a:openldap:openldap:2.0.8:::::::* cpe:2.3:a:openldap:openldap:2.0.7:::::::* cpe:2.3:a:openldap:openldap:2.0.6:::::::* cpe:2.3:a:openldap:openldap:2.0.5:::::::* cpe:2.3:a:openldap:openldap:2.0.4:::::::* cpe:2.3:a:openldap:openldap:2.0.3:::::::* cpe:2.3:a:openldap:openldap:2.0.27:::::::* cpe:2.3:a:openldap:openldap:2.0.26:::::::* cpe:2.3:a:openldap:openldap:2.0.25:::::::* cpe:2.3:a:openldap:openldap:2.0.24:::::::* cpe:2.3:a:openldap:openldap:2.0.23:::::::* cpe:2.3:a:openldap:openldap:2.0.22:::::::* cpe:2.3:a:openldap:openldap:2.0.21:::::::* cpe:2.3:a:openldap:openldap:2.0.20:::::::* cpe:2.3:a:openldap:openldap:2.0.2:::::::* cpe:2.3:a:openldap:openldap:2.0.19:::::::* cpe:2.3:a:openldap:openldap:2.0.18:::::::* cpe:2.3:a:openldap:openldap:2.0.17:::::::* cpe:2.3:a:openldap:openldap:2.0.16:::::::* cpe:2.3:a:openldap:openldap:2.0.15:::::::* cpe:2.3:a:openldap:openldap:2.0.14:::::::* cpe:2.3:a:openldap:openldap:2.0.13:::::::* cpe:2.3:a:openldap:openldap:2.0.12:::::::* cpe:2.3:a:openldap:openldap:2.0.11_9:::::::* cpe:2.3:a:openldap:openldap:2.0.11_11s:::::::* cpe:2.3:a:openldap:openldap:2.0.11_11:::::::* cpe:2.3:a:openldap:openldap:2.0.11:::::::* cpe:2.3:a:openldap:openldap:2.0.10:::::::* cpe:2.3:a:openldap:openldap:2.0.1:::::::* cpe:2.3:a:openldap:openldap:2.0.0:::::::* cpe:2.3:a:openldap:openldap:2.0:::::::* cpe:2.3:a:openldap:openldap:1.2.9:::::::* cpe:2.3:a:openldap:openldap:1.2.8:::::::* cpe:2.3:a:openldap:openldap:1.2.7:::::::* cpe:2.3:a:openldap:openldap:1.2.6:::::::* cpe:2.3:a:openldap:openldap:1.2.5:::::::* cpe:2.3:a:openldap:openldap:1.2.4:::::::* cpe:2.3:a:openldap:openldap:1.2.3:::::::* cpe:2.3:a:openldap:openldap:1.2.2:::::::* cpe:2.3:a:openldap:openldap:1.2.13:::::::* cpe:2.3:a:openldap:openldap:1.2.12:::::::* cpe:2.3:a:openldap:openldap:1.2.11:::::::* cpe:2.3:a:openldap:openldap:1.2.10:::::::* cpe:2.3:a:openldap:openldap:1.2.1:::::::* cpe:2.3:a:openldap:openldap:1.2.0:::::::* cpe:2.3:a:openldap:openldap:1.2:::::::* cpe:2.3:a:openldap:openldap:1.1.4:::::::* cpe:2.3:a:openldap:openldap:1.1.3:::::::* cpe:2.3:a:openldap:openldap:1.1.2:::::::* cpe:2.3:a:openldap:openldap:1.1.1:::::::* cpe:2.3:a:openldap:openldap:1.1.0:::::::* cpe:2.3:a:openldap:openldap:1.1:::::::* cpe:2.3:a:openldap:openldap:1.0.3:::::::* cpe:2.3:a:openldap:openldap:1.0.2:::::::* cpe:2.3:a:openldap:openldap:1.0.1:::::::* cpe:2.3:a:openldap:openldap:1.0:::::::* cpe:2.3:a:openldap:openldap:::::::: cpe:2.3:a:openldap:openldap:-:::::::*	197
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:8.0:::::::* cpe:2.3:o:debian:debian_linux:7.0:::::::*	2

Nessus® Vulnerability Scanner

Date	Description
2016-06-22	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0069.nasl - Type : ACT_GATHER_INFO
2015-05-27	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2622-1.nasl - Type : ACT_GATHER_INFO
2015-05-18	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_openldap2-20150423-150413.nasl - Type : ACT_GATHER_INFO
2015-04-20	Name : The remote Debian host is missing a security update. File : debian_DLA-203.nasl - Type : ACT_GATHER_INFO
2015-03-31	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3209.nasl - Type : ACT_GATHER_INFO
2014-03-11	Name : The remote Fedora host is missing a security update. File : fedora_2014-2967.nasl - Type : ACT_GATHER_INFO
2014-03-02	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-294.nasl - Type : ACT_GATHER_INFO
2014-02-25	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0206.nasl - Type : ACT_GATHER_INFO
2014-02-25	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140224_openldap_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-02-25	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0206.nasl - Type : ACT_GATHER_INFO
2014-02-25	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0206.nasl - Type : ACT_GATHER_INFO
2014-02-13	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-026.nasl - Type : ACT_GATHER_INFO
2014-02-12	Name : The remote Fedora host is missing a security update. File : fedora_2014-2012.nasl - Type : ACT_GATHER_INFO
2014-02-04	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0126.nasl - Type : ACT_GATHER_INFO
2014-02-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140203_openldap_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-02-04	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0126.nasl - Type : ACT_GATHER_INFO
2014-02-04	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0126.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:44:19	Multiple Updates
2014-02-12 17:22:48	First insertion

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	6
CPE ID(s)	199
Nessus® Exploit(s)	17

	Related
4.3	CVE-2013-4449
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

4.3 - MDVSA-2014:026

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU