Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2014:172 | First vendor Publication | 2014-09-03 |
Vendor | Mandriva | Last vendor Modification | 2014-09-03 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities has been discovered and corrected in php: The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file (CVE-2014-2497). file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345 (CVE-2014-3538). Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571 (CVE-2014-3587). Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049 (CVE-2014-3597). gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack \%00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function (CVE-2014-5120). The updated php packages have been upgraded to the 5.5.16 version resolve these security flaws. Additionally, php-apc has been rebuilt against the updated php packages and the php-timezonedb packages has been upgraded to the 2014.6 version. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:172 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
43 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
14 % | CWE-476 | NULL Pointer Dereference |
14 % | CWE-399 | Resource Management Errors |
14 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
14 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15392 | |||
Oval ID: | oval:org.mitre.oval:def:15392 | ||
Title: | DSA-2422-1 file -- missing bounds checks | ||
Description: | The file type identification tool, file, and its associated library, libmagic, do not properly process malformed files in the Composite Document File format, leading to crashes. Note that after this update, file may return different detection results for CDF files. The new detections are believed to be more accurate. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2422-1 CVE-2012-1571 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | file |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23708 | |||
Oval ID: | oval:org.mitre.oval:def:23708 | ||
Title: | DSA-2873-1 file - several | ||
Description: | Several vulnerabilities have been found in file, a file type classification tool. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2873-1 CVE-2014-2270 CVE-2013-7345 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | file |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24159 | |||
Oval ID: | oval:org.mitre.oval:def:24159 | ||
Title: | USN-2254-1 -- php5 vulnerabilities | ||
Description: | Several security issues were fixed in PHP. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2254-1 CVE-2014-0185 CVE-2014-0237 CVE-2014-0238 CVE-2014-4049 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24930 | |||
Oval ID: | oval:org.mitre.oval:def:24930 | ||
Title: | USN-2254-2 -- php5 updates | ||
Description: | An improvement was made for PHP FPM environments. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2254-2 CVE-2014-0185 CVE-2014-0237 CVE-2014-0238 CVE-2014-4049 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 13.10 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24951 | |||
Oval ID: | oval:org.mitre.oval:def:24951 | ||
Title: | DSA-2961-1 php5 - security update | ||
Description: | It was discovered that PHP, a general-purpose scripting language commonly used for web application development, is vulnerable to a heap-based buffer overflow in the DNS TXT record parsing. A malicious server or man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application uses dns_get_record() to perform a DNS query. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2961-1 CVE-2014-4049 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25274 | |||
Oval ID: | oval:org.mitre.oval:def:25274 | ||
Title: | USN-2278-1 -- file vulnerabilities | ||
Description: | File could be made to crash or hang if it processed specially crafted data. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2278-1 CVE-2013-7345 CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3538 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | file |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26455 | |||
Oval ID: | oval:org.mitre.oval:def:26455 | ||
Title: | DSA-3021-1 file - security update | ||
Description: | Multiple security issues have been found in file, a tool to determine a file type. These vulnerabilities allow remote attackers to cause a denial of service, via resource consumption or application crash. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-3021-1 CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3538 CVE-2014-3587 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | file |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26689 | |||
Oval ID: | oval:org.mitre.oval:def:26689 | ||
Title: | DSA-3008-1 php5 - security update | ||
Description: | Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-3008-1 CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-4670 CVE-2013-7345 CVE-2014-4049 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26755 | |||
Oval ID: | oval:org.mitre.oval:def:26755 | ||
Title: | USN-2344-1 -- php5 vulnerabilities | ||
Description: | php5 could be made to crash or run programs if it received specially crafted network traffic. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2344-1 CVE-2014-3587 CVE-2014-3597 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27096 | |||
Oval ID: | oval:org.mitre.oval:def:27096 | ||
Title: | USN-2369-1 -- file vulnerability | ||
Description: | file could be made to crash or run programs as your login if it opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2369-1 CVE-2014-3587 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | file |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27209 | |||
Oval ID: | oval:org.mitre.oval:def:27209 | ||
Title: | RHSA-2014:1327: php security update (Moderate) | ||
Description: | PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP's fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. A buffer overflow flaw was found in the way the File Information (fileinfo) extension processed certain Pascal strings. A remote attacker able to make a PHP application using fileinfo convert a specially crafted Pascal string provided by an image file could cause that application to crash. (CVE-2014-3478) Multiple flaws were found in the File Information (fileinfo) extension regular expression rules for detecting various files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of CPU. (CVE-2014-3538) It was found that the fix for CVE-2012-1571 was incomplete; the File Information (fileinfo) extension did not correctly parse certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. (CVE-2014-3587) It was found that PHP's gd extension did not properly handle file names with a null character. A remote attacker could possibly use this flaw to make a PHP application access unexpected files and bypass intended file system access restrictions. (CVE-2014-5120) A NULL pointer dereference flaw was found in the gdImageCreateFromXpm() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application using gd via a specially crafted X PixMap (XPM) file. (CVE-2014-2497) Multiple buffer over-read flaws were found in the php_parserr() function of PHP. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application used the dns_get_record() function to perform a DNS query. (CVE-2014-3597) Two use-after-free flaws were found in the way PHP handled certain Standard PHP Library (SPL) Iterators and ArrayIterators. A malicious script author could possibly use either of these flaws to disclose certain portions of server memory. (CVE-2014-4670, CVE-2014-4698) The CVE-2014-3478 issue was discovered by Francisco Alonso of Red Hat Product Security, the CVE-2014-3538 issue was discovered by Jan KaluЕѕa of the Red Hat Web Stack Team, and the CVE-2014-3597 issue was discovered by David KutГЎlek of the Red Hat BaseOS QE. All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1327-00 CESA-2014:1327 CVE-2014-2497 CVE-2014-3478 CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-4670 CVE-2014-4698 CVE-2014-5120 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 7 CentOS Linux 7 | Product(s): | php |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27986 | |||
Oval ID: | oval:org.mitre.oval:def:27986 | ||
Title: | DSA-3021-2 -- file regression update | ||
Description: | Multiple security issues have been found in file, a tool to determine a file type. These vulnerabilities allow remote attackers to cause a denial of service, via resource consumption or application crash. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-3021-2 CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3538 CVE-2014-3587 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | file |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29235 | |||
Oval ID: | oval:org.mitre.oval:def:29235 | ||
Title: | DSA-2873-2 -- file -- several vulnerabilities | ||
Description: | Several vulnerabilities have been found in file, a file type classification tool. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2873-2 CVE-2014-2270 CVE-2013-7345 | Version: | 3 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | file |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29238 | |||
Oval ID: | oval:org.mitre.oval:def:29238 | ||
Title: | DSA-2422-2 -- file -- missing bounds checks | ||
Description: | The file type identification tool, file, and its associated library, libmagic, do not properly process malformed files in the Composite Document File (CDF) format, leading to crashes. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2422-2 CVE-2012-1571 | Version: | 3 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | file |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-14 (file) File : nvt/glsa_201209_14.nasl |
2012-08-03 | Name : Mandriva Update for file MDVSA-2012:035 (file) File : nvt/gb_mandriva_MDVSA_2012_035.nasl |
2012-05-31 | Name : Debian Security Advisory DSA 2422-2 (file) File : nvt/deb_2422_2.nasl |
2012-03-12 | Name : Debian Security Advisory DSA 2422-1 (file) File : nvt/deb_2422_1.nasl |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-07-03 | IAVM : 2014-B-0086 - Multiple Vulnerabilities in PHP Severity : Category I - VMSKEY : V0052897 |
Snort® IPS/IDS
Date | Description |
---|---|
2016-03-14 | PHP fileinfo cdf_read_property_info denial of service attempt RuleID : 36262 - Revision : 3 - Type : SERVER-WEBAPP |
2016-03-14 | PHP fileinfo cdf_read_property_info denial of service attempt RuleID : 36261 - Revision : 3 - Type : SERVER-WEBAPP |
2014-11-16 | PHP DNS parsing heap overflow attempt RuleID : 31460 - Revision : 3 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-10-05 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-1156.nasl - Type : ACT_GATHER_INFO |
2016-09-19 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2328-1.nasl - Type : ACT_GATHER_INFO |
2016-09-08 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2210-1.nasl - Type : ACT_GATHER_INFO |
2016-08-29 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1638-1.nasl - Type : ACT_GATHER_INFO |
2016-08-12 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_70140f20600711e6a6c314dae9d210b8.nasl - Type : ACT_GATHER_INFO |
2016-07-18 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201607-04.nasl - Type : ACT_GATHER_INFO |
2016-06-09 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20160510_file_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2016-06-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2987-1.nasl - Type : ACT_GATHER_INFO |
2016-05-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2016-0760.nasl - Type : ACT_GATHER_INFO |
2016-05-16 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0050.nasl - Type : ACT_GATHER_INFO |
2016-05-16 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2016-0760.nasl - Type : ACT_GATHER_INFO |
2016-05-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0760.nasl - Type : ACT_GATHER_INFO |
2016-01-22 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16875.nasl - Type : ACT_GATHER_INFO |
2015-12-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20151119_file_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2015-12-02 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-2155.nasl - Type : ACT_GATHER_INFO |
2015-11-24 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-2155.nasl - Type : ACT_GATHER_INFO |
2015-11-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-2155.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-004.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_3.nasl - Type : ACT_GATHER_INFO |
2015-04-09 | Name : The remote Debian host is missing a security update. File : debian_DLA-189.nasl - Type : ACT_GATHER_INFO |
2015-04-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3215.nasl - Type : ACT_GATHER_INFO |
2015-03-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-153.nasl - Type : ACT_GATHER_INFO |
2015-03-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-080.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-67.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-50.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote Fedora host is missing a security update. File : fedora_2015-0503.nasl - Type : ACT_GATHER_INFO |
2015-01-20 | Name : The remote Fedora host is missing a security update. File : fedora_2015-0432.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1606.nasl - Type : ACT_GATHER_INFO |
2014-11-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3064.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1606.nasl - Type : ACT_GATHER_INFO |
2014-10-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1606.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-367.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-332.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-333.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-342.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-343.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-372.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-382.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-393.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-398.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-415.nasl - Type : ACT_GATHER_INFO |
2014-10-03 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2369-1.nasl - Type : ACT_GATHER_INFO |
2014-10-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1327.nasl - Type : ACT_GATHER_INFO |
2014-10-01 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1327.nasl - Type : ACT_GATHER_INFO |
2014-10-01 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1326.nasl - Type : ACT_GATHER_INFO |
2014-10-01 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1327.nasl - Type : ACT_GATHER_INFO |
2014-10-01 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1326.nasl - Type : ACT_GATHER_INFO |
2014-09-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1326.nasl - Type : ACT_GATHER_INFO |
2014-09-18 | Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit... File : macosx_10_9_5.nasl - Type : ACT_GATHER_INFO |
2014-09-17 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-546.nasl - Type : ACT_GATHER_INFO |
2014-09-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-172.nasl - Type : ACT_GATHER_INFO |
2014-09-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-167.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2344-1.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3021.nasl - Type : ACT_GATHER_INFO |
2014-09-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-247-01.nasl - Type : ACT_GATHER_INFO |
2014-09-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-9684.nasl - Type : ACT_GATHER_INFO |
2014-09-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-9679.nasl - Type : ACT_GATHER_INFO |
2014-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-11.nasl - Type : ACT_GATHER_INFO |
2014-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-08.nasl - Type : ACT_GATHER_INFO |
2014-08-27 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_4_32.nasl - Type : ACT_GATHER_INFO |
2014-08-27 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_5_16.nasl - Type : ACT_GATHER_INFO |
2014-08-22 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3008.nasl - Type : ACT_GATHER_INFO |
2014-08-19 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_d2a892b9260511e49da000a0986f28c4.nasl - Type : ACT_GATHER_INFO |
2014-08-15 | Name : The remote Fedora host is missing a security update. File : fedora_2014-8458.nasl - Type : ACT_GATHER_INFO |
2014-08-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-149.nasl - Type : ACT_GATHER_INFO |
2014-08-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1013.nasl - Type : ACT_GATHER_INFO |
2014-08-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1013.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO |
2014-08-01 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-146.nasl - Type : ACT_GATHER_INFO |
2014-07-16 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2278-1.nasl - Type : ACT_GATHER_INFO |
2014-07-11 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-133.nasl - Type : ACT_GATHER_INFO |
2014-07-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-130.nasl - Type : ACT_GATHER_INFO |
2014-07-08 | Name : The remote Fedora host is missing a security update. File : fedora_2014-7782.nasl - Type : ACT_GATHER_INFO |
2014-07-06 | Name : The remote Fedora host is missing a security update. File : fedora_2014-7992.nasl - Type : ACT_GATHER_INFO |
2014-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2014-7765.nasl - Type : ACT_GATHER_INFO |
2014-06-27 | Name : The remote web server is running a version of PHP that is affected by multipl... File : php_5_5_14.nasl - Type : ACT_GATHER_INFO |
2014-06-27 | Name : The remote web server is running a version of PHP that is affected by multipl... File : php_5_4_30.nasl - Type : ACT_GATHER_INFO |
2014-06-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2254-2.nasl - Type : ACT_GATHER_INFO |
2014-06-26 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-443.nasl - Type : ACT_GATHER_INFO |
2014-06-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2254-1.nasl - Type : ACT_GATHER_INFO |
2014-06-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2961.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-221.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-270.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-419.nasl - Type : ACT_GATHER_INFO |
2014-04-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-323.nasl - Type : ACT_GATHER_INFO |
2014-04-22 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-111-02.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4767.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4735.nasl - Type : ACT_GATHER_INFO |
2014-04-11 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-075.nasl - Type : ACT_GATHER_INFO |
2014-04-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-073.nasl - Type : ACT_GATHER_INFO |
2014-03-27 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4340.nasl - Type : ACT_GATHER_INFO |
2014-03-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2873.nasl - Type : ACT_GATHER_INFO |
2014-02-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2123-1.nasl - Type : ACT_GATHER_INFO |
2012-09-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-14.nasl - Type : ACT_GATHER_INFO |
2012-03-26 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-035.nasl - Type : ACT_GATHER_INFO |
2012-03-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2422.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-09-13 13:43:11 |
|
2014-09-03 13:22:56 |
|