Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2015:072 | First vendor Publication | 2015-03-27 |
Vendor | Mandriva | Last vendor Modification | 2015-03-27 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Updated gnutls packages fix security vulnerabilities: Suman Jana reported a vulnerability that affects the certificate verification functions of gnutls 3.1.x and gnutls 3.2.x. A version 1 intermediate certificate will be considered as a CA certificate by default (something that deviates from the documented behavior) (CVE-2014-1959). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker (CVE-2014-0092). A NULL pointer dereference flaw was discovered in GnuTLS's gnutls_x509_dn_oid_name(). The function, when called with the GNUTLS_X509_DN_OID_RETURN_OID flag, should not return NULL to its caller. However, it could previously return NULL when parsed X.509 certificates included specific OIDs (CVE-2014-3465). A flaw was found in the way GnuTLS parsed session ids from Server Hello packets of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code (CVE-2014-3466). An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC (Elliptic Curve Cryptography) certificates or certificate signing requests (CSR). A malicious user could create a specially crafted ECC certificate or a certificate signing request that, when processed by an application compiled against GnuTLS (for example, certtool), could cause that application to crash or execute arbitrary code with the permissions of the user running the application (CVE-2014-8564). |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:072 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-310 | Cryptographic Issues |
25 % | CWE-264 | Permissions, Privileges, and Access Controls |
25 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:23469 | |||
Oval ID: | oval:org.mitre.oval:def:23469 | ||
Title: | RHSA-2014:0246: gnutls security update (Important) | ||
Description: | lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0246-00 CESA-2014:0246 CVE-2014-0092 | Version: | 7 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | gnutls |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23693 | |||
Oval ID: | oval:org.mitre.oval:def:23693 | ||
Title: | DSA-2866-1 gnutls26 - certificate verification flaw | ||
Description: | Suman Jana reported that GnuTLS, deviating from the documented behavior, considers a version 1 intermediate certificate as a CA certificate by default. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2866-1 CVE-2014-1959 | Version: | 5 |
Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | gnutls26 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23918 | |||
Oval ID: | oval:org.mitre.oval:def:23918 | ||
Title: | RHSA-2014:0247: gnutls security update (Important) | ||
Description: | lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0247-00 CESA-2014:0247 CVE-2009-5138 CVE-2014-0092 | Version: | 14 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gnutls |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24126 | |||
Oval ID: | oval:org.mitre.oval:def:24126 | ||
Title: | USN-2127-1 -- gnutls26 vulnerability | ||
Description: | Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2127-1 CVE-2014-0092 | Version: | 5 |
Platform(s): | Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | gnutls26 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24255 | |||
Oval ID: | oval:org.mitre.oval:def:24255 | ||
Title: | ELSA-2014:0247: gnutls security update (Important) | ||
Description: | The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) A flaw was found in the way GnuTLS handled version 1 X.509 certificates. An attacker able to obtain a version 1 certificate from a trusted certificate authority could use this flaw to issue certificates for other sites that would be accepted by GnuTLS as valid. (CVE-2009-5138) The CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team. Users of GnuTLS are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the GnuTLS library must be restarted. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0247-00 CVE-2009-5138 CVE-2014-0092 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | gnutls |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24288 | |||
Oval ID: | oval:org.mitre.oval:def:24288 | ||
Title: | RHSA-2014:0684: gnutls security update (Important) | ||
Description: | The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) A NULL pointer dereference flaw was found in the way GnuTLS parsed X.509 certificates. A specially crafted certificate could cause a server or client application using GnuTLS to crash. (CVE-2014-3465) Red Hat would like to thank GnuTLS upstream for reporting these issues. Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original reporter of CVE-2014-3466. Users of GnuTLS are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the GnuTLS library must be restarted. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0684-00 CVE-2014-3465 CVE-2014-3466 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 7 CentOS Linux 7 | Product(s): | gnutls |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24339 | |||
Oval ID: | oval:org.mitre.oval:def:24339 | ||
Title: | DSA-2869-1 gnutls26 - incorrect certificate verification | ||
Description: | Nikos Mavrogiannopoulos of Red Hat discovered an X.509 certificate verification issue in GnuTLS, an SSL/TLS library. A certificate validation could be reported successfully even in cases were an error would prevent all verification steps to be performed. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2869-1 CVE-2014-0092 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | gnutls26 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24385 | |||
Oval ID: | oval:org.mitre.oval:def:24385 | ||
Title: | USN-2121-1 -- gnutls26 vulnerability | ||
Description: | GnuTLS incorrectly validated certain intermediate certificates. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2121-1 CVE-2014-1959 | Version: | 5 |
Platform(s): | Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | gnutls26 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24416 | |||
Oval ID: | oval:org.mitre.oval:def:24416 | ||
Title: | USN-2229-1 -- gnutls26 vulnerability | ||
Description: | GnuTLS could be made to crash or run programs if it connected to a malicious server. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2229-1 CVE-2014-3466 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | gnutls26 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24491 | |||
Oval ID: | oval:org.mitre.oval:def:24491 | ||
Title: | DSA-2944-1 gnutls26 - security update | ||
Description: | Joonas Kuorilehto discovered that GNU TLS performed insufficient validation of session IDs during TLS/SSL handshakes. A malicious server could use this to execute arbitrary code or perform denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2944-1 CVE-2014-3466 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | gnutls26 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24508 | |||
Oval ID: | oval:org.mitre.oval:def:24508 | ||
Title: | ELSA-2014:0246: gnutls security update (Important) | ||
Description: | The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) The CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team. Users of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0246-00 CVE-2014-0092 | Version: | 5 |
Platform(s): | Oracle Linux 6 | Product(s): | gnutls |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24555 | |||
Oval ID: | oval:org.mitre.oval:def:24555 | ||
Title: | RHSA-2014:0595: gnutls security update (Important) | ||
Description: | The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) Red Hat would like to thank GnuTLS upstream for reporting this issue. Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original reporter. Users of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0595-00 CESA-2014:0595 CVE-2014-3466 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | gnutls |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25230 | |||
Oval ID: | oval:org.mitre.oval:def:25230 | ||
Title: | ELSA-2014:0595: gnutls security update (Important) | ||
Description: | The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) Red Hat would like to thank GnuTLS upstream for reporting this issue. Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original reporter. Users of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0595-00 CVE-2014-3466 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | gnutls |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27132 | |||
Oval ID: | oval:org.mitre.oval:def:27132 | ||
Title: | DEPRECATED: ELSA-2014-0595 -- gnutls security update (important) | ||
Description: | [2.8.5-14] - fix session ID length check (#1102024) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0595 CVE-2014-3466 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | gnutls |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27253 | |||
Oval ID: | oval:org.mitre.oval:def:27253 | ||
Title: | DEPRECATED: ELSA-2014-0246 -- gnutls security update (important) | ||
Description: | [2.8.5-13] - fix CVE-2014-0092 (#1069890) [2.8.5-12] - fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619 upstream patch (#966754) [2.8.5-11] - fix CVE-2013-1619 - fix TLS-CBC timing attack (#908238) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0246 CVE-2014-0092 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | gnutls |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27288 | |||
Oval ID: | oval:org.mitre.oval:def:27288 | ||
Title: | ELSA-2014-0684 -- gnutls security update (important) | ||
Description: | [3.1.18-9] - fix session ID length check (#1102027) - fixes null pointer dereference (#1101727) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0684 CVE-2014-3466 CVE-2014-3465 | Version: | 3 |
Platform(s): | Oracle Linux 7 | Product(s): | gnutls |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27895 | |||
Oval ID: | oval:org.mitre.oval:def:27895 | ||
Title: | RHSA-2014:1846 -- gnutls security update (Moderate) | ||
Description: | The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC (Elliptic Curve Cryptography) certificates or certificate signing requests (CSR). A malicious user could create a specially crafted ECC certificate or a certificate signing request that, when processed by an application compiled against GnuTLS (for example, certtool), could cause that application to crash or execute arbitrary code with the permissions of the user running the application. (CVE-2014-8564) Red Hat would like to thank GnuTLS upstream for reporting this issue. Upstream acknowledges Sean Burford as the original reporter. All gnutls users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all applications linked to the GnuTLS or libtasn1 library must be restarted. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1846 CESA-2014:1846 CVE-2014-8564 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 7 CentOS Linux 7 | Product(s): | gnutls |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28182 | |||
Oval ID: | oval:org.mitre.oval:def:28182 | ||
Title: | ELSA-2014-1846 -- gnutls security update (moderate) | ||
Description: | [3.1.18-10] - Applied fix for CVE-2014-8564 (#1161472) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-1846 CVE-2014-8564 | Version: | 3 |
Platform(s): | Oracle Linux 7 | Product(s): | gnutls |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28289 | |||
Oval ID: | oval:org.mitre.oval:def:28289 | ||
Title: | USN-2403-1 -- GnuTLS vulnerability | ||
Description: | Sean Burford discovered that GnuTLS incorrectly handled printing certain elliptic curve parameters. A malicious remote server or client could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2403-1 CVE-2014-8564 | Version: | 5 |
Platform(s): | Ubuntu 14.10 | Product(s): | gnutls28 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28685 | |||
Oval ID: | oval:org.mitre.oval:def:28685 | ||
Title: | SUSE-SU-2014:1628-1 -- Security update for gnutls (moderate) | ||
Description: | gnutls was updated to fix one security issue. - Fixed parsing problem in elliptic curve blobs over TLS that could lead to remote crashes (CVE-2014-8564). | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1628-1 CVE-2014-8564 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 | Product(s): | gnutls |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2019-09-10 | GnuTLS x509 certificate validation policy bypass attempt RuleID : 50946 - Revision : 1 - Type : SERVER-OTHER |
2014-07-05 | GnuTLS Server Hello Session ID heap overflow attempt RuleID : 31179 - Revision : 5 - Type : SERVER-OTHER |
2014-07-05 | GnuTLS Server Hello Session ID heap overflow attempt RuleID : 31178 - Revision : 5 - Type : SERVER-OTHER |
2014-07-05 | GnuTLS Server Hello Session ID heap overflow attempt RuleID : 31177 - Revision : 5 - Type : SERVER-OTHER |
2014-07-05 | GnuTLS Server Hello Session ID heap overflow attempt RuleID : 31176 - Revision : 4 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-07-31 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2015-0101.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1628-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0321-1.nasl - Type : ACT_GATHER_INFO |
2015-03-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-072.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_gnutls_20141120.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_gnutls_20140915.nasl - Type : ACT_GATHER_INFO |
2014-11-24 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-696.nasl - Type : ACT_GATHER_INFO |
2014-11-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-215.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Fedora host is missing a security update. File : fedora_2014-14734.nasl - Type : ACT_GATHER_INFO |
2014-11-14 | Name : The remote Fedora host is missing a security update. File : fedora_2014-14760.nasl - Type : ACT_GATHER_INFO |
2014-11-13 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141112_gnutls_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2014-11-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1846.nasl - Type : ACT_GATHER_INFO |
2014-11-13 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1846.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2403-1.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1846.nasl - Type : ACT_GATHER_INFO |
2014-11-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0815.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0288.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0339.nasl - Type : ACT_GATHER_INFO |
2014-10-22 | Name : The remote Windows host contains a media player that is affected by multiple ... File : vlc_2_1_5.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-352.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0684.nasl - Type : ACT_GATHER_INFO |
2014-07-24 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0684.nasl - Type : ACT_GATHER_INFO |
2014-06-16 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-09.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-411.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-183.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-181.nasl - Type : ACT_GATHER_INFO |
2014-06-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-108.nasl - Type : ACT_GATHER_INFO |
2014-06-10 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6963.nasl - Type : ACT_GATHER_INFO |
2014-06-10 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6953.nasl - Type : ACT_GATHER_INFO |
2014-06-10 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6881.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-156-01.nasl - Type : ACT_GATHER_INFO |
2014-06-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0595.nasl - Type : ACT_GATHER_INFO |
2014-06-05 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6891.nasl - Type : ACT_GATHER_INFO |
2014-06-05 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_9733c480ebff11e3970b206a8a720317.nasl - Type : ACT_GATHER_INFO |
2014-06-05 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gnutls-140603.nasl - Type : ACT_GATHER_INFO |
2014-06-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0594.nasl - Type : ACT_GATHER_INFO |
2014-06-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140603_gnutls_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-06-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140603_gnutls_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-06-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0595.nasl - Type : ACT_GATHER_INFO |
2014-06-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0594.nasl - Type : ACT_GATHER_INFO |
2014-06-04 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0595.nasl - Type : ACT_GATHER_INFO |
2014-06-04 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0594.nasl - Type : ACT_GATHER_INFO |
2014-06-04 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_027af74deb5611e39032000c2980a9f3.nasl - Type : ACT_GATHER_INFO |
2014-06-03 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2229-1.nasl - Type : ACT_GATHER_INFO |
2014-06-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2944.nasl - Type : ACT_GATHER_INFO |
2014-03-17 | Name : The remote Fedora host is missing a security update. File : fedora_2014-3493.nasl - Type : ACT_GATHER_INFO |
2014-03-17 | Name : The remote Fedora host is missing a security update. File : fedora_2014-3454.nasl - Type : ACT_GATHER_INFO |
2014-03-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-301.nasl - Type : ACT_GATHER_INFO |
2014-03-11 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-048.nasl - Type : ACT_GATHER_INFO |
2014-03-07 | Name : The remote Fedora host is missing a security update. File : fedora_2014-3413.nasl - Type : ACT_GATHER_INFO |
2014-03-07 | Name : The remote Fedora host is missing a security update. File : fedora_2014-3363.nasl - Type : ACT_GATHER_INFO |
2014-03-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0247.nasl - Type : ACT_GATHER_INFO |
2014-03-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0246.nasl - Type : ACT_GATHER_INFO |
2014-03-05 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_f645aa90a3e811e3a4223c970e169bc2.nasl - Type : ACT_GATHER_INFO |
2014-03-05 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2127-1.nasl - Type : ACT_GATHER_INFO |
2014-03-04 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0247.nasl - Type : ACT_GATHER_INFO |
2014-03-04 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-062-01.nasl - Type : ACT_GATHER_INFO |
2014-03-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2869.nasl - Type : ACT_GATHER_INFO |
2014-03-04 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0246.nasl - Type : ACT_GATHER_INFO |
2014-03-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0246.nasl - Type : ACT_GATHER_INFO |
2014-03-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0247.nasl - Type : ACT_GATHER_INFO |
2014-03-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140303_gnutls_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-03-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140303_gnutls_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-03-04 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gnutls-140227.nasl - Type : ACT_GATHER_INFO |
2014-02-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2121-1.nasl - Type : ACT_GATHER_INFO |
2014-02-25 | Name : The remote Fedora host is missing a security update. File : fedora_2014-2583.nasl - Type : ACT_GATHER_INFO |
2014-02-25 | Name : The remote Fedora host is missing a security update. File : fedora_2014-2565.nasl - Type : ACT_GATHER_INFO |
2014-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2866.nasl - Type : ACT_GATHER_INFO |
2014-02-23 | Name : The remote Fedora host is missing a security update. File : fedora_2014-2588.nasl - Type : ACT_GATHER_INFO |
2014-02-20 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-050-01.nasl - Type : ACT_GATHER_INFO |
2014-02-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-043.nasl - Type : ACT_GATHER_INFO |
2014-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2014-2580.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-03-31 13:29:27 |
|
2015-03-27 21:25:37 |
|