6.5 - MDVSA-2015:119

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	MDVSA-2015:119	First vendor Publication	2015-03-29
Vendor	Mandriva	Last vendor Modification	2015-03-29
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Cvss Base Score	6.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	8	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Updated x11-server packages fix security vulnerabilities:

Ilja van Sprundel of IOActive discovered several security issues in the X.org X server, which may lead to privilege escalation or denial of service (CVE-2014-8091, CVE-2014-8092, CVE-2014-8093, CVE-2014-8094, CVE-2014-8095, CVE-2014-8096, CVE-2014-8097, CVE-2014-8098, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102).

Olivier Fourdan from Red Hat has discovered a protocol handling issue in the way the X server code base handles the XkbSetGeometry request, where the server trusts the client to send valid string lengths. A malicious client with string lengths exceeding the request length can cause the server to copy adjacent memory data into the XKB structs. This data is then available to the client via the XkbGetGeometry request. This can lead to information disclosure issues, as well as possibly a denial of service if a similar request can cause the server to crash (CVE-2015-0255).

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:119

CWE : Common Weakness Enumeration

%	Id	Name
80 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
10 %	CWE-200	Information Exposure
10 %	CWE-190	Integer Overflow or Wraparound (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28527

Oval ID:	oval:org.mitre.oval:def:28527
Title:	DSA-3095-1 -- xorg-server security update
Description:	Ilja van Sprundel of IOActive discovered several security issues in the X.org X server, which may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-3095-1 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102	Version:	4
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	xorg-server
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xorg-server is earlier than 2:1.12.4-6+deb7u5

Definition Id: oval:org.mitre.oval:def:28577

Oval ID:	oval:org.mitre.oval:def:28577
Title:	ELSA-2014-1982 -- xorg-x11-server security update (important)
Description:	[1.1.1-48.107.0.1.el5_11] - Added oracle-enterprise-detect.patch - Replaced 'Red Hat' in spec file [1.1.1-48.107] - CVE-2014-8091 denial of service due to unchecked malloc in client authentication (#1168680) - CVE-2014-8092 integer overflow in X11 core protocol requests when calculating memory needs for requests (#1168684) - CVE-2014-8097 out of bounds access due to not validating length or offset values in DBE extension (#1168705) - CVE-2014-8095 out of bounds access due to not validating length or offset values in XInput extension (#1168694) - CVE-2014-8096 out of bounds access due to not validating length or offset values in XC-MISC extension(#1168700) - CVE-2014-8099 out of bounds access due to not validating length or offset values in XVideo extension (#1168710) - CVE-2014-8100 out of bounds access due to not validating length or offset values in Render extension (#1168711) - CVE-2014-8102 out of bounds access due to not validating length or offset values in XFixes extension (#1168714) - CVE-2014-8101 out of bounds access due to not validating length or offset values in RandR extension (#1168713) - CVE-2014-8093 xorg-x11-server: integer overflow in GLX extension requests when calculating memory needs for requests (#1168688) - CVE-2014-8098 xorg-x11-server: out of bounds access due to not validating length or offset values in GLX extension (#1168707) [1.1.1-48.104] - xserver-1.1.1-randr-config-timestamps.patch: Backport timestamp comparison fix from upstream RANDR code (#1006076) [1.1.1-48.103] - CVE-2013-6424: Fix OOB in trapezoid rasterization
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1982 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102	Version:	3
Platform(s):	Oracle Linux 5	Product(s):	xorg-x11-server
Definition Synopsis:
Oracle Linux 5.x Packages match section xorg-x11-server is earlier than 0:1.1.1-48.107.0.1.el5_11 AND xorg-x11-server-Xdmx is earlier than 0:1.1.1-48.107.0.1.el5_11 AND xorg-x11-server-Xephyr is earlier than 0:1.1.1-48.107.0.1.el5_11 AND xorg-x11-server-Xnest is earlier than 0:1.1.1-48.107.0.1.el5_11 AND xorg-x11-server-Xorg is earlier than 0:1.1.1-48.107.0.1.el5_11 AND xorg-x11-server-Xvfb is earlier than 0:1.1.1-48.107.0.1.el5_11 AND xorg-x11-server-Xvnc-source is earlier than 0:1.1.1-48.107.0.1.el5_11 AND xorg-x11-server-sdk is earlier than 0:1.1.1-48.107.0.1.el5_11

Definition Id: oval:org.mitre.oval:def:28652

Oval ID:	oval:org.mitre.oval:def:28652
Title:	RHSA-2014:1982 -- xorg-x11-server security update (Important)
Description:	X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2014-8092, CVE-2014-8093, CVE-2014-8098) It was found that the X.Org server did not properly handle SUN-DES-1 (Secure RPC) authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request. (CVE-2014-8091) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server, or leak memory contents to the client. (CVE-2014-8097) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server. (CVE-2014-8095, CVE-2014-8096, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102) All xorg-x11-server users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1982 CESA-2014:1982 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102	Version:	3
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	xorg-x11-server
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section xorg-x11-server-debuginfo is earlier than 0:1.1.1-48.107.el5_11 AND xorg-x11-server-sdk is earlier than 0:1.1.1-48.107.el5_11 AND xorg-x11-server-Xdmx is earlier than 0:1.1.1-48.107.el5_11 AND xorg-x11-server-Xephyr is earlier than 0:1.1.1-48.107.el5_11 AND xorg-x11-server-Xnest is earlier than 0:1.1.1-48.107.el5_11 AND xorg-x11-server-Xorg is earlier than 0:1.1.1-48.107.el5_11 AND xorg-x11-server-Xvfb is earlier than 0:1.1.1-48.107.el5_11 AND xorg-x11-server-Xvnc-source is earlier than 0:1.1.1-48.107.el5_11 AND CentOS Linux 5 release section The operating system installed on the system is CentOS Linux 5.x Packages match section xorg-x11-server-sdk is earlier than 0:1.1.1-48.107.el5.centos AND xorg-x11-server-Xdmx is earlier than 0:1.1.1-48.107.el5.centos AND xorg-x11-server-Xephyr is earlier than 0:1.1.1-48.107.el5.centos AND xorg-x11-server-Xnest is earlier than 0:1.1.1-48.107.el5.centos AND xorg-x11-server-Xorg is earlier than 0:1.1.1-48.107.el5.centos AND xorg-x11-server-Xvfb is earlier than 0:1.1.1-48.107.el5.centos AND xorg-x11-server-Xvnc-source is earlier than 0:1.1.1-48.107.el5.centos

CPE : Common Platform Enumeration

Type	Description	Count
Application	X.Org x11 cpe:2.3:a:x.org:x11:6.8:::::::* cpe:2.3:a:x.org:x11:6.7:::::::* cpe:2.3:a:x.org:x11:6.1:::::::* cpe:2.3:a:x.org:x11:6.0:::::::* cpe:2.3:a:x.org:x11:5.0:::::::* cpe:2.3:a:x.org:x11:4.0:::::::* cpe:2.3:a:x.org:x11:1.0:::::::*	7
Application	X.Org xfree86 cpe:2.3:a:x.org:xfree86:4.2.0:::::::* cpe:2.3:a:x.org:xfree86:4.0.1:::::::* cpe:2.3:a:x.org:xfree86:4.0:::::::*	3
Application	X.Org Xorg-Server cpe:2.3:a:x.org:xorg-server:1.9.99.903:::::::* cpe:2.3:a:x.org:xorg-server:1.9.99.902:::::::* cpe:2.3:a:x.org:xorg-server:1.9.99.901:::::::* cpe:2.3:a:x.org:xorg-server:1.9.5:::::::* cpe:2.3:a:x.org:xorg-server:1.9.4.901:::::::* cpe:2.3:a:x.org:xorg-server:1.9.4:::::::* cpe:2.3:a:x.org:xorg-server:1.9.3.902:::::::* cpe:2.3:a:x.org:xorg-server:1.9.3.901:::::::* cpe:2.3:a:x.org:xorg-server:1.9.3:::::::* cpe:2.3:a:x.org:xorg-server:1.9.2.902:::::::* cpe:2.3:a:x.org:xorg-server:1.9.2.901:::::::* cpe:2.3:a:x.org:xorg-server:1.9.2:::::::* cpe:2.3:a:x.org:xorg-server:1.9.1:::::::* cpe:2.3:a:x.org:xorg-server:1.9.0.902:::::::* cpe:2.3:a:x.org:xorg-server:1.9.0.901:::::::* cpe:2.3:a:x.org:xorg-server:1.9.0:::::::* cpe:2.3:a:x.org:xorg-server:1.8.99.905:::::::* cpe:2.3:a:x.org:xorg-server:1.8.99.904:::::::* cpe:2.3:a:x.org:xorg-server:1.8.99.903:::::::* cpe:2.3:a:x.org:xorg-server:1.8.99.902:::::::* cpe:2.3:a:x.org:xorg-server:1.8.99.901:::::::* cpe:2.3:a:x.org:xorg-server:1.8.2.902:::::::* cpe:2.3:a:x.org:xorg-server:1.8.2.901:::::::* cpe:2.3:a:x.org:xorg-server:1.8.2:::::::* cpe:2.3:a:x.org:xorg-server:1.8.1.902:::::::* cpe:2.3:a:x.org:xorg-server:1.8.1.901:::::::* cpe:2.3:a:x.org:xorg-server:1.8.1:::::::* cpe:2.3:a:x.org:xorg-server:1.8.0.902:::::::* cpe:2.3:a:x.org:xorg-server:1.8.0.901:::::::* cpe:2.3:a:x.org:xorg-server:1.8.0:::::::* cpe:2.3:a:x.org:xorg-server:1.7.99.902:::::::* cpe:2.3:a:x.org:xorg-server:1.7.99.901:::::::* cpe:2.3:a:x.org:xorg-server:1.7.99.2:::::::* cpe:2.3:a:x.org:xorg-server:1.7.99.1:::::::* cpe:2.3:a:x.org:xorg-server:1.7.7:::::::* cpe:2.3:a:x.org:xorg-server:1.7.6.902:::::::* cpe:2.3:a:x.org:xorg-server:1.7.6.901:::::::* cpe:2.3:a:x.org:xorg-server:1.7.6:::::::* cpe:2.3:a:x.org:xorg-server:1.7.5.902:::::::* cpe:2.3:a:x.org:xorg-server:1.7.5.901:::::::* cpe:2.3:a:x.org:xorg-server:1.7.5:::::::* cpe:2.3:a:x.org:xorg-server:1.7.4.902:::::::* cpe:2.3:a:x.org:xorg-server:1.7.4.901:::::::* cpe:2.3:a:x.org:xorg-server:1.7.4:::::::* cpe:2.3:a:x.org:xorg-server:1.7.3.902:::::::* cpe:2.3:a:x.org:xorg-server:1.7.3.901:::::::* cpe:2.3:a:x.org:xorg-server:1.7.3:::::::* cpe:2.3:a:x.org:xorg-server:1.7.2.902:::::::* cpe:2.3:a:x.org:xorg-server:1.7.2.901:::::::* cpe:2.3:a:x.org:xorg-server:1.7.2:::::::* cpe:2.3:a:x.org:xorg-server:1.7.1.902:::::::* cpe:2.3:a:x.org:xorg-server:1.7.1.901:::::::* cpe:2.3:a:x.org:xorg-server:1.7.1:::::::* cpe:2.3:a:x.org:xorg-server:1.7.0.902:::::::* cpe:2.3:a:x.org:xorg-server:1.7.0.901:::::::* cpe:2.3:a:x.org:xorg-server:1.7.0:::::::* cpe:2.3:a:x.org:xorg-server:1.3:::::::* cpe:2.3:a:x.org:xorg-server:1.2:::::::* cpe:2.3:a:x.org:xorg-server:1.17.0:::::::* cpe:2.3:a:x.org:xorg-server:1.16.3:::::::* cpe:2.3:a:x.org:xorg-server:1.16.2.99.901:::::::* cpe:2.3:a:x.org:xorg-server:1.16.2.901:::::::* cpe:2.3:a:x.org:xorg-server:1.16.2:::::::* cpe:2.3:a:x.org:xorg-server:1.16.1.901:::::::* cpe:2.3:a:x.org:xorg-server:1.16.1:::::::* cpe:2.3:a:x.org:xorg-server:1.16.0.901:::::::* cpe:2.3:a:x.org:xorg-server:1.16.0:::::::* cpe:2.3:a:x.org:xorg-server:1.15.99.904:::::::* cpe:2.3:a:x.org:xorg-server:1.15.99.903:::::::* cpe:2.3:a:x.org:xorg-server:1.15.99.902:::::::* cpe:2.3:a:x.org:xorg-server:1.15.99.901:::::::* cpe:2.3:a:x.org:xorg-server:1.15.2:::::::* cpe:2.3:a:x.org:xorg-server:1.15.1:::::::* cpe:2.3:a:x.org:xorg-server:1.15.0.901:::::::* cpe:2.3:a:x.org:xorg-server:1.15.0:::::::* cpe:2.3:a:x.org:xorg-server:1.14.99.905:::::::* cpe:2.3:a:x.org:xorg-server:1.14.99.904:::::::* cpe:2.3:a:x.org:xorg-server:1.14.99.903:::::::* cpe:2.3:a:x.org:xorg-server:1.14.99.902:::::::* cpe:2.3:a:x.org:xorg-server:1.14.99.901:::::::* cpe:2.3:a:x.org:xorg-server:1.14.99.3:::::::* cpe:2.3:a:x.org:xorg-server:1.14.99.2:::::::* cpe:2.3:a:x.org:xorg-server:1.14.99.1:::::::* cpe:2.3:a:x.org:xorg-server:1.14.7:::::::* cpe:2.3:a:x.org:xorg-server:1.14.6:::::::* cpe:2.3:a:x.org:xorg-server:1.14.5.901:::::::* cpe:2.3:a:x.org:xorg-server:1.14.5:::::::* cpe:2.3:a:x.org:xorg-server:1.14.4.901:::::::* cpe:2.3:a:x.org:xorg-server:1.14.4:::::::* cpe:2.3:a:x.org:xorg-server:1.14.3.901:::::::* cpe:2.3:a:x.org:xorg-server:1.14.3.901:rc1:::::: cpe:2.3:a:x.org:xorg-server:1.14.3:::::::* cpe:2.3:a:x.org:xorg-server:1.14.2.902:::::::* cpe:2.3:a:x.org:xorg-server:1.14.2.901:::::::* cpe:2.3:a:x.org:xorg-server:1.14.2:rc1:::::: cpe:2.3:a:x.org:xorg-server:1.14.2:::::::* cpe:2.3:a:x.org:xorg-server:1.14.1.902:::::::* cpe:2.3:a:x.org:xorg-server:1.14.1.901:::::::* cpe:2.3:a:x.org:xorg-server:1.14.1:::::::* cpe:2.3:a:x.org:xorg-server:1.14.0:::::::* cpe:2.3:a:x.org:xorg-server:1.13.99.902:::::::* cpe:2.3:a:x.org:xorg-server:1.13.99.901:::::::* cpe:2.3:a:x.org:xorg-server:1.13.4:::::::* cpe:2.3:a:x.org:xorg-server:1.13.3:::::::* cpe:2.3:a:x.org:xorg-server:1.13.2.902:::::::* cpe:2.3:a:x.org:xorg-server:1.13.2.901:::::::* cpe:2.3:a:x.org:xorg-server:1.13.2:::::::* cpe:2.3:a:x.org:xorg-server:1.13.1.901:::::::* cpe:2.3:a:x.org:xorg-server:1.13.1:::::::* cpe:2.3:a:x.org:xorg-server:1.13.0.902:::::::* cpe:2.3:a:x.org:xorg-server:1.13.0.901:::::::* cpe:2.3:a:x.org:xorg-server:1.13.0:::::::* cpe:2.3:a:x.org:xorg-server:1.12.99.905:::::::* cpe:2.3:a:x.org:xorg-server:1.12.99.904:::::::* cpe:2.3:a:x.org:xorg-server:1.12.99.903:::::::* cpe:2.3:a:x.org:xorg-server:1.12.99.902:::::::* cpe:2.3:a:x.org:xorg-server:1.12.99.901:::::::* cpe:2.3:a:x.org:xorg-server:1.12.4:::::::* cpe:2.3:a:x.org:xorg-server:1.12.3.902:::::::* cpe:2.3:a:x.org:xorg-server:1.12.3.901:::::::* cpe:2.3:a:x.org:xorg-server:1.12.3:::::::* cpe:2.3:a:x.org:xorg-server:1.12.2.902:::::::* cpe:2.3:a:x.org:xorg-server:1.12.2.901:::::::* cpe:2.3:a:x.org:xorg-server:1.12.2:::::::* cpe:2.3:a:x.org:xorg-server:1.12.1.902:::::::* cpe:2.3:a:x.org:xorg-server:1.12.1.901:::::::* cpe:2.3:a:x.org:xorg-server:1.12.0.902:::::::* cpe:2.3:a:x.org:xorg-server:1.12.0.901:::::::* cpe:2.3:a:x.org:xorg-server:1.12.0:::::::* cpe:2.3:a:x.org:xorg-server:1.11.99.903:::::::* cpe:2.3:a:x.org:xorg-server:1.11.99.902:::::::* cpe:2.3:a:x.org:xorg-server:1.11.99.901:::::::* cpe:2.3:a:x.org:xorg-server:1.11.99.2:::::::* cpe:2.3:a:x.org:xorg-server:1.11.99.1:::::::* cpe:2.3:a:x.org:xorg-server:1.11.4:::::::* cpe:2.3:a:x.org:xorg-server:1.11.3.902:::::::* cpe:2.3:a:x.org:xorg-server:1.11.3.901:::::::* cpe:2.3:a:x.org:xorg-server:1.11.3:::::::* cpe:2.3:a:x.org:xorg-server:1.11.2.902:::::::* cpe:2.3:a:x.org:xorg-server:1.11.2.901:::::::* cpe:2.3:a:x.org:xorg-server:1.11.2:::::::* cpe:2.3:a:x.org:xorg-server:1.11.1.902:::::::* cpe:2.3:a:x.org:xorg-server:1.11.1.901:::::::* cpe:2.3:a:x.org:xorg-server:1.11.1:::::::* cpe:2.3:a:x.org:xorg-server:1.11.0:::::::* cpe:2.3:a:x.org:xorg-server:1.10.99.902:::::::* cpe:2.3:a:x.org:xorg-server:1.10.99.901:::::::* cpe:2.3:a:x.org:xorg-server:1.10.6:::::::* cpe:2.3:a:x.org:xorg-server:1.10.4:::::::* cpe:2.3:a:x.org:xorg-server:1.10.3.902:::::::* cpe:2.3:a:x.org:xorg-server:1.10.3.901:::::::* cpe:2.3:a:x.org:xorg-server:1.10.3:::::::* cpe:2.3:a:x.org:xorg-server:1.10.2.902:::::::* cpe:2.3:a:x.org:xorg-server:1.10.2.901:::::::* cpe:2.3:a:x.org:xorg-server:1.10.2:::::::* cpe:2.3:a:x.org:xorg-server:1.10.1.902:::::::* cpe:2.3:a:x.org:xorg-server:1.10.1.901:::::::* cpe:2.3:a:x.org:xorg-server:1.10.1:::::::* cpe:2.3:a:x.org:xorg-server:1.10.0.902:::::::* cpe:2.3:a:x.org:xorg-server:1.10.0.901:::::::* cpe:2.3:a:x.org:xorg-server:1.10.0:::::::* cpe:2.3:a:x.org:xorg-server:1.1:::::::* cpe:2.3:a:x.org:xorg-server:1.02_r5:::::::* cpe:2.3:a:x.org:xorg-server:1.02:::::::* cpe:2.3:a:x.org:xorg-server:1.01:::::::* cpe:2.3:a:x.org:xorg-server::::::::	166
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:8.0:::::::* cpe:2.3:o:debian:debian_linux:7.1:::::::* cpe:2.3:o:debian:debian_linux:7.0:::::::*	3
Os	Opensuse cpe:2.3:o:opensuse:opensuse:13.2:::::::* cpe:2.3:o:opensuse:opensuse:13.1:::::::*	2
Os	Oracle Solaris cpe:2.3:o:oracle:solaris:11.2:::::::* cpe:2.3:o:oracle:solaris:10:::::::*	2

Information Assurance Vulnerability Management (IAVM)

Date	Description
2015-07-16	IAVM : 2015-A-0160 - Multiple Vulnerabilities in Oracle Linux and Virtualization Severity : Category I - VMSKEY : V0061123

Nessus® Vulnerability Scanner

Date	Description
2015-07-16	Name : The application installed on the remote host is affected by multiple vulnerab... File : oracle_secure_global_desktop_jul_2015_cpu.nasl - Type : ACT_GATHER_INFO
2015-06-25	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1127-1.nasl - Type : ACT_GATHER_INFO
2015-06-11	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1025-1.nasl - Type : ACT_GATHER_INFO
2015-06-10	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201504-06.nasl - Type : ACT_GATHER_INFO
2015-05-27	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0939-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0398-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0047-1.nasl - Type : ACT_GATHER_INFO
2015-05-07	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-519.nasl - Type : ACT_GATHER_INFO
2015-05-04	Name : The remote Debian host is missing a security update. File : debian_DLA-218.nasl - Type : ACT_GATHER_INFO
2015-04-14	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150410_xorg_x11_server_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-04-13	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0797.nasl - Type : ACT_GATHER_INFO
2015-04-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0797.nasl - Type : ACT_GATHER_INFO
2015-04-10	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0797.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-119.nasl - Type : ACT_GATHER_INFO
2015-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2015-3964.nasl - Type : ACT_GATHER_INFO
2015-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2015-3948.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-120.nasl - Type : ACT_GATHER_INFO
2015-03-23	Name : The remote Fedora host is missing a security update. File : fedora_2015-3953.nasl - Type : ACT_GATHER_INFO
2015-03-05	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-Xvnc-150210.nasl - Type : ACT_GATHER_INFO
2015-02-23	Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-169.nasl - Type : ACT_GATHER_INFO
2015-02-23	Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-170.nasl - Type : ACT_GATHER_INFO
2015-02-18	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2500-1.nasl - Type : ACT_GATHER_INFO
2015-02-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_54a69cf7b2ef11e4b1f1bcaec565249c.nasl - Type : ACT_GATHER_INFO
2015-02-12	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3160.nasl - Type : ACT_GATHER_INFO
2015-01-16	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-470.nasl - Type : ACT_GATHER_INFO
2015-01-15	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-Xvnc-141217.nasl - Type : ACT_GATHER_INFO
2014-12-29	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-815.nasl - Type : ACT_GATHER_INFO
2014-12-23	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-356-03.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1982.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1983.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3095.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_27b9b2f0808111e4b4cabcaec565249c.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_fdf72a0e837111e4bc20001636d274f3.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1982.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1983.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1982.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1983.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141211_xorg_x11_server_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141211_xorg_x11_server_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2438-1.nasl - Type : ACT_GATHER_INFO
2014-12-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2436-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2015-03-31 13:29:37	Multiple Updates
2015-03-29 13:25:47	First insertion

Global Informations

Type	Count
CWE ID(s)	10
Oval ID(s)	3
CPE ID(s)	183
IAVM(s)	1
Nessus® Exploit(s)	41

	Related
6.5	CVE-2014-8102
6.5	CVE-2014-8101
6.5	CVE-2014-8100
6.5	CVE-2014-8099
6.5	CVE-2014-8098
6.5	CVE-2014-8097
6.5	CVE-2014-8096
6.5	CVE-2014-8095
6.5	CVE-2014-8094
6.5	CVE-2014-8093
6.5	CVE-2014-8092
6.4	CVE-2015-0255
4.3	CVE-2014-8091
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 13 more Alert(s)