Executive Summary

Informations
NameMDVSA-2015:230First vendor Publication2015-05-06
VendorMandrivaLast vendor Modification2015-05-06
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:N/I:P/A:N)
Cvss Base Score2.6Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityHigh
Cvss Expoit Score4.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Updated squid packages fix security vulnerability:

Squid configured with client-first SSL-bump does not correctly validate X509 server certificate domain / hostname fields (CVE-2015-3455).

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:230

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application70
Os1
Os1
Os1

Nessus® Vulnerability Scanner

DateDescription
2016-09-02Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2008-1.nasl - Type : ACT_GATHER_INFO
2016-08-17Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-988.nasl - Type : ACT_GATHER_INFO
2016-05-09Name : The remote Fedora host is missing one or more security updates.
File : fedora_2016-7b40eb9e29.nasl - Type : ACT_GATHER_INFO
2015-12-22Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20151119_squid_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-12-02Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-2378.nasl - Type : ACT_GATHER_INFO
2015-11-24Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-2378.nasl - Type : ACT_GATHER_INFO
2015-11-20Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-2378.nasl - Type : ACT_GATHER_INFO
2015-09-14Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-581.nasl - Type : ACT_GATHER_INFO
2015-07-07Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_b6da24da23f711e5a4a5002590263bf5.nasl - Type : ACT_GATHER_INFO
2015-05-19Name : The remote proxy server may be affected by a certificate validation vulnerabi...
File : squid_3_5_4.nasl - Type : ACT_GATHER_INFO
2015-05-07Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-230.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2015-05-19 21:36:39
  • Multiple Updates
2015-05-18 21:31:52
  • Multiple Updates
2015-05-08 13:27:57
  • Multiple Updates
2015-05-06 17:25:23
  • First insertion