Executive Summary
Summary | |
---|---|
Title | httpd security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0008 | First vendor Publication | 2008-01-15 |
Vendor | RedHat | Last vendor Modification | 2008-01-15 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The Apache HTTP Server is a popular Web server. A flaw was found in the mod_imagemap module. On sites where mod_imagemap was enabled and an imagemap file was publicly available, a cross-site scripting attack was possible. (CVE-2007-5000) A flaw was found in the mod_autoindex module. On sites where directory listings are used, and the "AddDefaultCharset" directive has been removed from the configuration, a cross-site scripting attack might have been possible against Web browsers which do not correctly derive the response character set following the rules in RFC 261 |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0008.html |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-18 | Embedding Scripts in Nonscript Elements |
CAPEC-63 | Simple Script Injection |
CAPEC-73 | User-Controlled Filename |
CAPEC-81 | Web Logs Tampering |
CAPEC-85 | Client Network Footprinting (using AJAX/XSS) |
CAPEC-86 | Embedding Script (XSS ) in HTTP Headers |
CAPEC-104 | Cross Zone Scripting |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
83 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
17 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10181 | |||
Oval ID: | oval:org.mitre.oval:def:10181 | ||
Title: | The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable. | ||
Description: | The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6422 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10272 | |||
Oval ID: | oval:org.mitre.oval:def:10272 | ||
Title: | Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
Description: | Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6388 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10664 | |||
Oval ID: | oval:org.mitre.oval:def:10664 | ||
Title: | Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL. | ||
Description: | Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6421 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10812 | |||
Oval ID: | oval:org.mitre.oval:def:10812 | ||
Title: | mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding. | ||
Description: | mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0005 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10929 | |||
Oval ID: | oval:org.mitre.oval:def:10929 | ||
Title: | Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection. | ||
Description: | Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-4465 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17648 | |||
Oval ID: | oval:org.mitre.oval:def:17648 | ||
Title: | USN-575-1 -- apache2 vulnerabilities | ||
Description: | It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-575-1 CVE-2006-3918 CVE-2007-3847 CVE-2007-4465 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | apache2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22498 | |||
Oval ID: | oval:org.mitre.oval:def:22498 | ||
Title: | ELSA-2008:0008: httpd security update (Moderate) | ||
Description: | mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0008-01 CVE-2007-4465 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 | Version: | 29 |
Platform(s): | Oracle Linux 5 | Product(s): | httpd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8651 | |||
Oval ID: | oval:org.mitre.oval:def:8651 | ||
Title: | Apache 'mod_proxy_balancer' Cross-Site Scripting Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6421 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Apache |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8690 | |||
Oval ID: | oval:org.mitre.oval:def:8690 | ||
Title: | Apache 'mod_proxy_balancer' Invalid bb Variable Denial of Service Vulnerability | ||
Description: | The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6422 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Apache |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9539 | |||
Oval ID: | oval:org.mitre.oval:def:9539 | ||
Title: | Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
Description: | Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5000 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003 File : nvt/macosx_upd_10_5_3_secupd_2008-003.nasl |
2010-02-03 | Name : Solaris Update for Apache 1.3 122911-19 File : nvt/gb_solaris_122911_19.nasl |
2010-02-03 | Name : Solaris Update for Apache 1.3 122912-19 File : nvt/gb_solaris_122912_19.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-22 | Name : HP-UX Update for Apache-based Web Server HPSBUX02465 File : nvt/gb_hp_ux_HPSBUX02465.nasl |
2009-10-13 | Name : Solaris Update for Apache 1.3 122912-17 File : nvt/gb_solaris_122912_17.nasl |
2009-10-13 | Name : Solaris Update for Apache 1.3 122911-17 File : nvt/gb_solaris_122911_17.nasl |
2009-10-10 | Name : SLES9: Security update for apache2 File : nvt/sles9p5012664.nasl |
2009-10-10 | Name : SLES9: Security update for Apache 2 File : nvt/sles9p5023052.nasl |
2009-10-10 | Name : SLES9: Security update for Apache File : nvt/sles9p5023075.nasl |
2009-09-23 | Name : Solaris Update for Apache 1.3 122912-16 File : nvt/gb_solaris_122912_16.nasl |
2009-09-23 | Name : Solaris Update for Apache 1.3 122911-16 File : nvt/gb_solaris_122911_16.nasl |
2009-07-17 | Name : HP-UX Update for Apache Web Server Suite HPSBUX02431 File : nvt/gb_hp_ux_HPSBUX02431.nasl |
2009-06-03 | Name : Solaris Update for Apache 1.3 122912-15 File : nvt/gb_solaris_122912_15.nasl |
2009-06-03 | Name : Solaris Update for Apache 1.3 122911-15 File : nvt/gb_solaris_122911_15.nasl |
2009-06-03 | Name : Solaris Update for Apache 2 120544-14 File : nvt/gb_solaris_120544_14.nasl |
2009-06-03 | Name : Solaris Update for Apache 2 120543-14 File : nvt/gb_solaris_120543_14.nasl |
2009-06-03 | Name : Solaris Update for Apache 116974-07 File : nvt/gb_solaris_116974_07.nasl |
2009-06-03 | Name : Solaris Update for Apache 116973-07 File : nvt/gb_solaris_116973_07.nasl |
2009-06-03 | Name : Solaris Update for Apache Security 113146-12 File : nvt/gb_solaris_113146_12.nasl |
2009-06-03 | Name : Solaris Update for Apache Security 114145-11 File : nvt/gb_solaris_114145_11.nasl |
2009-05-05 | Name : HP-UX Update for Apache HPSBUX02365 File : nvt/gb_hp_ux_HPSBUX02365.nasl |
2009-05-05 | Name : HP-UX Update for Apache HPSBUX02313 File : nvt/gb_hp_ux_HPSBUX02313.nasl |
2009-05-05 | Name : HP-UX Update for Apache HPSBUX02308 File : nvt/gb_hp_ux_HPSBUX02308.nasl |
2009-04-09 | Name : Mandriva Update for apache MDVSA-2008:016 (apache) File : nvt/gb_mandriva_MDVSA_2008_016.nasl |
2009-04-09 | Name : Mandriva Update for apache MDKSA-2007:235 (apache) File : nvt/gb_mandriva_MDKSA_2007_235.nasl |
2009-03-23 | Name : Ubuntu Update for apache2 vulnerabilities USN-575-1 File : nvt/gb_ubuntu_USN_575_1.nasl |
2009-03-06 | Name : RedHat Update for apache RHSA-2008:0004-01 File : nvt/gb_RHSA-2008_0004-01_apache.nasl |
2009-03-06 | Name : RedHat Update for httpd RHSA-2008:0005-01 File : nvt/gb_RHSA-2008_0005-01_httpd.nasl |
2009-03-06 | Name : RedHat Update for httpd RHSA-2008:0006-01 File : nvt/gb_RHSA-2008_0006-01_httpd.nasl |
2009-03-06 | Name : RedHat Update for httpd RHSA-2008:0008-01 File : nvt/gb_RHSA-2008_0008-01_httpd.nasl |
2009-02-27 | Name : Fedora Update for httpd FEDORA-2007-707 File : nvt/gb_fedora_2007_707_httpd_fc6.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0006 centos4 x86_64 File : nvt/gb_CESA-2008_0006_httpd_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0006 centos4 i386 File : nvt/gb_CESA-2008_0006_httpd_centos4_i386.nasl |
2009-02-27 | Name : Fedora Update for httpd FEDORA-2007-2214 File : nvt/gb_fedora_2007_2214_httpd_fc7.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0005 centos3 x86_64 File : nvt/gb_CESA-2008_0005_httpd_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0005 centos3 i386 File : nvt/gb_CESA-2008_0005_httpd_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for apache CESA-2008:0004-01 centos2 i386 File : nvt/gb_CESA-2008_0004-01_apache_centos2_i386.nasl |
2009-02-16 | Name : Fedora Update for httpd FEDORA-2008-1695 File : nvt/gb_fedora_2008_1695_httpd_fc8.nasl |
2009-02-16 | Name : Fedora Update for httpd FEDORA-2008-1711 File : nvt/gb_fedora_2008_1711_httpd_fc7.nasl |
2009-01-28 | Name : SuSE Update for apache2 SUSE-SA:2007:061 File : nvt/gb_suse_2007_061.nasl |
2009-01-23 | Name : SuSE Update for apache2,apache SUSE-SA:2008:021 File : nvt/gb_suse_2008_021.nasl |
2008-12-02 | Name : HP OpenView Network Node Manager XSS Vulnerability File : nvt/secpod_hp_openview_nnm_xss_vuln_900403.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-06 (apache) File : nvt/glsa_200711_06.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200803-19 (apache) File : nvt/glsa_200803_19.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-045-02 apache File : nvt/esoft_slk_ssa_2008_045_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-210-02 httpd File : nvt/esoft_slk_ssa_2008_210_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-045-01 httpd File : nvt/esoft_slk_ssa_2008_045_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42214 | Apache HTTP Server mod_proxy_ftp UTF-7 Encoded XSS |
40264 | Apache HTTP Server mod_proxy_balancer balancer_handler Function bb Variable R... |
40263 | Apache HTTP Server mod_proxy_balancer balancer-manager Multiple Parameter XSS Apache HTTP Server contains a flaw that allows a remote cross site scripting attack. This flaw exists in mod_proxy_balancer because the application does not validate the ss, wr, and rr variables, as well as other contents in the URL, upon submission to the balancer-manager. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
40262 | Apache HTTP Server mod_status refresh XSS Apache HTTP Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because with mod_status enabled, the application does not validate the refresh parameter on the server-status page. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
39134 | Apache mod_imagemap Module Imagemap Unspecified XSS |
39133 | Apache mod_imap Module Imagemap File Unspecified XSS |
38636 | Apache HTTP Server mod_autoindex.c P Variable UTF-7 Charset XSS |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Apache mod_imagemap cross site scripting attempt RuleID : 13302 - Revision : 12 - Type : SERVER-APACHE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL8186.nasl - Type : ACT_GATHER_INFO |
2013-08-11 | Name : The remote web server may be affected by multiple vulnerabilities. File : oracle_http_server_cpu_jul_2013.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0008.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0006.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0005.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0523.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0263.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080115_httpd_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0524.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0261.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0008.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12125.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12124.nasl - Type : ACT_GATHER_INFO |
2009-06-15 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_38148.nasl - Type : ACT_GATHER_INFO |
2009-06-15 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_38147.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-016.nasl - Type : ACT_GATHER_INFO |
2008-11-25 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_38761.nasl - Type : ACT_GATHER_INFO |
2008-07-29 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-210-02.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_3.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-003.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-5128.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-5127.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-5126.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-5125.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO |
2008-03-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200803-19.nasl - Type : ACT_GATHER_INFO |
2008-03-07 | Name : The remote web server is affected by multiple cross-site scripting vulnerabil... File : apache_2_0_63.nasl - Type : ACT_GATHER_INFO |
2008-03-07 | Name : The remote web server may be affected by several issues. File : apache_1_3_41.nasl - Type : ACT_GATHER_INFO |
2008-02-20 | Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_2_8.nasl - Type : ACT_GATHER_INFO |
2008-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1695.nasl - Type : ACT_GATHER_INFO |
2008-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1711.nasl - Type : ACT_GATHER_INFO |
2008-02-18 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-045-01.nasl - Type : ACT_GATHER_INFO |
2008-02-18 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-045-02.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-575-1.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0008.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0005.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0006.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0006.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0005.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0004.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-4669.nasl - Type : ACT_GATHER_INFO |
2007-12-04 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-235.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-4666.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-06.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2214.nasl - Type : ACT_GATHER_INFO |
2007-09-25 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-707.nasl - Type : ACT_GATHER_INFO |
2007-09-14 | Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_2_6.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:20 |
|