Executive Summary
Summary | |
---|---|
Title | Red Hat Application Stack v2.1 security and enhancement update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0505 | First vendor Publication | 2008-07-02 |
Vendor | RedHat | Last vendor Modification | 2008-07-02 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Red Hat Application Stack v2.1 is now available. This update fixes various security issues and adds several enhancements. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v2 for Enterprise Linux (v.5) - i386, noarch, x86_64 3. Description: The Red Hat Application Stack is an integrated open source application stack, and includes JBoss Enterprise Application Platform (EAP). Starting with this update, JBoss EAP is no longer provided via the Application Stack channels. Instead, all Application Stack customers are automatically entitled to the JBoss EAP channels. This ensures all users have immediate access to JBoss EAP packages when they are released, ensuring lesser wait for security and critical patches. As a result, you must MANUALLY subscribe to the appropriate JBoss EAP channel, as all further JBoss EAP updates will only go to that channel. This update also entitles all customers to the JBoss EAP 4.3.0 channels. Users receive support for JBoss EAP 4.3.0 if they choose to install it. Important: downgrading from JBoss EAP 4.3.0 to 4.2.0 is unsupported. PHP was updated to version 5.2.6, fixing the following security issues: It was discovered that the PHP escapeshellcmd() function did not properly escape multi-byte characters which are not valid in the locale used by the script. This could allow an attacker to bypass quoting restrictions imposed by escapeshellcmd() and execute arbitrary commands if the PHP script was using certain locales. Scripts using the default UTF-8 locale are not affected by this issue. (CVE-2008-2051) The PHP functions htmlentities() and htmlspecialchars() did not properly recognize partial multi-byte sequences. Certain sequences of bytes could be passed through these functions without being correctly HTML-escaped. Depending on the browser being used, an attacker could use this flaw to conduct cross-site scripting attacks. (CVE-2007-5898) A PHP script which used the transparent session ID configuration option, or which used the output_add_rewrite_var() function, could leak session identifiers to external web sites. If a page included an HTML form with an ACTION attribute referencing a non-local URL, the user's session ID would be included in the form data passed to that URL. (CVE-2007-5899) It was discovered that the PHP fnmatch() function did not restrict the length of the string argument. An attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted input data. (CVE-2007-4782) It was discovered that PHP did not properly seed its pseudo-random number generator used by functions such as rand() and mt_rand(), possibly allowing an attacker to easily predict the generated pseudo-random values. (CVE-2008-2107, CVE-2008-2108) A flaw was found in PHP's CGI server API. If the web server did not set DOCUMENT_ROOT environment variable for PHP (e.g. when running PHP in the FastCGI server mode), an attacker could cause a crash of the PHP child process, causing a temporary denial of service. (CVE-2008-0599) MySQL was updated to version 5.0.50sp1a, fixing the following security issue: MySQL did not correctly check directories used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an authenticated attacker could elevate their access privileges to tables created by other database users. Note: this attack does not work on existing tables. An attacker can only elevate their access to another user's tables as the tables are created. As well, the names of these created tables need to be predicted correctly for this attack to succeed. (CVE-2008-2079) The following packages are updated: * httpd to 2.2.8 * mod_jk to 1.2.26 * mod_perl to 2.0.4 * the MySQL Connector/ODBC to 3.51.24r1071 * the MySQL Connector/J (JDBC driver) to 5.0.8 * perl-DBD-MySQL to 4.006 * perl-DBI to 1.604 * postgresql to 8.2.7 * postgresql-jdbc to 8.2.508 * postgresqlclient81 to 8.1.11 * postgresql-odbc to 8.02.0500 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 285881 - CVE-2007-4782 php crash in glob() and fnmatch() functions 382411 - CVE-2007-5898 php htmlentities/htmlspecialchars multibyte sequences 382431 - CVE-2007-5899 php session ID leakage 445003 - CVE-2008-0599 php: buffer overflow in a CGI path translation 445006 - CVE-2008-2051 PHP multibyte shell escape flaw 445222 - CVE-2008-2079 mysql: privilege escalation via DATA/INDEX DIRECTORY directives 445684 - CVE-2008-2107 PHP 32 bit weak random seed 445685 - CVE-2008-2108 PHP weak 64 bit random seed |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0505.html |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-47 | Buffer Overflow via Parameter Expansion |
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-100 | Overflow Buffers |
CAPEC-112 | Brute Force |
CAPEC-123 | Buffer Attacks |
CAPEC-281 | Analytic Attacks |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
17 % | CWE-331 | Insufficient Entropy |
17 % | CWE-264 | Permissions, Privileges, and Access Controls |
17 % | CWE-200 | Information Exposure |
17 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
17 % | CWE-131 | Incorrect Calculation of Buffer Size (CWE/SANS Top 25) |
17 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10133 | |||
Oval ID: | oval:org.mitre.oval:def:10133 | ||
Title: | MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future. | ||
Description: | MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2079 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16967 | |||
Oval ID: | oval:org.mitre.oval:def:16967 | ||
Title: | USN-549-2 -- php5 regression | ||
Description: | USN-549-1 fixed vulnerabilities in PHP. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-549-2 CVE-2007-3998 CVE-2007-4657 CVE-2007-4658 CVE-2007-4662 CVE-2007-3799 CVE-2007-2872 CVE-2007-4660 CVE-2007-4661 CVE-2007-1285 CVE-2007-4670 CVE-2007-5898 CVE-2007-5899 | Version: | 7 |
Platform(s): | Ubuntu 7.10 | Product(s): | php5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17624 | |||
Oval ID: | oval:org.mitre.oval:def:17624 | ||
Title: | USN-549-1 -- php5 vulnerabilities | ||
Description: | It was discovered that the wordwrap function did not correctly check lengths. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-549-1 CVE-2007-3998 CVE-2007-4657 CVE-2007-4658 CVE-2007-4662 CVE-2007-3799 CVE-2007-2872 CVE-2007-4660 CVE-2007-4661 CVE-2007-1285 CVE-2007-4670 CVE-2007-5898 CVE-2007-5899 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18224 | |||
Oval ID: | oval:org.mitre.oval:def:18224 | ||
Title: | DSA-1578-1 php4 - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in PHP version 4, a server-side, HTML-embedded scripting language. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1578-1 CVE-2007-3799 CVE-2007-3806 CVE-2007-3998 CVE-2007-4657 CVE-2008-2051 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | php4 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18599 | |||
Oval ID: | oval:org.mitre.oval:def:18599 | ||
Title: | DSA-1572-1 php5 - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1572-1 CVE-2007-3806 CVE-2008-1384 CVE-2008-2050 CVE-2008-2051 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | php5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18619 | |||
Oval ID: | oval:org.mitre.oval:def:18619 | ||
Title: | DSA-1608-1 mysql-dfsg-5.0 - authorisation bypass | ||
Description: | Sergei Golubchik discovered that MySQL, a widely-deployed database server, did not properly validate optional data or index directory paths given in a CREATE TABLE statement, nor would it (under proper conditions) prevent two databases from using the same paths for data or index files. This permits an authenticated user with authorisation to create tables in one database to read, write or delete data from tables subsequently created in other databases, regardless of other GRANT authorisations. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1608-1 CVE-2008-2079 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | mysql-dfsg-5.0 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5510 | |||
Oval ID: | oval:org.mitre.oval:def:5510 | ||
Title: | HP-UX Running Apache with PHP, Remote Execution of Arbitrary Code | ||
Description: | The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0599 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7917 | |||
Oval ID: | oval:org.mitre.oval:def:7917 | ||
Title: | DSA-1608 mysql-dfsg-5.0 -- authorisation bypass | ||
Description: | Sergei Golubchik discovered that MySQL, a widely-deployed database server, did not properly validate optional data or index directory paths given in a CREATE TABLE statement, nor would it (under proper conditions) prevent two databases from using the same paths for data or index files. This permits an authenticated user with authorisation to create tables in one database to read, write or delete data from tables subsequently created in other databases, regardless of other GRANT authorisations. The Common Vulnerabilities and Exposures project identifies this weakness as CVE-2008-2079. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1608 CVE-2008-2079 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | mysql-dfsg-5.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8065 | |||
Oval ID: | oval:org.mitre.oval:def:8065 | ||
Title: | DSA-1578 php4 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in PHP version 4, a server-side, HTML-embedded scripting language. The Common Vulnerabilities and Exposures project identifies the following problems: The session_start function allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from various parameters. A denial of service was possible through a malicious script abusing the glob() function. Certain maliciously constructed input to the wordwrap() function could lead to a denial of service attack. Large len values of the stspn() or strcspn() functions could allow an attacker to trigger integer overflows to expose memory or cause denial of service. The escapeshellcmd API function could be attacked via incomplete multibyte chars. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1578 CVE-2007-3799 CVE-2007-3806 CVE-2007-3998 CVE-2007-4657 CVE-2008-2051 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | php4 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-06-21 | Name : PHP version smaller than 5.2.6 File : nvt/nopsec_php_5_2_6.nasl |
2012-06-21 | Name : PHP version smaller than 5.2.5 File : nvt/nopsec_php_5_2_5.nasl |
2012-06-21 | Name : PHP version smaller than 4.4.8 File : nvt/nopsec_php_4_4_8.nasl |
2011-08-09 | Name : CentOS Update for mysql CESA-2010:0109 centos5 i386 File : nvt/gb_CESA-2010_0109_mysql_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for mysql CESA-2009:1289 centos5 i386 File : nvt/gb_CESA-2009_1289_mysql_centos5_i386.nasl |
2010-05-12 | Name : Mac OS X Security Update 2008-005 File : nvt/macosx_secupd_2008-005.nasl |
2010-05-12 | Name : Mac OS X Security Update 2008-007 File : nvt/macosx_secupd_2008-007.nasl |
2010-05-12 | Name : Mac OS X Security Update 2009-005 File : nvt/macosx_secupd_2009-005.nasl |
2010-02-19 | Name : RedHat Update for mysql RHSA-2010:0110-01 File : nvt/gb_RHSA-2010_0110-01_mysql.nasl |
2010-02-19 | Name : RedHat Update for mysql RHSA-2010:0109-01 File : nvt/gb_RHSA-2010_0109-01_mysql.nasl |
2010-02-19 | Name : CentOS Update for mysql CESA-2010:0110 centos4 i386 File : nvt/gb_CESA-2010_0110_mysql_centos4_i386.nasl |
2010-01-19 | Name : Mandriva Update for mysql MDVSA-2010:011 (mysql) File : nvt/gb_mandriva_MDVSA_2010_011.nasl |
2010-01-19 | Name : Mandriva Update for mysql MDVSA-2010:012 (mysql) File : nvt/gb_mandriva_MDVSA_2010_012.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-22 | Name : HP-UX Update for Apache-based Web Server HPSBUX02465 File : nvt/gb_hp_ux_HPSBUX02465.nasl |
2009-10-13 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php2.nasl |
2009-10-13 | Name : SLES10: Security update for MySQL File : nvt/sles10_mysql1.nasl |
2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5015662.nasl |
2009-10-10 | Name : SLES9: Security update for MySQL File : nvt/sles9p5032620.nasl |
2009-09-21 | Name : CentOS Security Advisory CESA-2009:1289 (mysql) File : nvt/ovcesa2009_1289.nasl |
2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1289 File : nvt/RHSA_2009_1289.nasl |
2009-07-17 | Name : HP-UX Update for Apache Web Server Suite HPSBUX02431 File : nvt/gb_hp_ux_HPSBUX02431.nasl |
2009-06-05 | Name : Ubuntu USN-763-1 (xine-lib) File : nvt/ubuntu_763_1.nasl |
2009-06-05 | Name : RedHat Security Advisory RHSA-2009:1067 File : nvt/RHSA_2009_1067.nasl |
2009-06-05 | Name : Ubuntu USN-769-1 (libwmf) File : nvt/ubuntu_769_1.nasl |
2009-05-11 | Name : Debian Security Advisory DSA 1789-1 (php5) File : nvt/deb_1789_1.nasl |
2009-05-05 | Name : HP-UX Update for Apache with PHP HPSBUX02342 File : nvt/gb_hp_ux_HPSBUX02342.nasl |
2009-05-05 | Name : HP-UX Update for Apache With PHP HPSBUX02332 File : nvt/gb_hp_ux_HPSBUX02332.nasl |
2009-04-28 | Name : Mandrake Security Advisory MDVSA-2009:094 (mysql) File : nvt/mdksa_2009_094.nasl |
2009-04-23 | Name : MySQL MyISAM Table Privileges Secuity Bypass Vulnerability File : nvt/mysql_29106.nasl |
2009-04-09 | Name : Mandriva Update for php MDVSA-2008:126 (php) File : nvt/gb_mandriva_MDVSA_2008_126.nasl |
2009-04-09 | Name : Mandriva Update for php MDVSA-2008:127 (php) File : nvt/gb_mandriva_MDVSA_2008_127.nasl |
2009-04-09 | Name : Mandriva Update for php MDVSA-2008:128 (php) File : nvt/gb_mandriva_MDVSA_2008_128.nasl |
2009-04-09 | Name : Mandriva Update for mysql MDVSA-2008:149 (mysql) File : nvt/gb_mandriva_MDVSA_2008_149.nasl |
2009-04-09 | Name : Mandriva Update for mysql MDVSA-2008:150 (mysql) File : nvt/gb_mandriva_MDVSA_2008_150.nasl |
2009-03-23 | Name : Ubuntu Update for php5 regression USN-549-2 File : nvt/gb_ubuntu_USN_549_2.nasl |
2009-03-23 | Name : Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-671-1 File : nvt/gb_ubuntu_USN_671_1.nasl |
2009-03-23 | Name : Ubuntu Update for php5 vulnerabilities USN-628-1 File : nvt/gb_ubuntu_USN_628_1.nasl |
2009-03-23 | Name : Ubuntu Update for php5 vulnerabilities USN-549-1 File : nvt/gb_ubuntu_USN_549_1.nasl |
2009-03-06 | Name : RedHat Update for php RHSA-2008:0546-01 File : nvt/gb_RHSA-2008_0546-01_php.nasl |
2009-03-06 | Name : RedHat Update for mysql RHSA-2008:0768-01 File : nvt/gb_RHSA-2008_0768-01_mysql.nasl |
2009-03-06 | Name : RedHat Update for php RHSA-2008:0545-01 File : nvt/gb_RHSA-2008_0545-01_php.nasl |
2009-03-06 | Name : RedHat Update for php RHSA-2008:0544-01 File : nvt/gb_RHSA-2008_0544-01_php.nasl |
2009-02-27 | Name : CentOS Update for php CESA-2008:0544 centos3 i386 File : nvt/gb_CESA-2008_0544_php_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for php CESA-2008:0546-01 centos2 i386 File : nvt/gb_CESA-2008_0546-01_php_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for php CESA-2008:0544 centos3 x86_64 File : nvt/gb_CESA-2008_0544_php_centos3_x86_64.nasl |
2009-02-17 | Name : Fedora Update for php FEDORA-2008-3864 File : nvt/gb_fedora_2008_3864_php_fc8.nasl |
2009-02-17 | Name : Fedora Update for php FEDORA-2008-3606 File : nvt/gb_fedora_2008_3606_php_fc9.nasl |
2009-01-26 | Name : Mandrake Security Advisory MDVSA-2009:022 (php) File : nvt/mdksa_2009_022.nasl |
2009-01-26 | Name : Mandrake Security Advisory MDVSA-2009:023 (php) File : nvt/mdksa_2009_023.nasl |
2009-01-23 | Name : SuSE Update for openwsman SUSE-SA:2008:041 File : nvt/gb_suse_2008_041.nasl |
2009-01-23 | Name : SuSE Update for php4, php5 SUSE-SA:2008:004 File : nvt/gb_suse_2008_004.nasl |
2009-01-02 | Name : FreeBSD Ports: mysql-server File : nvt/freebsd_mysql-server15.nasl |
2008-11-19 | Name : Gentoo Security Advisory GLSA 200811-05 (php) File : nvt/glsa_200811_05.nasl |
2008-10-07 | Name : Multiple Vulnerabilities in PHP August-08 File : nvt/gb_php_mult_vuln_aug08.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200809-04 (mysql) File : nvt/glsa_200809_04.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200710-02 (php) File : nvt/glsa_200710_02.nasl |
2008-09-17 | Name : FreeBSD Ports: mysql-server File : nvt/freebsd_mysql-server14.nasl |
2008-07-15 | Name : Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0) File : nvt/deb_1608_1.nasl |
2008-05-27 | Name : Debian Security Advisory DSA 1578-1 (php4) File : nvt/deb_1578_1.nasl |
2008-05-27 | Name : Debian Security Advisory DSA 1572-1 (php5) File : nvt/deb_1572_1.nasl |
2008-01-31 | Name : Debian Security Advisory DSA 1444-2 (php5) File : nvt/deb_1444_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1444-1 (php5) File : nvt/deb_1444_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-128-01 php File : nvt/esoft_slk_ssa_2008_128_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44937 | MySQL MyISAM Table CREATE TABLE Privilege Check Bypass |
44910 | PHP GENERATE_SEED Macro Multiplication Precision Weakness Random Functions Ba... |
44909 | PHP GENERATE_SEED Macro Seed Prediction Weakness Random Functions Based Prote... |
44908 | PHP escapeshellcmd API Function Multibyte Chars Unspecified Issue |
44906 | PHP cgi_main.c PATH_TRANSLATED Length Calculation Unspecified Issue |
38918 | PHP output_add_rewrite_var Function Form Rewrite Information Disclosure |
38688 | PHP glibc Implementation glob() Function Overflow |
38686 | PHP glibc Implementation fnmatch() Function Overflow |
38683 | PHP htmlentities/htmlspecialchars Partial Multibyte Sequence Weakness |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-28 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15885.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0545.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0544.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0109.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0110.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1289.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080716_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100216_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100216_mysql_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090902_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080716_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080724_mysql_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-01-16 | Name : The remote database server allows a local user to circumvent privileges. File : mysql_6_0_14_priv_bypass.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-012.nasl - Type : ACT_GATHER_INFO |
2010-03-02 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0109.nasl - Type : ACT_GATHER_INFO |
2010-02-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0110.nasl - Type : ACT_GATHER_INFO |
2010-02-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0110.nasl - Type : ACT_GATHER_INFO |
2010-02-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0109.nasl - Type : ACT_GATHER_INFO |
2010-01-18 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-011.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0545.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1289.nasl - Type : ACT_GATHER_INFO |
2009-11-25 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_1_41.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12049.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12175.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-005.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-080625.nasl - Type : ACT_GATHER_INFO |
2009-05-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1789.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-671-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-094.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-022.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-150.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-149.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-128.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-127.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-126.nasl - Type : ACT_GATHER_INFO |
2008-12-30 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_738f8f9ed66111dda7650030843d3802.nasl - Type : ACT_GATHER_INFO |
2008-11-17 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200811-05.nasl - Type : ACT_GATHER_INFO |
2008-11-09 | Name : The remote database server is susceptible to a privilege bypass attack. File : mysql_es_5_0_70.nasl - Type : ACT_GATHER_INFO |
2008-10-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-007.nasl - Type : ACT_GATHER_INFO |
2008-09-11 | Name : The remote database server is affected by several issues. File : mysql_5_0_67.nasl - Type : ACT_GATHER_INFO |
2008-09-10 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_388d9ee47f2211dda66a0019666436c2.nasl - Type : ACT_GATHER_INFO |
2008-09-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200809-04.nasl - Type : ACT_GATHER_INFO |
2008-08-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mysql-5338.nasl - Type : ACT_GATHER_INFO |
2008-08-14 | Name : The remote openSUSE host is missing a security update. File : suse_libmysqlclient-devel-5341.nasl - Type : ACT_GATHER_INFO |
2008-08-01 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-005.nasl - Type : ACT_GATHER_INFO |
2008-07-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0768.nasl - Type : ACT_GATHER_INFO |
2008-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-628-1.nasl - Type : ACT_GATHER_INFO |
2008-07-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0544.nasl - Type : ACT_GATHER_INFO |
2008-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0546.nasl - Type : ACT_GATHER_INFO |
2008-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0545.nasl - Type : ACT_GATHER_INFO |
2008-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0544.nasl - Type : ACT_GATHER_INFO |
2008-07-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1608.nasl - Type : ACT_GATHER_INFO |
2008-07-02 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-5379.nasl - Type : ACT_GATHER_INFO |
2008-06-26 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-5345.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3864.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3606.nasl - Type : ACT_GATHER_INFO |
2008-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-128-01.nasl - Type : ACT_GATHER_INFO |
2008-05-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1578.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1572.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote database server allows a local user to circumvent privileges. File : mysql_4_1_24.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote database server allows a local user to circumvent privileges. File : mysql_es_5_0_60.nasl - Type : ACT_GATHER_INFO |
2008-05-02 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_6.nasl - Type : ACT_GATHER_INFO |
2008-01-27 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-4909.nasl - Type : ACT_GATHER_INFO |
2008-01-08 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-4810.nasl - Type : ACT_GATHER_INFO |
2008-01-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1444.nasl - Type : ACT_GATHER_INFO |
2008-01-03 | Name : The remote web server uses a version of PHP that is affected by multiple issues. File : php_4_4_8.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-4808.nasl - Type : ACT_GATHER_INFO |
2007-12-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-549-2.nasl - Type : ACT_GATHER_INFO |
2007-11-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-549-1.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_5.nasl - Type : ACT_GATHER_INFO |
2007-10-09 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200710-02.nasl - Type : ACT_GATHER_INFO |