Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title kernel security and bug fix update
Informations
Name RHSA-2008:0585 First vendor Publication 2008-08-26
Vendor RedHat Last vendor Modification 2008-08-26
Severity (Vendor) Important Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise MRG 1.0.

This update has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

MRG Realtime for RHEL 5 Server - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

These updated packages fix the following security issues:

* the possibility of a timeout value overflow was found in the Linux kernel high-resolution timers functionality, hrtimer. This could allow a local unprivileged user to execute arbitrary code, or cause a denial of service (kernel panic). (CVE-2007-5966, Important)

* the possibility of a kernel crash was found in the Linux kernel IPsec protocol implementation, due to improper handling of fragmented ESP packets. When an attacker controlling an intermediate router fragmented these packets into very small pieces, it would cause a kernel crash on the receiving node during packet reassembly. (CVE-2007-6282, Important)

* on 64-bit architectures, the possibility of a timer-expiration value overflow was found in the Linux kernel high-resolution timers functionality, hrtimer. This could allow a local unprivileged user to set up a large interval value, forcing the timer expiry value to become negative, causing a denial of service (kernel hang). (CVE-2007-6712, Important)

* on AMD64 architectures, the possibility of a kernel crash was discovered by testing the Linux kernel process-trace ability. This could allow a local unprivileged user to cause a denial of service (kernel crash). (CVE-2008-1615, Important)

* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local unprivileged user to cause a denial of service. (CVE-2008-2136, Important)

* a flaw was found in the Linux kernel utimensat system call. File permissions were not checked when UTIME_NOW and UTIME_OMIT combinations were used. This could allow a local unprivileged user to modify file times of arbitrary files, possibly leading to a denial of service. (CVE-2008-2148, Important)

* a security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 architectures. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important)

* Gabriel Campana discovered a possible integer overflow flaw in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. This deficiency could lead to privilege escalation. (CVE-2008-2826, Important)

* a deficiency was found in the Linux kernel virtual memory implementation. This could allow a local unprivileged user to make a large number of calls to the get_user_pages function, possibly causing a denial of service. (CVE-2008-2372, Low)

Also, these updated packages fix the following bugs:

* gdb set orig_rax to 0x00000000ffffffff, which is recognized by the upstream kernel as "-1", but not by the Red Hat Enterprise MRG kernel.

* if the POSIX timer was programmed to fire immediately, the timer's signal was sometimes not delivered (timer does not fire).

* rwlock caused crashes and application hangs.

* running oprofile caused system panics.

* threads releasing a mutex may have received an EPERM error.

* booting the RT kernel with the "nmi_watchdog=2" kernel option caused a kernel panic, and an "Unable to handle kernel paging request" error.

* "echo 0 > /sys/devices/system/cpu/cpu1/online" caused crashes.

* a crash on a JTC machine.

* added a new "FUTEX_WAIT_BITSET" system call, identical to FUTEX_WAIT, that accepts absolute time as a timeout.

Red Hat Enterprise MRG 1.0 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

404291 - CVE-2007-6282 IPSec ESP kernel panics 429290 - provide a futex syscall command similiar to FUTEX_WAIT with takes absolute timeout 431430 - CVE-2008-1615 kernel: ptrace: Unprivileged crash on x86_64 %cs corruption 439999 - CVE-2007-6712 kernel: infinite loop in highres timers (kernel hang) 446031 - CVE-2008-2136 kernel: sit memory leak 446060 - kernel: sched_fair.c simplify sched_slice() 446397 - java testcase hangs on 2.6.24.7-52ibmrt2.3 kernel 446777 - pthread_mutex_unlock returns EPERM due to earlier EFAULT from futex lock 449676 - Turning a CPU offline causes panic 451271 - CVE-2008-2729 kernel: [x86_64] The string instruction version didn't zero the output on exception. 452478 - CVE-2008-2826 kernel: sctp: sctp_getsockopt_local_addrs_old() potential overflow 452666 - CVE-2008-2372 kernel: Reinstate ZERO_PAGE optimization in 'get_user_pages()' and fix XIP 452692 - crash with 2.6.24.7-65.el5rt 452693 - POSIX timer set to fire immediately does not fire 452974 - [24][FOCUS] plist_add/del crash with 2.6.24.7-65ibmrt2.4 kernel 453135 - CVE-2007-5966 Non-root can trigger cpu_idle soft lockup (tickless kernel only) 453677 - nmi_watchdog=2 crashes the RT kernel on boot up 454913 - [Realtime][Kernel] LTP test failure in sched_rr_get_interval02 testcase 455275 - CVE-2008-2148 kernel: fix permission checking in sys_utimensat 455747 - Oops when running oprofile

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2008-0585.html

CWE : Common Weakness Enumeration

% Id Name
22 % CWE-399 Resource Management Errors
22 % CWE-189 Numeric Errors (CWE/SANS Top 25)
11 % CWE-264 Permissions, Privileges, and Access Controls
11 % CWE-200 Information Exposure
11 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)
11 % CWE-20 Improper Input Validation
11 % CWE-16 Configuration

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10549
 
Oval ID: oval:org.mitre.oval:def:10549
Title: The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
Description: The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
Family: unix Class: vulnerability
Reference(s): CVE-2007-6282
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10774
 
Oval ID: oval:org.mitre.oval:def:10774
Title: Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information.
Description: Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information.
Family: unix Class: vulnerability
Reference(s): CVE-2007-5966
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11038
 
Oval ID: oval:org.mitre.oval:def:11038
Title: Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
Description: Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2136
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11571
 
Oval ID: oval:org.mitre.oval:def:11571
Title: arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
Description: arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2729
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17496
 
Oval ID: oval:org.mitre.oval:def:17496
Title: USN-625-1 -- linux, linux-source-2.6.15/20/22 vulnerabilities
Description: Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets.
Family: unix Class: patch
Reference(s): USN-625-1
CVE-2007-6282
CVE-2007-6712
CVE-2008-0598
CVE-2008-1615
CVE-2008-1673
CVE-2008-2136
CVE-2008-2137
CVE-2008-2148
CVE-2008-2358
CVE-2008-2365
CVE-2008-2729
CVE-2008-2750
CVE-2008-2826
Version: 7
Platform(s): Ubuntu 6.06
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04
Product(s): linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22087
 
Oval ID: oval:org.mitre.oval:def:22087
Title: ELSA-2008:0275: kernel security and bug fix update (Important)
Description: Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
Family: unix Class: patch
Reference(s): ELSA-2008:0275-01
CVE-2007-5093
CVE-2007-6282
CVE-2007-6712
CVE-2008-1615
Version: 21
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22647
 
Oval ID: oval:org.mitre.oval:def:22647
Title: ELSA-2008:0519: kernel security and bug fix update (Important)
Description: arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
Family: unix Class: patch
Reference(s): ELSA-2008:0519-01
CVE-2008-0598
CVE-2008-2358
CVE-2008-2729
Version: 17
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6503
 
Oval ID: oval:org.mitre.oval:def:6503
Title: Linux Kernel Memory Leak in SIT Code ipip6_rcv() Lets Remote Users Deny Service
Description: Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2136
Version: 1
Platform(s): VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8125
 
Oval ID: oval:org.mitre.oval:def:8125
Title: VMware kernel integer overflow vulnerability in hrtimer_start function
Description: Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information.
Family: unix Class: vulnerability
Reference(s): CVE-2007-5966
Version: 4
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9210
 
Oval ID: oval:org.mitre.oval:def:9210
Title: Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired.
Description: Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired.
Family: unix Class: vulnerability
Reference(s): CVE-2007-6712
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9383
 
Oval ID: oval:org.mitre.oval:def:9383
Title: The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users to cause a denial of service (memory consumption) via a large number of calls to the get_user_pages function, which lacks a ZERO_PAGE optimization and results in allocation of "useless newly zeroed pages."
Description: The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users to cause a denial of service (memory consumption) via a large number of calls to the get_user_pages function, which lacks a ZERO_PAGE optimization and results in allocation of "useless newly zeroed pages."
Family: unix Class: vulnerability
Reference(s): CVE-2008-2372
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9563
 
Oval ID: oval:org.mitre.oval:def:9563
Title: Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
Description: Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
Family: unix Class: vulnerability
Reference(s): CVE-2008-1615
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Os 6
Os 1
Os 987
Os 2
Os 3
Os 1

OpenVAS Exploits

Date Description
2011-08-09 Name : CentOS Update for kernel CESA-2009:0001-01 centos2 i386
File : nvt/gb_CESA-2009_0001-01_kernel_centos2_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1193 centos5 i386
File : nvt/gb_CESA-2009_1193_kernel_centos5_i386.nasl
2009-10-13 Name : SLES10: Security update for Linux kernel
File : nvt/sles10_kernel3.nasl
2009-10-13 Name : SLES10: Security update for Linux kernel
File : nvt/sles10_kernel0.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5028577.nasl
2009-08-17 Name : RedHat Security Advisory RHSA-2009:1193
File : nvt/RHSA_2009_1193.nasl
2009-08-17 Name : CentOS Security Advisory CESA-2009:1193 (kernel)
File : nvt/ovcesa2009_1193.nasl
2009-04-09 Name : Mandriva Update for kernel MDVSA-2008:167 (kernel)
File : nvt/gb_mandriva_MDVSA_2008_167.nasl
2009-04-09 Name : Mandriva Update for kernel MDVSA-2008:112 (kernel)
File : nvt/gb_mandriva_MDVSA_2008_112.nasl
2009-03-23 Name : Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-659-1
File : nvt/gb_ubuntu_USN_659_1.nasl
2009-03-23 Name : Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-625-1
File : nvt/gb_ubuntu_USN_625_1.nasl
2009-03-23 Name : Ubuntu Update for linux-source-2.6.17/20/22 vulnerabilities USN-574-1
File : nvt/gb_ubuntu_USN_574_1.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0957-02
File : nvt/gb_RHSA-2008_0957-02_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0973-03
File : nvt/gb_RHSA-2008_0973-03_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0612-01
File : nvt/gb_RHSA-2008_0612-01_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0607-01
File : nvt/gb_RHSA-2008_0607-01_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0508-01
File : nvt/gb_RHSA-2008_0508-01_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0275-01
File : nvt/gb_RHSA-2008_0275-01_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0237-01
File : nvt/gb_RHSA-2008_0237-01_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0519-01
File : nvt/gb_RHSA-2008_0519-01_kernel.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0973 centos3 x86_64
File : nvt/gb_CESA-2008_0973_kernel_centos3_x86_64.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0973 centos3 i386
File : nvt/gb_CESA-2008_0973_kernel_centos3_i386.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0508 centos4 i386
File : nvt/gb_CESA-2008_0508_kernel_centos4_i386.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0508 centos4 x86_64
File : nvt/gb_CESA-2008_0508_kernel_centos4_x86_64.nasl
2009-02-17 Name : Fedora Update for kernel FEDORA-2008-3949
File : nvt/gb_fedora_2008_3949_kernel_fc9.nasl
2009-02-17 Name : Fedora Update for kernel FEDORA-2008-4043
File : nvt/gb_fedora_2008_4043_kernel_fc7.nasl
2009-02-10 Name : CentOS Security Advisory CESA-2009:0001-01 (kernel)
File : nvt/ovcesa2009_0001_01.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:032
File : nvt/gb_suse_2008_032.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:052
File : nvt/gb_suse_2008_052.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:037
File : nvt/gb_suse_2008_037.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:031
File : nvt/gb_suse_2008_031.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:030
File : nvt/gb_suse_2008_030.nasl
2009-01-13 Name : RedHat Security Advisory RHSA-2009:0001
File : nvt/RHSA_2009_0001.nasl
2009-01-07 Name : RedHat Security Advisory RHSA-2008:0787
File : nvt/RHSA_2008_0787.nasl
2008-09-04 Name : Debian Security Advisory DSA 1630-1 (linux-2.6)
File : nvt/deb_1630_1.nasl
2008-06-11 Name : Debian Security Advisory DSA 1588-2 (linux-2.6)
File : nvt/deb_1588_2.nasl
2008-06-11 Name : Debian Security Advisory DSA 1588-1 (linux-2.6)
File : nvt/deb_1588_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1436-1 (linux-2.6)
File : nvt/deb_1436_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
48116 Linux Kernel get_user_pages Function ZERO_PAGE Optimization Weakness Local DoS

48115 Linux Kernel on AMD64 arch/x86_64/lib/copy_user.S Destination Memory Local In...

48114 Linux Kernel SCTP net/sctp/socket.c sctp_getsockopt_local_addrs_old Function ...

45421 Linux Kernel net/ipv6/sit.c ipip6_rcv function Simple Internet Transition Tun...

45186 Linux Kernel utimensat System Call Arbitrary File Time Modification

44992 Linux Kernel on AMD64 Unspecified ptrace Calls Local DoS

44930 Linux Kernel IPsec Implementation Malformed Fragmented ESP Packet Remote DoS

44688 Linux Kernel on 64-bit hrtimer_forward Function (hrtimer.c) Timer Expiration ...

40248 Linux Kernel hrtimer.c hrtimer_start Function Local Overflow

Information Assurance Vulnerability Management (IAVM)

Date Description
2009-10-22 IAVM : 2009-A-0105 - Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0021867

Snort® IPS/IDS

Date Description
2014-01-10 IPv6 packets encapsulated in IPv4
RuleID : 8446 - Revision : 8 - Type : POLICY-OTHER
2014-01-10 (ipv6)IPV6tunneledoverIPv4,IPv6headertruncated,possibleLinuxkernelattack
RuleID : 291 - Revision : 2 - Type :

Nessus® Vulnerability Scanner

Date Description
2016-03-03 Name : The remote host is missing a security-related patch.
File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote host is missing a security-related patch.
File : vmware_VMSA-2009-0014_remote.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2009-0017.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2008-2005.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1193.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0973.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0957.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0612.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0607.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0519.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0508.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0275.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0237.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0079.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080625_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080625_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080723_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080804_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20081104_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20081216_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090808_kernel_for_SL_5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080507_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-4938.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5239.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5370.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5477.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0275.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0237.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0957.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0612.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1193.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0607.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0519.nasl - Type : ACT_GATHER_INFO
2009-11-23 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO
2009-10-19 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2009-0014.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5235.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5473.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1193.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kernel-080630.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-659-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-112.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-167.nasl - Type : ACT_GATHER_INFO
2009-01-09 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0001.nasl - Type : ACT_GATHER_INFO
2008-12-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO
2008-12-17 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO
2008-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0957.nasl - Type : ACT_GATHER_INFO
2008-10-21 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-5700.nasl - Type : ACT_GATHER_INFO
2008-08-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1630.nasl - Type : ACT_GATHER_INFO
2008-08-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0612.nasl - Type : ACT_GATHER_INFO
2008-07-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0607.nasl - Type : ACT_GATHER_INFO
2008-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-625-1.nasl - Type : ACT_GATHER_INFO
2008-07-08 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5375.nasl - Type : ACT_GATHER_INFO
2008-07-02 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0508.nasl - Type : ACT_GATHER_INFO
2008-07-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0519.nasl - Type : ACT_GATHER_INFO
2008-07-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0508.nasl - Type : ACT_GATHER_INFO
2008-06-24 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-5339.nasl - Type : ACT_GATHER_INFO
2008-06-24 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-5336.nasl - Type : ACT_GATHER_INFO
2008-05-28 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1588.nasl - Type : ACT_GATHER_INFO
2008-05-20 Name : The remote Fedora host is missing a security update.
File : fedora_2008-4043.nasl - Type : ACT_GATHER_INFO
2008-05-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0275.nasl - Type : ACT_GATHER_INFO
2008-05-16 Name : The remote Fedora host is missing a security update.
File : fedora_2008-3949.nasl - Type : ACT_GATHER_INFO
2008-05-09 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0237.nasl - Type : ACT_GATHER_INFO
2008-02-11 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-4970.nasl - Type : ACT_GATHER_INFO
2008-02-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-4935.nasl - Type : ACT_GATHER_INFO
2008-02-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-574-1.nasl - Type : ACT_GATHER_INFO
2008-02-01 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-4943.nasl - Type : ACT_GATHER_INFO
2008-02-01 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-4941.nasl - Type : ACT_GATHER_INFO
2008-02-01 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-4929.nasl - Type : ACT_GATHER_INFO
2007-12-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1436.nasl - Type : ACT_GATHER_INFO