Executive Summary
Summary | |
---|---|
Title | php security update |
Informations | |||
---|---|---|---|
Name | RHSA-2009:0350 | First vendor Publication | 2009-04-14 |
Vendor | RedHat | Last vendor Modification | 2009-04-14 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated php packages that fix several security issues are now available for Red Hat Application Stack v2. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v2 for Enterprise Linux (v.5) - i386, x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-5557) A flaw was found in the handling of the "mbstring.func_overload" configuration setting. A value set for one virtual host, or in a user's .htaccess file, was incorrectly applied to other virtual hosts on the same server, causing the handling of multibyte character strings to not work correctly. (CVE-2009-0754) A directory traversal flaw was found in PHP's ZipArchive::extractTo function. If PHP is used to extract a malicious ZIP archive, it could allow an attacker to write arbitrary files anywhere the PHP process has write permissions. (CVE-2008-5658) A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP script allowed a remote attacker to load a carefully crafted font file, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-3658) A flaw was found in the way PHP handled certain file extensions when running in FastCGI mode. If the PHP interpreter was being executed via FastCGI, a remote attacker could create a request which would cause the PHP interpreter to crash. (CVE-2008-3660) A memory disclosure flaw was found in the PHP gd extension's imagerotate function. A remote attacker able to pass arbitrary values as the "background color" argument of the function could, possibly, view portions of the PHP interpreter's memory. (CVE-2008-5498) A cross-site scripting flaw was found in a way PHP reported errors for invalid cookies. If the PHP interpreter had "display_errors" enabled, a remote attacker able to set a specially-crafted cookie on a victim's system could possibly inject arbitrary HTML into an error message generated by PHP. (CVE-2008-5814) A flaw was found in PHP's json_decode function. A remote attacker could use this flaw to create a specially-crafted string which could cause the PHP interpreter to crash while being decoded in a PHP script. (CVE-2009-1271) All php users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. The httpd web server must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 459529 - CVE-2008-3658 php: buffer overflow in the imageloadfont function in gd extension 459572 - CVE-2008-3660 php: FastCGI module DoS via multiple dots preceding the extension 474824 - CVE-2008-5658 php: ZipArchive::extractTo() Directory Traversal Vulnerability 478425 - CVE-2008-5498 php: libgd imagerotate() array index error memory disclosure 478848 - CVE-2008-5557 php: Heap-based buffer overflow in the mbstring extension via crafted string containing a HTML entity (arb code execution) 479272 - CVE-2009-0754 PHP mbstring.func_overload web server denial of service 480167 - CVE-2008-5814 php: XSS via PHP error messages 494530 - CVE-2009-1271 php: crash on malformed input in json_decode() |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2009-0350.html |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
CAPEC-7 | Blind SQL Injection |
CAPEC-8 | Buffer Overflow in an API Call |
CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
CAPEC-10 | Buffer Overflow via Environment Variables |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-14 | Client-side Injection-induced Buffer Overflow |
CAPEC-18 | Embedding Scripts in Nonscript Elements |
CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
CAPEC-24 | Filter Failure through Buffer Overflow |
CAPEC-28 | Fuzzing |
CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
CAPEC-32 | Embedding Scripts in HTTP Query Strings |
CAPEC-42 | MIME Conversion |
CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-46 | Overflow Variables and Tags |
CAPEC-47 | Buffer Overflow via Parameter Expansion |
CAPEC-52 | Embedding NULL Bytes |
CAPEC-53 | Postfix, Null Terminate, and Backslash |
CAPEC-63 | Simple Script Injection |
CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
CAPEC-66 | SQL Injection |
CAPEC-67 | String Format Overflow in syslog() |
CAPEC-71 | Using Unicode Encoding to Bypass Validation Logic |
CAPEC-72 | URL Encoding |
CAPEC-73 | User-Controlled Filename |
CAPEC-78 | Using Escaped Slashes in Alternate Encoding |
CAPEC-79 | Using Slashes in Alternate Encoding |
CAPEC-80 | Using UTF-8 Encoding to Bypass Validation Logic |
CAPEC-81 | Web Logs Tampering |
CAPEC-83 | XPath Injection |
CAPEC-85 | Client Network Footprinting (using AJAX/XSS) |
CAPEC-86 | Embedding Script (XSS ) in HTTP Headers |
CAPEC-88 | OS Command Injection |
CAPEC-91 | XSS in IMG Tags |
CAPEC-99 | XML Parser Attack |
CAPEC-101 | Server Side Include (SSI) Injection |
CAPEC-104 | Cross Zone Scripting |
CAPEC-106 | Cross Site Scripting through Log Files |
CAPEC-108 | Command Line Execution through SQL Injection |
CAPEC-109 | Object Relational Mapping Injection |
CAPEC-110 | SQL Injection through SOAP Parameter Tampering |
CAPEC-171 | Variable Manipulation |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
29 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
14 % | CWE-200 | Information Exposure |
14 % | CWE-134 | Uncontrolled Format String (CWE/SANS Top 25) |
14 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
14 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
14 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12644 | |||
Oval ID: | oval:org.mitre.oval:def:12644 | ||
Title: | DSA-1775-1 php-json-ext -- denial of service | ||
Description: | It was discovered that php-json-ext, a JSON serialiser for PHP, is prone to a denial of service attack, when receiving a malformed string via the json_decode function. For the oldstable distribution, this problem has been fixed in version 1.2.1-3.2+etch1. The stable distribution does not contain a separate php-json-ext package, but includes it in the php5 packages, which will be fixed soon. The testing distribution and the unstable distribution do not contain a separate php-json-ext package, but include it in the php5 packages. We recommend that you upgrade your php-json-ext packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1775-1 CVE-2009-1271 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | php-json-ext |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20236 | |||
Oval ID: | oval:org.mitre.oval:def:20236 | ||
Title: | DSA-1647-1 php5 - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1647-1 CVE-2008-3658 CVE-2008-3659 CVE-2008-3660 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | php5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8239 | |||
Oval ID: | oval:org.mitre.oval:def:8239 | ||
Title: | DSA-1775 php-json-ext -- denial of service | ||
Description: | It was discovered that php-json-ext, a JSON serialiser for PHP, is prone to a denial of service attack, when receiving a malformed string via the json_decode function. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1775 CVE-2009-1271 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | php-json-ext |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2009-01-02 | PHP <= 5.2.8 gd library - imageRotate() Information Leak Vulnerability |
OpenVAS Exploits
Date | Description |
---|---|
2012-06-21 | Name : PHP version smaller than 5.2.9 File : nvt/nopsec_php_5_2_9.nasl |
2012-06-21 | Name : PHP version smaller than 5.2.8 File : nvt/nopsec_php_5_2_8.nasl |
2012-06-21 | Name : PHP version smaller than 5.2.7 File : nvt/nopsec_php_5_2_7.nasl |
2012-06-21 | Name : PHP < 4.4.9 File : nvt/nopsec_php_4_4_9.nasl |
2011-08-09 | Name : CentOS Update for php CESA-2009:0338 centos5 i386 File : nvt/gb_CESA-2009_0338_php_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for php CESA-2009:0337 centos4 i386 File : nvt/gb_CESA-2009_0337_php_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for php CESA-2009:0337 centos3 i386 File : nvt/gb_CESA-2009_0337_php_centos3_i386.nasl |
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2010-05-12 | Name : Mac OS X Security Update 2009-005 File : nvt/macosx_secupd_2009-005.nasl |
2010-04-19 | Name : PHP FastCGI Module File Extension Denial Of Service Vulnerabilities File : nvt/gb_php_31612.nasl |
2010-04-19 | Name : PHP Multiple Buffer Overflow Vulnerabilities File : nvt/gb_php_30649.nasl |
2010-01-07 | Name : Gentoo Security Advisory GLSA 201001-03 (php) File : nvt/glsa_201001_03.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:324 (php) File : nvt/mdksa_2009_324.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-22 | Name : HP-UX Update for Apache-based Web Server HPSBUX02465 File : nvt/gb_hp_ux_HPSBUX02465.nasl |
2009-10-13 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php0.nasl |
2009-10-13 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php3.nasl |
2009-10-13 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php1.nasl |
2009-10-13 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php.nasl |
2009-10-11 | Name : SLES11: Security update for PHP5 File : nvt/sles11_apache2-mod_php0.nasl |
2009-10-11 | Name : SLES11: Security update for PHP5 File : nvt/sles11_apache2-mod_php.nasl |
2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5046240.nasl |
2009-07-17 | Name : HP-UX Update for Apache Web Server Suite HPSBUX02431 File : nvt/gb_hp_ux_HPSBUX02431.nasl |
2009-07-06 | Name : SuSE Security Summary SUSE-SR:2009:012 File : nvt/suse_sr_2009_012.nasl |
2009-06-05 | Name : Ubuntu USN-719-1 (libpam-krb5) File : nvt/ubuntu_719_1.nasl |
2009-06-05 | Name : Ubuntu USN-767-1 (freetype) File : nvt/ubuntu_767_1.nasl |
2009-06-05 | Name : Ubuntu USN-769-1 (libwmf) File : nvt/ubuntu_769_1.nasl |
2009-06-05 | Name : Ubuntu USN-776-2 (kvm) File : nvt/ubuntu_776_2.nasl |
2009-06-05 | Name : Ubuntu USN-761-2 (php5) File : nvt/ubuntu_761_2.nasl |
2009-06-05 | Name : Fedora Core 10 FEDORA-2009-3768 (maniadrive) File : nvt/fcore_2009_3768.nasl |
2009-06-05 | Name : Fedora Core 9 FEDORA-2009-3848 (maniadrive) File : nvt/fcore_2009_3848.nasl |
2009-06-05 | Name : Ubuntu USN-723-1 (git-core) File : nvt/ubuntu_723_1.nasl |
2009-06-05 | Name : Ubuntu USN-720-1 (php5) File : nvt/ubuntu_720_1.nasl |
2009-05-11 | Name : Debian Security Advisory DSA 1789-1 (php5) File : nvt/deb_1789_1.nasl |
2009-05-05 | Name : HP-UX Update for Apache Web Server Suite HPSBUX02401 File : nvt/gb_hp_ux_HPSBUX02401.nasl |
2009-04-28 | Name : Ubuntu USN-761-1 (php5) File : nvt/ubuntu_761_1.nasl |
2009-04-28 | Name : Debian Security Advisory DSA 1775-1 (php-json-ext) File : nvt/deb_1775_1.nasl |
2009-04-16 | Name : PHP 5.2.8 and Prior Versions Multiple Vulnerabilities File : nvt/php_cve_2009_1271.nasl |
2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0338 File : nvt/RHSA_2009_0338.nasl |
2009-04-15 | Name : CentOS Security Advisory CESA-2009:0338 (php) File : nvt/ovcesa2009_0338.nasl |
2009-04-15 | Name : CentOS Security Advisory CESA-2009:0337 (php) File : nvt/ovcesa2009_0337.nasl |
2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0337 File : nvt/RHSA_2009_0337.nasl |
2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0350 File : nvt/RHSA_2009_0350.nasl |
2009-04-15 | Name : Mandrake Security Advisory MDVSA-2009:090 (php) File : nvt/mdksa_2009_090.nasl |
2009-04-06 | Name : SuSE Security Summary SUSE-SR:2009:008 File : nvt/suse_sr_2009_008.nasl |
2009-03-20 | Name : FreeBSD Ports: php4-mbstring File : nvt/freebsd_php4-mbstring.nasl |
2009-03-17 | Name : PHP 'mbstring.func_overload' DoS Vulnerability File : nvt/gb_php_mbstring_func_overload_dos_vuln.nasl |
2009-03-07 | Name : Ubuntu USN-727-2 (network-manager) File : nvt/ubuntu_727_2.nasl |
2009-03-07 | Name : Ubuntu USN-727-1 (network-manager-applet) File : nvt/ubuntu_727_1.nasl |
2009-03-07 | Name : Ubuntu USN-726-2 (curl) File : nvt/ubuntu_726_2.nasl |
2009-03-07 | Name : Ubuntu USN-726-1 (curl) File : nvt/ubuntu_726_1.nasl |
2009-03-07 | Name : Mandrake Security Advisory MDVSA-2009:066 (php) File : nvt/mdksa_2009_066.nasl |
2009-03-07 | Name : Mandrake Security Advisory MDVSA-2009:065 (php4) File : nvt/mdksa_2009_065.nasl |
2009-02-23 | Name : Mandrake Security Advisory MDVSA-2009:045 (php) File : nvt/mdksa_2009_045.nasl |
2009-02-18 | Name : SuSE Security Summary SUSE-SR:2009:004 File : nvt/suse_sr_2009_004.nasl |
2009-01-26 | Name : Mandrake Security Advisory MDVSA-2009:021 (php) File : nvt/mdksa_2009_021.nasl |
2009-01-26 | Name : Mandrake Security Advisory MDVSA-2009:022 (php) File : nvt/mdksa_2009_022.nasl |
2009-01-26 | Name : Mandrake Security Advisory MDVSA-2009:023 (php) File : nvt/mdksa_2009_023.nasl |
2009-01-26 | Name : Mandrake Security Advisory MDVSA-2009:024 (php4) File : nvt/mdksa_2009_024.nasl |
2009-01-08 | Name : PHP display_errors Cross-Site Scripting Vulnerability File : nvt/gb_php_display_errors_xss_vuln.nasl |
2009-01-07 | Name : FreeBSD Ports: php5-gd File : nvt/freebsd_php5-gd.nasl |
2008-12-31 | Name : PHP 'imageRotate()' Memory Information Disclosure Vulnerability File : nvt/secpod_php_imagerotate_info_disc_vuln.nasl |
2008-12-31 | Name : Heap-based buffer overflow in 'mbstring' extension for PHP File : nvt/secpod_php_mbstring_ext_bof_vuln.nasl |
2008-12-26 | Name : PHP Security Bypass and File Writing Vulnerability - Dec08 File : nvt/secpod_php_sec_bypass_n_file_write_vuln_900184.nasl |
2008-12-10 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php54.nasl |
2008-11-19 | Name : Gentoo Security Advisory GLSA 200811-05 (php) File : nvt/glsa_200811_05.nasl |
2008-10-09 | Name : Debian Security Advisory DSA 1647-1 (php5) File : nvt/deb_1647_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-098-02 php File : nvt/esoft_slk_ssa_2009_098_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-339-01 php File : nvt/esoft_slk_ssa_2008_339_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
53574 | PHP on Apache .htaccess mbstring.func_overload Setting Cross Hosted Site Beha... |
53532 | PHP Unspecified XSS |
52486 | PHP json_decode() Function Malformed String Handling Remote DoS |
51477 | PHP mbstring Extension ext/mbstring/libmbfl/filters/mbfilter_htmlent.c Multip... |
51031 | PHP imageRotate Function Indexed Image Crafted Argument Arbitrary Memory Access |
50480 | PHP ZipArchive::extractTo() ZIP File Traversal Arbitrary File Overwrite |
47798 | PHP ext/gd/gd.c imageloadfont Function Crafted Font File Handling Overflow |
47796 | PHP FastCGI Module Extension Malformed Request Handling Remote DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL9761.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0338.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0337.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090406_php_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6847.nasl - Type : ACT_GATHER_INFO |
2010-04-27 | Name : The remote web server has multiple vulnerabilities. File : hpsmh_6_0_0_95.nasl - Type : ACT_GATHER_INFO |
2010-02-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201001-03.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1940.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-100215.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6846.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0338.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-324.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6311.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12382.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-090319.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-090618.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-5580.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-5909.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6069.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-005.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-090312.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-090119.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-090312.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-090114.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-080820.nasl - Type : ACT_GATHER_INFO |
2009-06-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-3768.nasl - Type : ACT_GATHER_INFO |
2009-06-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-3848.nasl - Type : ACT_GATHER_INFO |
2009-05-20 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_3_0_1_73.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-05-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1789.nasl - Type : ACT_GATHER_INFO |
2009-04-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-761-2.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-090.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-720-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-761-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-021.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-022.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-045.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-066.nasl - Type : ACT_GATHER_INFO |
2009-04-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1775.nasl - Type : ACT_GATHER_INFO |
2009-04-08 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-098-02.nasl - Type : ACT_GATHER_INFO |
2009-04-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0337.nasl - Type : ACT_GATHER_INFO |
2009-04-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0337.nasl - Type : ACT_GATHER_INFO |
2009-04-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0338.nasl - Type : ACT_GATHER_INFO |
2009-04-03 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-6068.nasl - Type : ACT_GATHER_INFO |
2009-03-17 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a2074ac6124c11dea9640030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-02-27 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_9.nasl - Type : ACT_GATHER_INFO |
2009-02-06 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-5934.nasl - Type : ACT_GATHER_INFO |
2009-02-04 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_58a3c266db0111ddae30001cc0377035.nasl - Type : ACT_GATHER_INFO |
2008-12-09 | Name : The remote web server uses a version of PHP that may be affected by multiple ... File : php_5_2_8.nasl - Type : ACT_GATHER_INFO |
2008-12-08 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_27d01223c45711dda7210030843d3802.nasl - Type : ACT_GATHER_INFO |
2008-12-05 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_2_7.nasl - Type : ACT_GATHER_INFO |
2008-12-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-339-01.nasl - Type : ACT_GATHER_INFO |
2008-11-17 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200811-05.nasl - Type : ACT_GATHER_INFO |
2008-10-16 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-5661.nasl - Type : ACT_GATHER_INFO |
2008-10-07 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1647.nasl - Type : ACT_GATHER_INFO |
2008-09-17 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-5546.nasl - Type : ACT_GATHER_INFO |
2008-08-08 | Name : The remote web server uses a version of PHP that is affected by multiple issues. File : php_4_4_9.nasl - Type : ACT_GATHER_INFO |