Executive Summary

Summary
Title kernel security and bug fix update
Informations
Name RHSA-2013:1195 First vendor Publication 2013-09-03
Vendor RedHat Last vendor Modification 2013-09-03
Severity (Vendor) Important Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.9 Attack Range Local
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat OpenStack 3.0.

The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

OpenStack 3 - noarch, x86_64

3. Description:

Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4 kernel. These custom kernel packages include support for network namespaces, this support is required to facilitate advanced OpenStack Networking deployments.

This update fixes the following security issues:

* A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash. (CVE-2013-2206, Important)

* An invalid free flaw was found in the Linux kernel's TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to corrupt kernel memory via crafted sendmsg() calls, allowing them to cause a denial of service or, potentially, escalate their privileges on the system. (CVE-2013-2224, Important)

* A flaw was found in the Linux kernel's Performance Events implementation. On systems with certain Intel processors, a local, unprivileged user could use this flaw to cause a denial of service by leveraging the perf subsystem to write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1 model-specific registers. (CVE-2013-2146, Moderate)

* An invalid pointer dereference flaw was found in the Linux kernel's TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system by using sendmsg() with an IPv6 socket connected to an IPv4 destination. (CVE-2013-2232, Moderate)

* Information leak flaws in the Linux kernel's Bluetooth implementation could allow a local, unprivileged user to leak kernel memory to user-space. (CVE-2012-6544, Low)

* An information leak flaw in the Linux kernel could allow a privileged, local user to leak kernel memory to user-space. (CVE-2013-2237, Low)

In addition, the following bugs and features have been addressed: 995409, 995125, 993251, 985838, 975974

More information on the Red Hat Enterprise Linux 6.4 kernel packages upon which these custom kernel packages are based is available in RHSA-2013:1173:

https://rhn.redhat.com/errata/RHSA-2013-1173.html

All Red Hat OpenStack 3.0 users deploying the OpenStack Networking service are advised to install these updated packages.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258

This Red Hat OpenStack 3.0 kernel may be installed by running this command while logged in as the root user on a system that has the required entitlements and subscriptions attached:

# yum install "kernel-2.6.*.openstack.el6.x86_64"

Documentation for both stable and preview releases of Red Hat OpenStack is available at:

https://access.redhat.com/site/documentation/Red_Hat_OpenStack/

In particular it is highly recommended that all users read the Release Notes document for the relevant Red Hat OpenStack release prior to installation.

5. Bugs fixed (http://bugzilla.redhat.com/):

922414 - CVE-2012-6544 Kernel: Bluetooth: HCI & L2CAP information leaks 971309 - CVE-2013-2146 Kernel: perf/x86: offcore_rsp valid mask for SNB/IVB 976562 - CVE-2013-2206 kernel: sctp: duplicate cookie handling NULL pointer dereference 979936 - CVE-2013-2224 kernel: net: IP_REPOPTS invalid free 981220 - CVE-2013-2237 Kernel: net: af_key: initialize satype in key_notify_policy_flush 981552 - CVE-2013-2232 Kernel: ipv6: using ipv4 vs ipv6 structure during routing lookup in sendmsg

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2013-1195.html

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-20 Improper Input Validation
25 % CWE-200 Information Exposure
25 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18776
 
Oval ID: oval:org.mitre.oval:def:18776
Title: USN-1970-1 -- linux-lts-quantal vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1970-1
CVE-2013-4254
CVE-2013-1819
CVE-2013-2237
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19073
 
Oval ID: oval:org.mitre.oval:def:19073
Title: USN-1973-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1973-1
CVE-2013-4254
CVE-2013-1819
CVE-2013-2237
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19106
 
Oval ID: oval:org.mitre.oval:def:19106
Title: USN-1972-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1972-1
CVE-2013-4254
CVE-2013-1819
CVE-2013-2237
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19211
 
Oval ID: oval:org.mitre.oval:def:19211
Title: USN-1993-1 -- linux-ti-omap4 vulnerability
Description: The system could be made to expose sensitive information to a local user.
Family: unix Class: patch
Reference(s): USN-1993-1
CVE-2013-2237
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19248
 
Oval ID: oval:org.mitre.oval:def:19248
Title: USN-1992-1 -- linux vulnerability
Description: The system could be made to expose sensitive information to a local user.
Family: unix Class: patch
Reference(s): USN-1992-1
CVE-2013-2237
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20847
 
Oval ID: oval:org.mitre.oval:def:20847
Title: RHSA-2013:1173: kernel security and bug fix update (Important)
Description: The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket.
Family: unix Class: patch
Reference(s): RHSA-2013:1173-00
CESA-2013:1173
CVE-2012-6544
CVE-2013-2146
CVE-2013-2206
CVE-2013-2224
CVE-2013-2232
CVE-2013-2237
Version: 87
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21146
 
Oval ID: oval:org.mitre.oval:def:21146
Title: RHSA-2013:1166: kernel security and bug fix update (Important)
Description: The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket.
Family: unix Class: patch
Reference(s): RHSA-2013:1166-00
CESA-2013:1166
CVE-2013-2147
CVE-2013-2164
CVE-2013-2206
CVE-2013-2224
CVE-2013-2232
CVE-2013-2234
CVE-2013-2237
Version: 101
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23299
 
Oval ID: oval:org.mitre.oval:def:23299
Title: VMware ESX updates to third party libraries
Description: A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows local users to cause a denial of service (invalid free operation and system crash) or possibly gain privileges via a sendmsg system call with the IP_RETOPTS option, as demonstrated by hemlock.c. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-3552.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2224
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23361
 
Oval ID: oval:org.mitre.oval:def:23361
Title: ELSA-2013:1166: kernel security and bug fix update (Important)
Description: The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket.
Family: unix Class: patch
Reference(s): ELSA-2013:1166-00
CVE-2013-2147
CVE-2013-2164
CVE-2013-2206
CVE-2013-2224
CVE-2013-2232
CVE-2013-2234
CVE-2013-2237
Version: 33
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23736
 
Oval ID: oval:org.mitre.oval:def:23736
Title: VMware ESX updates to third party libraries
Description: The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel before 3.10 allows local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to an IPv4 interface.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2232
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23835
 
Oval ID: oval:org.mitre.oval:def:23835
Title: VMware ESX updates to third party libraries
Description: The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2237
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23930
 
Oval ID: oval:org.mitre.oval:def:23930
Title: ELSA-2013:1173: kernel security and bug fix update (Important)
Description: The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket.
Family: unix Class: patch
Reference(s): ELSA-2013:1173-00
CVE-2012-6544
CVE-2013-2146
CVE-2013-2206
CVE-2013-2224
CVE-2013-2232
CVE-2013-2237
Version: 29
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24285
 
Oval ID: oval:org.mitre.oval:def:24285
Title: VMware ESX updates to third party libraries
Description: The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2206
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27402
 
Oval ID: oval:org.mitre.oval:def:27402
Title: DEPRECATED: ELSA-2013-1173 -- kernel security and bug fix update (important)
Description: [2.6.32-358.18.1] - [x86] perf/x86: Fix offcore_rsp valid mask for SNB/IVB (Nikola Pajkovsky) [971314 971315] {CVE-2013-2146} - [net] br: fix schedule while atomic issue in br_features_recompute() (Jiri Pirko) [990464 980876] - [scsi] isci: Fix a race condition in the SSP task management path (David Milburn) [990470 978609] - [bluetooth] L2CAP - Fix info leak via getsockname() (Jacob Tanenbaum) [922417 922418] {CVE-2012-6544} - [bluetooth] HCI - Fix info leak in getsockopt() (Jacob Tanenbaum) [922417 922418] {CVE-2012-6544} - [net] tuntap: initialize vlan_features (Vlad Yasevich) [984524 951458] - [net] af_key: initialize satype in key_notify_policy_flush() (Thomas Graf) [981225 981227] {CVE-2013-2237} - [usb] uhci: fix for suspend of virtual HP controller (Gopal) [982697 960026] - [usb] uhci: Remove PCI dependencies from uhci-hub (Gopal) [982697 960026] - [netdrv] bnx2x: Change MDIO clock settings (Michal Schmidt) [982116 901747] - [scsi] st: Take additional queue ref in st_probe (Tomas Henzl) [979293 927988] - [kernel] audit: wait_for_auditd() should use TASK_UNINTERRUPTIBLE (Oleg Nesterov) [982472 962976] - [kernel] audit: avoid negative sleep durations (Oleg Nesterov) [982472 962976] - [fs] ext4/jbd2: dont wait (forever) for stale tid caused by wraparound (Eric Sandeen) [963557 955807] - [fs] jbd: dont wait (forever) for stale tid caused by wraparound (Eric Sandeen) [963557 955807] - [fs] ext4: fix waiting and sending of a barrier in ext4_sync_file() (Eric Sandeen) [963557 955807] - [fs] jbd2: Add function jbd2_trans_will_send_data_barrier() (Eric Sandeen) [963557 955807] - [fs] jbd2: fix sending of data flush on journal commit (Eric Sandeen) [963557 955807] - [fs] ext4: fix fdatasync() for files with only i_size changes (Eric Sandeen) [963557 955807] - [fs] ext4: Initialize fsync transaction ids in ext4_new_inode() (Eric Sandeen) [963557 955807] - [fs] ext4: Rewrite __jbd2_log_start_commit logic to match upstream (Eric Sandeen) [963557 955807] - [net] bridge: Set vlan_features to allow offloads on vlans (Vlad Yasevich) [984524 951458] - [virt] virtio-net: initialize vlan_features (Vlad Yasevich) [984524 951458] - [mm] swap: avoid read_swap_cache_async() race to deadlock while waiting on discard I/O completion (Rafael Aquini) [977668 827548] - [dma] ioat: Fix excessive CPU utilization (John Feeney) [982758 883575] - [fs] vfs: revert most of dcache remove d_mounted (Ian Kent) [974597 907512] - [fs] xfs: don't free EFIs before the EFDs are committed (Carlos Maiolino) [975578 947582] - [fs] xfs: pass shutdown method into xfs_trans_ail_delete_bulk (Carlos Maiolino) [975576 805407] - [net] ipv6: bind() use stronger condition for bind_conflict (Flavio Leitner) [989923 917872] - [net] tcp: bind() use stronger condition for bind_conflict (Flavio Leitner) [977680 894683] - [x86] remove BUG_ON(TS_USEDFPU) in __sanitize_i387_state() (Oleg Nesterov) [956054 920445] - [fs] coredump: ensure the fpu state is flushed for proper multi-threaded core dump (Oleg Nesterov) [956054 920445]
Family: unix Class: patch
Reference(s): ELSA-2013-1173
CVE-2012-6544
CVE-2013-2206
CVE-2013-2224
CVE-2013-2232
CVE-2013-2237
CVE-2013-2146
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27425
 
Oval ID: oval:org.mitre.oval:def:27425
Title: ELSA-2013-1166-1 -- kernel security and bug fix update (important)
Description: kernel [2.6.18-348.16.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Family: unix Class: patch
Reference(s): ELSA-2013-1166-1
CVE-2013-2147
CVE-2013-2164
CVE-2013-2206
CVE-2013-2224
CVE-2013-2232
CVE-2013-2234
CVE-2013-2237
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel
ocfs2
oracleasm
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27469
 
Oval ID: oval:org.mitre.oval:def:27469
Title: DEPRECATED: ELSA-2013-1166 -- kernel security and bug fix update (important)
Description: kernel [2.6.18-348.16.1] - [x86_64] Fix kdump failure due to 'x86_64: Early segment setup' (Paolo Bonzini) [988251 987244] - [xen] skip tracing if it was disabled instead of dying (Igor Mammedov) [987976 967053] - [ia64] fix KABI breakage on ia64 (Prarit Bhargava) [966878 960783] - [x86] fpu: fix CONFIG_PREEMPT=y corruption of FPU stack (Prarit Bhargava) [948187 731531] - [i386] add sleazy FPU optimization (Prarit Bhargava) [948187 731531] - [x86-64] non lazy 'sleazy' fpu implementation (Prarit Bhargava) [948187 731531]
Family: unix Class: patch
Reference(s): ELSA-2013-1166
CVE-2013-2147
CVE-2013-2164
CVE-2013-2206
CVE-2013-2224
CVE-2013-2232
CVE-2013-2234
CVE-2013-2237
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 1854
Os 2

Snort® IPS/IDS

Date Description
2014-05-01 Linux kernel SCTP duplicate cookie denial of service attempt
RuleID : 30326 - Revision : 4 - Type : OS-LINUX

Nessus® Vulnerability Scanner

Date Description
2017-04-03 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_esx_VMSA-2013-0015_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0536-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0189-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1450.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2013-1181.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1264.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-813.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-1034.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140125.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140124.nasl - Type : ACT_GATHER_INFO
2013-12-06 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2013-0015.nasl - Type : ACT_GATHER_INFO
2013-11-22 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-131107.nasl - Type : ACT_GATHER_INFO
2013-11-22 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-131106.nasl - Type : ACT_GATHER_INFO
2013-10-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1992-1.nasl - Type : ACT_GATHER_INFO
2013-10-22 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1995-1.nasl - Type : ACT_GATHER_INFO
2013-10-22 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1998-1.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-218.nasl - Type : ACT_GATHER_INFO
2013-09-30 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2766.nasl - Type : ACT_GATHER_INFO
2013-09-28 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1970-1.nasl - Type : ACT_GATHER_INFO
2013-09-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1972-1.nasl - Type : ACT_GATHER_INFO
2013-09-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-130827.nasl - Type : ACT_GATHER_INFO
2013-09-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-130828.nasl - Type : ACT_GATHER_INFO
2013-09-18 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2546.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1947-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1944-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1943-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1941-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1940-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1939-1.nasl - Type : ACT_GATHER_INFO
2013-09-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1938-1.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-200.nasl - Type : ACT_GATHER_INFO
2013-08-30 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2745.nasl - Type : ACT_GATHER_INFO
2013-08-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2542.nasl - Type : ACT_GATHER_INFO
2013-08-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2543.nasl - Type : ACT_GATHER_INFO
2013-08-29 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130827_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-08-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1173.nasl - Type : ACT_GATHER_INFO
2013-08-28 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1173.nasl - Type : ACT_GATHER_INFO
2013-08-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1173.nasl - Type : ACT_GATHER_INFO
2013-08-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1166.nasl - Type : ACT_GATHER_INFO
2013-08-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1166-1.nasl - Type : ACT_GATHER_INFO
2013-08-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130820_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-08-22 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1166.nasl - Type : ACT_GATHER_INFO
2013-08-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1166.nasl - Type : ACT_GATHER_INFO
2013-07-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1912-1.nasl - Type : ACT_GATHER_INFO
2013-07-30 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1913-1.nasl - Type : ACT_GATHER_INFO
2013-07-19 Name : The remote Fedora host is missing a security update.
File : fedora_2013-12990.nasl - Type : ACT_GATHER_INFO
2013-07-14 Name : The remote Fedora host is missing a security update.
File : fedora_2013-12901.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1034.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-194.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-12530.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1034-1.nasl - Type : ACT_GATHER_INFO
2013-07-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130710_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-07-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1034.nasl - Type : ACT_GATHER_INFO
2013-07-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1034.nasl - Type : ACT_GATHER_INFO
2013-06-25 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-176.nasl - Type : ACT_GATHER_INFO
2013-06-16 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1878-1.nasl - Type : ACT_GATHER_INFO
2013-06-16 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1880-1.nasl - Type : ACT_GATHER_INFO
2013-06-16 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1881-1.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2668.nasl - Type : ACT_GATHER_INFO
2013-04-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1808-1.nasl - Type : ACT_GATHER_INFO
2013-04-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1805-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2013-09-04 00:21:39
  • First insertion