Executive Summary
Summary | |
---|---|
Title | Microsoft Updates for Multiple Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA08-190A | First vendor Publication | 2008-07-08 |
Vendor | US-CERT | Last vendor Modification | 2008-07-08 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.4 | Attack Range | Network |
Cvss Impact Score | 9.2 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft has released updates that address vulnerabilities in Microsoft Windows, Windows Server, Microsoft SQL Server, and Microsoft Outlook Web Access. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Windows Server, Microsoft SQL Server, and Microsoft Outlook Web Access as part of the Microsoft Security Bulletin Summary for July 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. For more information, see the US-CERT Vulnerability Notes Database. II. Impact A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable application to crash. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the July 2008 |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA08-190A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
25 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
25 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
12 % | CWE-331 | Insufficient Entropy |
12 % | CWE-200 | Information Exposure |
12 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
12 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12117 | |||
Oval ID: | oval:org.mitre.oval:def:12117 | ||
Title: | HP-UX Running BIND, Remote DNS Cache Poisoning | ||
Description: | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1447 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13785 | |||
Oval ID: | oval:org.mitre.oval:def:13785 | ||
Title: | Buffer Overrun Vulnerability in SQL Server | ||
Description: | Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0106 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | Microsoft SQL Server 2005 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13936 | |||
Oval ID: | oval:org.mitre.oval:def:13936 | ||
Title: | Memory Corruption Vulnerability in SQL Server | ||
Description: | Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0107 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | Microsoft SQL Server 2000 Microsoft SQL Server 2005 Microsoft SQL Server 2000 Desktop Engine (WMSDE) Windows Internal Database (WYukon) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14052 | |||
Oval ID: | oval:org.mitre.oval:def:14052 | ||
Title: | Convert Buffer Overrun Vulnerability in SQL Server | ||
Description: | Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0086 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | Microsoft SQL Server 2000 Microsoft SQL Server 2000 Desktop Engine (WMSDE) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14213 | |||
Oval ID: | oval:org.mitre.oval:def:14213 | ||
Title: | Memory Page Reuse Vulnerability in SQL Server | ||
Description: | SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating memory, which allows database operators to obtain sensitive information (database contents) via unknown vectors related to memory page reuse. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0085 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | Microsoft SQL Server 2000 Microsoft SQL Server 2005 Microsoft SQL Server 2000 Desktop Engine (WMSDE) Windows Internal Database (WYukon) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17512 | |||
Oval ID: | oval:org.mitre.oval:def:17512 | ||
Title: | USN-627-1 -- dnsmasq vulnerability | ||
Description: | Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Dnsmasq. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-627-1 CVE-2008-1447 | Version: | 7 |
Platform(s): | Ubuntu 8.04 | Product(s): | dnsmasq |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17734 | |||
Oval ID: | oval:org.mitre.oval:def:17734 | ||
Title: | USN-622-1 -- bind9 vulnerability | ||
Description: | Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Bind. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-622-1 CVE-2008-1447 | Version: | 5 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | bind9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18704 | |||
Oval ID: | oval:org.mitre.oval:def:18704 | ||
Title: | DSA-1623-1 dnsmasq - cache poisoning | ||
Description: | Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1623-1 CVE-2008-1447 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | dnsmasq |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18724 | |||
Oval ID: | oval:org.mitre.oval:def:18724 | ||
Title: | DSA-1617-1 refpolicy - incompatible policy | ||
Description: | In DSA-1603-1, Debian released an update to the BIND 9 domain name server, which introduced UDP source port randomization to mitigate the threat of DNS cache poisoning attacks (identified by the Common Vulnerabilities and Exposures project as <a href="http://security-tracker.debian.org/tracker/CVE-2008-1447">CVE-2008-1447</a>). The fix, while correct, was incompatible with the version of SELinux Reference Policy shipped with Debian Etch, which did not permit a process running in the named_t domain to bind sockets to UDP ports other than the standard 'domain' port (53). The incompatibility affects both the 'targeted' and 'strict' policy packages supplied by this version of refpolicy. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1617-1 CVE-2008-1447 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | refpolicy |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19900 | |||
Oval ID: | oval:org.mitre.oval:def:19900 | ||
Title: | DSA-1603-1 bind9 - cache poisoning | ||
Description: | Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1603-1 CVE-2008-1447 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | bind9 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21970 | |||
Oval ID: | oval:org.mitre.oval:def:21970 | ||
Title: | ELSA-2008:0533: bind security update (Important) | ||
Description: | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0533-02 CVE-2008-1447 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | bind selinux-policy-targeted selinux-policy |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22177 | |||
Oval ID: | oval:org.mitre.oval:def:22177 | ||
Title: | ELSA-2008:0789: dnsmasq security update (Moderate) | ||
Description: | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0789-01 CVE-2008-1447 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | dnsmasq |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29167 | |||
Oval ID: | oval:org.mitre.oval:def:29167 | ||
Title: | RHSA-2008:0789 -- dnsmasq security update (Moderate) | ||
Description: | An updated dnsmasq package that implements UDP source-port randomization is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Dnsmasq is lightweight DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. The dnsmasq DNS resolver used a fixed source UDP port. This could have made DNS spoofing attacks easier. dnsmasq has been updated to use random UDP source ports, helping to make DNS spoofing attacks harder. (CVE-2008-1447) All dnsmasq users are advised to upgrade to this updated package, that upgrades dnsmasq to version 2.45, which resolves this issue. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0789 CVE-2008-1447 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | dnsmasq |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5354 | |||
Oval ID: | oval:org.mitre.oval:def:5354 | ||
Title: | OWA For Exchange Server Data Validation XSS Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified e-mail fields, a different vulnerability than CVE-2008-2248. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-2247 | Version: | 1 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | Microsoft Exchange Server |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5380 | |||
Oval ID: | oval:org.mitre.oval:def:5380 | ||
Title: | DNS Cache Poisoning Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority," aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1454 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5600 | |||
Oval ID: | oval:org.mitre.oval:def:5600 | ||
Title: | Windows Saved Search Vulnerability | ||
Description: | Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1435 | Version: | 3 |
Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5695 | |||
Oval ID: | oval:org.mitre.oval:def:5695 | ||
Title: | OWA For Exchange Server Parsing XSS Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified HTML, a different vulnerability than CVE-2008-2247. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-2248 | Version: | 1 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | Microsoft Exchange Server |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5725 | |||
Oval ID: | oval:org.mitre.oval:def:5725 | ||
Title: | DNS Insufficient Socket Entropy Vulnerability | ||
Description: | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1447 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5761 | |||
Oval ID: | oval:org.mitre.oval:def:5761 | ||
Title: | HP-UX Running BIND, Remote DNS Cache Poisoning | ||
Description: | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1447 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5917 | |||
Oval ID: | oval:org.mitre.oval:def:5917 | ||
Title: | Security Vulnerability in the DNS Protocol May Lead to DNS Cache Poisoning | ||
Description: | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1447 | Version: | 1 |
Platform(s): | Sun Solaris 8 Sun Solaris 9 Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7531 | |||
Oval ID: | oval:org.mitre.oval:def:7531 | ||
Title: | DSA-1623 dnsmasq -- DNS cache poisoning | ||
Description: | Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. This update changes Debian's dnsmasq packages to implement the recommended countermeasure: UDP query source port randomization. This change increases the size of the space from which an attacker has to guess values in a backwards-compatible fashion and makes successful attacks significantly more difficult. This update also switches the random number generator to Dan Bernstein's SURF. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1623 CVE-2008-1447 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | dnsmasq |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7660 | |||
Oval ID: | oval:org.mitre.oval:def:7660 | ||
Title: | DSA-1617 refpolicy -- incompatible policy | ||
Description: | In DSA-1603-1, Debian released an update to the BIND 9 domain name server, which introduced UDP source port randomization to mitigate the threat of DNS cache poisoning attacks (identified by the Common Vulnerabilities and Exposures project as CVE-2008-1447). The fix, while correct, was incompatible with the version of SELinux Reference Policy shipped with Debian Etch, which did not permit a process running in the named_t domain to bind sockets to UDP ports other than the standard "domain" port (53). The incompatibility affects both the "targeted" and "strict" policy packages supplied by this version of refpolicy. This update to the refpolicy packages grants the ability to bind to arbitrary UDP ports to named_t processes. When installed, the updated packages will attempt to update the bind policy module on systems where it had been previously loaded and where the previous version of refpolicy was 0.0.20061018-5 or below. Because the Debian refpolicy packages are not yet designed with policy module upgradeability in mind, and because SELinux-enabled Debian systems often have some degree of site-specific policy customization, it is difficult to assure that the new bind policy can be successfully upgraded. To this end, the package upgrade will not abort if the bind policy update fails. The new policy module can be found at /usr/share/selinux/refpolicy-targeted/bind.pp after installation. Administrators wishing to use the bind service policy can reconcile any policy incompatibilities and install the upgrade manually thereafter. A more detailed discussion of the corrective procedure may be found on http://wiki.debian.org/SELinux/Issues/BindPortRandomization. For the stable distribution (etch), this problem has been fixed in version 0.0.20061018-5.1+etch1. The unstable distribution (sid) is not affected, as subsequent refpolicy releases have incorporated an analogous change. We recommend that you upgrade your refpolicy packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1617 CVE-2008-1447 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | refpolicy |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8092 | |||
Oval ID: | oval:org.mitre.oval:def:8092 | ||
Title: | DSA-1603 bind9 -- DNS cache poisoning | ||
Description: | Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. This update changes Debian's BIND 9 packages to implement the recommended countermeasure: UDP query source port randomization. This change increases the size of the space from which an attacker has to guess values in a backwards-compatible fashion and makes successful attacks significantly more difficult. Note that this security update changes BIND network behavior in a fundamental way, and the following steps are recommended to ensure a smooth upgrade. 1. Make sure that your network configuration is compatible with source port randomization. If you guard your resolver with a stateless packet filter, you may need to make sure that no non-DNS services listen on the 1024--65535 UDP port range and open it at the packet filter. For instance, packet filters based on etch's Linux 2.6.18 kernel only support stateless filtering of IPv6 packets, and therefore pose this additional difficulty. (If you use IPv4 with iptables and ESTABLISHED rules, networking changes are likely not required.) 2. Install the BIND 9 upgrade, using "apt-get update" followed by "apt-get install bind9". Verify that the named process has been restarted and answers recursive queries. (If all queries result in timeouts, this indicates that networking changes are necessary; see the first step.) 3. Verify that source port randomization is active. Check that the /var/log/daemon.log file does not contain messages of the following form right after the "listening on IPv6 interface" and "listening on IPv4 interface" messages logged by BIND upon startup. If these messages are present, you should remove the indicated lines from the configuration, or replace the port numbers contained within them with "*" sign (e.g., replace "port 53" with "port *"). For additional certainty, use tcpdump or some other network monitoring tool to check for varying UDP source ports. If there is a NAT device in front of your resolver, make sure that it does not defeat the effect of source port randomization. 4. If you cannot activate source port randomization, consider configuring BIND 9 to forward queries to a resolver which can, possibly over a VPN such as OpenVPN to create the necessary trusted network link. (Use BIND's forward-only mode in this case.) Other caching resolvers distributed by Debian (PowerDNS, MaraDNS, Unbound) already employ source port randomization, and no updated packages are needed. BIND 9.5 up to and including version 1:9.5.0.dfsg-4 only implements a weak form of source port randomization and needs to be updated as well. For information on BIND 8, see DSA-1604-1, and for the status of the libc stub resolver, see DSA-1605-1. The updated bind9 packages contain changes originally scheduled for the next stable point release, including the changed IP address of L.ROOT-SERVERS.NET (Debian bug #449148). | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1603 CVE-2008-1447 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | bind9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9627 | |||
Oval ID: | oval:org.mitre.oval:def:9627 | ||
Title: | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." | ||
Description: | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1447 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2008-07-25 | BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c) |
2008-07-24 | BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py) |
2008-07-23 | BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta) |
OpenVAS Exploits
Date | Description |
---|---|
2012-10-03 | Name : Gentoo Security Advisory GLSA 201209-25 (vmware-server vmware-player vmware-w... File : nvt/glsa_201209_25.nasl |
2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
2010-05-12 | Name : Mac OS X 10.5.5 Update / Security Update 2008-006 File : nvt/macosx_upd_10_5_5_secupd_2008-006.nasl |
2010-05-12 | Name : Mac OS X Security Update 2008-005 File : nvt/macosx_secupd_2008-005.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for bind File : nvt/sles10_bind0.nasl |
2009-10-10 | Name : SLES9: Security update for bind File : nvt/sles9p5030189.nasl |
2009-05-05 | Name : HP-UX Update for BIND HPSBUX02351 File : nvt/gb_hp_ux_HPSBUX02351.nasl |
2009-04-09 | Name : Mandriva Update for bind MDVSA-2008:139 (bind) File : nvt/gb_mandriva_MDVSA_2008_139.nasl |
2009-03-23 | Name : Ubuntu Update for ruby1.8 vulnerabilities USN-651-1 File : nvt/gb_ubuntu_USN_651_1.nasl |
2009-03-23 | Name : Ubuntu Update for dnsmasq vulnerability USN-627-1 File : nvt/gb_ubuntu_USN_627_1.nasl |
2009-03-23 | Name : Ubuntu Update for bind9 vulnerability USN-622-1 File : nvt/gb_ubuntu_USN_622_1.nasl |
2009-03-06 | Name : RedHat Update for dnsmasq RHSA-2008:0789-01 File : nvt/gb_RHSA-2008_0789-01_dnsmasq.nasl |
2009-03-06 | Name : RedHat Update for bind RHSA-2008:0533-01 File : nvt/gb_RHSA-2008_0533-01_bind.nasl |
2009-02-27 | Name : CentOS Update for bind CESA-2008:0533-03 centos2 i386 File : nvt/gb_CESA-2008_0533-03_bind_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for bind CESA-2008:0533 centos4 x86_64 File : nvt/gb_CESA-2008_0533_bind_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for bind CESA-2008:0533 centos4 i386 File : nvt/gb_CESA-2008_0533_bind_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for bind CESA-2008:0533 centos3 x86_64 File : nvt/gb_CESA-2008_0533_bind_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for bind CESA-2008:0533 centos3 i386 File : nvt/gb_CESA-2008_0533_bind_centos3_i386.nasl |
2009-02-18 | Name : Fedora Core 9 FEDORA-2009-1069 (dnsmasq) File : nvt/fcore_2009_1069.nasl |
2009-02-17 | Name : Fedora Update for ruby FEDORA-2008-8736 File : nvt/gb_fedora_2008_8736_ruby_fc8.nasl |
2009-02-17 | Name : Fedora Update for ruby FEDORA-2008-8738 File : nvt/gb_fedora_2008_8738_ruby_fc9.nasl |
2009-02-17 | Name : Fedora Update for bind FEDORA-2008-6281 File : nvt/gb_fedora_2008_6281_bind_fc8.nasl |
2009-02-17 | Name : Fedora Update for bind FEDORA-2008-6256 File : nvt/gb_fedora_2008_6256_bind_fc9.nasl |
2009-01-23 | Name : SuSE Update for bind SUSE-SA:2008:033 File : nvt/gb_suse_2008_033.nasl |
2009-01-23 | Name : SuSE Update for openwsman SUSE-SA:2008:041 File : nvt/gb_suse_2008_041.nasl |
2009-01-20 | Name : Fedora Core 9 FEDORA-2009-0350 (bind) File : nvt/fcore_2009_0350.nasl |
2009-01-13 | Name : Gentoo Security Advisory GLSA 200901-03 (pdnsd) File : nvt/glsa_200901_03.nasl |
2008-12-23 | Name : Gentoo Security Advisory GLSA 200812-17 (ruby) File : nvt/glsa_200812_17.nasl |
2008-10-14 | Name : MS SQL Server Elevation of Privilege Vulnerabilities (941203) File : nvt/gb_ms08-040.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200809-02 (dnsmasq) File : nvt/glsa_200809_02.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200807-08 (bind) File : nvt/glsa_200807_08.nasl |
2008-09-04 | Name : FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma File : nvt/freebsd_ruby9.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-08:06.bind.asc) File : nvt/freebsdsa_bind5.nasl |
2008-08-22 | Name : Vulnerabilities in DNS Could Allow Spoofing (953230) File : nvt/secpod_ms08-037_900005.nasl |
2008-08-22 | Name : Outlook Web Access for Exchange Server Elevation of Privilege (953747) File : nvt/secpod_ms08-039_900007.nasl |
2008-08-15 | Name : Debian Security Advisory DSA 1623-1 (dnsmasq) File : nvt/deb_1623_1.nasl |
2008-08-15 | Name : Debian Security Advisory DSA 1619-1 (python-dns) File : nvt/deb_1619_1.nasl |
2008-08-15 | Name : Debian Security Advisory DSA 1617-1 (refpolicy) File : nvt/deb_1617_1.nasl |
2008-07-15 | Name : Debian Security Advisory DSA 1603-1 (bind9) File : nvt/deb_1603_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-334-01 ruby File : nvt/esoft_slk_ssa_2008_334_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-205-01 dnsmasq File : nvt/esoft_slk_ssa_2008_205_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-191-02 bind File : nvt/esoft_slk_ssa_2008_191_02.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
53917 | HP Multiple Products DNS Query ID Field Prediction Cache Poisoning |
53530 | Check Point DNS Query ID Field Prediction Cache Poisoning |
48256 | Ingate Firewall/SIParator DNS Query ID Field Prediction Cache Poisoning |
48244 | pdnsd DNS Query ID Field Prediction Cache Poisoning |
48186 | Apple Mac OS X DNS Query ID Field Prediction Cache Poisoning |
47927 | Nortel Business Communications Manager DNS Query ID Field Prediction Cache Po... |
47926 | Astaro Security Gateway DNS Query ID Field Prediction Cache Poisoning |
47916 | Citrix Access Gateway DNS Query ID Field Prediction Cache Poisoning |
47660 | VitalQIP DNS Query ID Field Prediction Cache Poisoning |
47588 | Yamaha RT Series Routers DNS Query ID Field Prediction Cache Poisoning |
47546 | Astaro Security Gateway DNS Proxy DNS Query ID Field Prediction Cache Poisoning |
47510 | Dnsmasq DNS Query ID Field Prediction Cache Poisoning |
47233 | Secure Computing Sidewinder / CyberGuard DNS Query ID Field Prediction Cache ... |
47232 | F5 Multiple Product DNS Query ID Field Prediction Cache Poisoning |
46916 | Juniper Networks Multiple Products DNS Query ID Field Prediction Cache Poisoning |
46837 | Solaris named(1M) DNS Query ID Field Prediction Cache Poisoning Solaris contains a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity. |
46836 | Nominum CNS / Vantio DNS Query ID Field Prediction Cache Poisoning |
46786 | Cisco Multiple Products DNS Query ID Field Prediction Cache Poisoning Multiple Cisco products contain a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity. |
46780 | Microsoft Outlook Web Access (OWA) HTML Parsing Unspecified XSS |
46779 | Microsoft Outlook Web Access (OWA) Data Validation Unspecified XSS Microsoft OWA contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate email fields from withing a users session. This could allow an attacker the ability to execute malicious script in the security context of the victims OWA session via a specially crafted email, and read, send, and delete emails as the logged-on user leading to a loss of integrity. |
46778 | Microsoft Windows DNS Query ID Field Prediction Cache Poisoning Microsoft Windows contains a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity. |
46777 | Microsoft Windows DNS Socket Entropy Weakness Cache Poisoning Windows contains a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity. |
46776 | ISC BIND DNS Query ID Field Prediction Cache Poisoning BIND contains a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity. |
46774 | Microsoft Windows Explorer Saved Search File Handling DoS |
46773 | Microsoft SQL Server Memory Page Reuse Information Disclosure |
46772 | Microsoft SQL Server Convert Function Overflow |
46771 | Microsoft SQL Server Stored Backup File Processing Memory Corruption Arbitrar... |
46770 | Microsoft SQL Server Crafted Insert Statement Overflow |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-05-12 | IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0027158 |
2008-07-17 | IAVM : 2008-A-0045 - DNS Protocol Cache Poisoning Vulnerability Severity : Category I - VMSKEY : V0016170 |
2008-07-10 | IAVM : 2008-T-0033 - Multiple Vulnerabilities in Microsoft Outlook Web Access Severity : Category II - VMSKEY : V0016150 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | MSSQL CONVERT function unicode buffer overflow attempt RuleID : 21085 - Revision : 3 - Type : SERVER-MSSQL |
2014-01-10 | MSSQL CONVERT function buffer overflow attempt RuleID : 21084 - Revision : 3 - Type : SERVER-MSSQL |
2014-01-10 | Microsoft SQL Server INSERT Statement Buffer Overflow attempt RuleID : 17307 - Revision : 7 - Type : SERVER-MSSQL |
2014-01-10 | Microsoft Windows DNS server spoofing attempt RuleID : 16206 - Revision : 12 - Type : OS-WINDOWS |
2014-01-10 | Suspicious ansi_padding option RuleID : 16075 - Revision : 7 - Type : SQL |
2014-01-10 | Suspicious ansi_padding option RuleID : 16074 - Revision : 4 - Type : SQL |
2014-01-10 | MS-SQL convert function unicode overflow RuleID : 16073 - Revision : 8 - Type : OS-WINDOWS |
2014-01-10 | excessive outbound NXDOMAIN replies - possible spoof of domain run by local D... RuleID : 13949 - Revision : 17 - Type : PROTOCOL-DNS |
2014-01-10 | large number of NXDOMAIN replies - possible DNS cache poisoning RuleID : 13948 - Revision : 13 - Type : PROTOCOL-DNS |
2014-01-10 | Microsoft SQL server MTF file download RuleID : 13896 - Revision : 14 - Type : SERVER-MSSQL |
2014-01-10 | Microsoft Office Outlook Web Access invalid CSS escape sequence script execut... RuleID : 13895 - Revision : 16 - Type : SERVER-MAIL |
2014-01-10 | Microsoft Office Outlook Web Access From field cross-site scripting attempt RuleID : 13894 - Revision : 19 - Type : SERVER-MAIL |
2014-01-10 | Microsoft malformed saved search heap corruption attempt RuleID : 13893 - Revision : 17 - Type : FILE-OTHER |
2014-01-10 | Convert function style overwrite RuleID : 13892 - Revision : 9 - Type : SERVER-MSSQL |
2014-01-10 | Memory page overwrite attempt RuleID : 13891 - Revision : 10 - Type : SERVER-MSSQL |
2014-01-10 | Microsoft SQL Server Backup Database File integer overflow attempt RuleID : 13890 - Revision : 13 - Type : FILE-OTHER |
2014-01-10 | Microsoft SQL Server Backup Database File integer overflow attempt RuleID : 13889 - Revision : 13 - Type : FILE-OTHER |
2014-01-10 | Microsoft SQL Server Backup Database File integer overflow attempt RuleID : 13888 - Revision : 13 - Type : FILE-OTHER |
2014-01-10 | dns root nameserver poisoning attempt RuleID : 13887 - Revision : 12 - Type : PROTOCOL-DNS |
2014-01-10 | dns cache poisoning attempt RuleID : 13667 - Revision : 19 - Type : PROTOCOL-DNS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-04-21 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2009-0022.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL8938.nasl - Type : ACT_GATHER_INFO |
2014-03-05 | Name : The DNS server running on the remote host is vulnerable to DNS spoofing attacks. File : ms_dns_kb951746.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0789.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0533.nasl - Type : ACT_GATHER_INFO |
2012-10-01 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-25.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080811_dnsmasq_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080711_bind_on_SL_3_0_x.nasl - Type : ACT_GATHER_INFO |
2011-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-191-02.nasl - Type : ACT_GATHER_INFO |
2011-02-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO |
2010-09-01 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20080708-dnshttp.nasl - Type : ACT_GATHER_INFO |
2010-09-01 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20080924-iosipshttp.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12197.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2008-0014.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_bind-080708.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_dnsmasq-080813.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-651-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-139.nasl - Type : ACT_GATHER_INFO |
2009-02-17 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1069.nasl - Type : ACT_GATHER_INFO |
2009-01-12 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200901-03.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200812-17.nasl - Type : ACT_GATHER_INFO |
2008-12-01 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-334-01.nasl - Type : ACT_GATHER_INFO |
2008-10-10 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8738.nasl - Type : ACT_GATHER_INFO |
2008-09-29 | Name : The remote SQL server is affected by multiple vulnerabilities. File : smb_kb941203.nasl - Type : ACT_GATHER_INFO |
2008-09-16 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_5.nasl - Type : ACT_GATHER_INFO |
2008-09-16 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-006.nasl - Type : ACT_GATHER_INFO |
2008-09-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200809-02.nasl - Type : ACT_GATHER_INFO |
2008-08-17 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_959d384d6b5911dd9d79001fc61c2a55.nasl - Type : ACT_GATHER_INFO |
2008-08-15 | Name : The remote openSUSE host is missing a security update. File : suse_dnsmasq-5512.nasl - Type : ACT_GATHER_INFO |
2008-08-12 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_37865.nasl - Type : ACT_GATHER_INFO |
2008-08-12 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0789.nasl - Type : ACT_GATHER_INFO |
2008-08-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1623.nasl - Type : ACT_GATHER_INFO |
2008-08-01 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-005.nasl - Type : ACT_GATHER_INFO |
2008-07-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1617.nasl - Type : ACT_GATHER_INFO |
2008-07-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1619.nasl - Type : ACT_GATHER_INFO |
2008-07-24 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-205-01.nasl - Type : ACT_GATHER_INFO |
2008-07-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-627-1.nasl - Type : ACT_GATHER_INFO |
2008-07-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200807-08.nasl - Type : ACT_GATHER_INFO |
2008-07-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_bind-5409.nasl - Type : ACT_GATHER_INFO |
2008-07-15 | Name : The remote openSUSE host is missing a security update. File : suse_bind-5410.nasl - Type : ACT_GATHER_INFO |
2008-07-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-622-1.nasl - Type : ACT_GATHER_INFO |
2008-07-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0533.nasl - Type : ACT_GATHER_INFO |
2008-07-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1603.nasl - Type : ACT_GATHER_INFO |
2008-07-10 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6256.nasl - Type : ACT_GATHER_INFO |
2008-07-10 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6281.nasl - Type : ACT_GATHER_INFO |
2008-07-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0533.nasl - Type : ACT_GATHER_INFO |
2008-07-09 | Name : The remote name resolver (or the server it uses upstream) is affected by a DN... File : dns_non_random_source_ports.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote host is vulnerable to DNS spoofing attacks. File : smb_nt_ms08-037.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : Vulnerabilities in the Windows Shell may allow an attacker to execute privile... File : smb_nt_ms08-038.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote web server is vulnerable to cross-site scripting issues. File : smb_nt_ms08-039.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote Microsoft SQL Server install is vulnerable to memory corruption fl... File : smb_nt_ms08-040.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote host is missing Sun Security Patch number 114265-23 File : solaris9_x86_114265.nasl - Type : ACT_GATHER_INFO |
2007-09-25 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_36973.nasl - Type : ACT_GATHER_INFO |
2007-09-25 | Name : The remote host is missing Sun Security Patch number 112837-24 File : solaris9_112837.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 109326-24 File : solaris8_109326.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 109327-24 File : solaris8_x86_109327.nasl - Type : ACT_GATHER_INFO |