Executive Summary

Summary
Title OpenSSL vulnerabilities
Informations
Name USN-2459-1 First vendor Publication 2015-01-12
Vendor Ubuntu Last vendor Modification 2015-01-12
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in OpenSSL.

Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools

Details:

Pieter Wuille discovered that OpenSSL incorrectly handled Bignum squaring. (CVE-2014-3570)

Markus Stenberg discovered that OpenSSL incorrectly handled certain crafted DTLS messages. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2014-3571)

Karthikeyan Bhargavan discovered that OpenSSL incorrectly handled certain handshakes. A remote attacker could possibly use this issue to downgrade to ECDH, removing forward secrecy from the ciphersuite. (CVE-2014-3572)

Antti Karjalainen, Tuomo Untinen and Konrad Kraszewski discovered that OpenSSL incorrectly handled certain certificate fingerprints. A remote attacker could possibly use this issue to trick certain applications that rely on the uniqueness of fingerprints. (CVE-2014-8275)

Karthikeyan Bhargavan discovered that OpenSSL incorrectly handled certain key exchanges. A remote attacker could possibly use this issue to downgrade the security of the session to EXPORT_RSA. (CVE-2015-0204)

Karthikeyan Bhargavan discovered that OpenSSL incorrectly handled client authentication. A remote attacker could possibly use this issue to authenticate without the use of a private key in certain limited scenarios. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-0205)

Chris Mueller discovered that OpenSSL incorrect handled memory when processing DTLS records. A remote attacker could use this issue to cause OpenSSL to consume resources, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-0206)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.10:
libssl1.0.0 1.0.1f-1ubuntu9.1

Ubuntu 14.04 LTS:
libssl1.0.0 1.0.1f-1ubuntu2.8

Ubuntu 12.04 LTS:
libssl1.0.0 1.0.1-4ubuntu5.21

Ubuntu 10.04 LTS:
libssl0.9.8 0.9.8k-7ubuntu8.23

After a standard system update you need to reboot your computer to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2459-1
CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275,
CVE-2015-0204, CVE-2015-0205, CVE-2015-0206

Package Information:
https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu9.1
https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.8
https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.21
https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.23

Original Source

Url : http://www.ubuntu.com/usn/USN-2459-1

CWE : Common Weakness Enumeration

% Id Name
83 % CWE-310 Cryptographic Issues
17 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28564
 
Oval ID: oval:org.mitre.oval:def:28564
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0204
 Version: 6
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28606
 
Oval ID: oval:org.mitre.oval:def:28606
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message.
Family: unix Class: vulnerability
Reference(s): CVE-2014-3572
 Version: 4
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28751
 
Oval ID: oval:org.mitre.oval:def:28751
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.
Family: unix Class: vulnerability
Reference(s): CVE-2014-3570
 Version: 4
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28778
 
Oval ID: oval:org.mitre.oval:def:28778
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c.
Family: unix Class: vulnerability
Reference(s): CVE-2014-3571
 Version: 4
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28810
 
Oval ID: oval:org.mitre.oval:def:28810
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c.
Family: unix Class: vulnerability
Reference(s): CVE-2014-8275
 Version: 4
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 279

Information Assurance Vulnerability Management (IAVM)

Date Description
2015-09-03 IAVM : 2015-B-0106 - Multiple Vulnerabilities in HP Version Control Repository Manager
Severity : Category I - VMSKEY : V0061359
2015-07-16 IAVM : 2015-A-0154 - Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0061081
2015-07-16 IAVM : 2015-A-0160 - Multiple Vulnerabilities in Oracle Linux and Virtualization
Severity : Category I - VMSKEY : V0061123

Snort® IPS/IDS

Date Description
2019-10-01 OpenSSL DTLS duplicate record denial of service attempt
RuleID : 51359 - Revision : 1 - Type : SERVER-OTHER
2019-10-01 OpenSSL DTLS duplicate record denial of service attempt
RuleID : 51358 - Revision : 1 - Type : SERVER-OTHER
2019-10-01 OpenSSL DTLS duplicate record denial of service attempt
RuleID : 51357 - Revision : 1 - Type : SERVER-OTHER
2019-10-01 OpenSSL DTLS duplicate record denial of service attempt
RuleID : 51356 - Revision : 1 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33806 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33805 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33804 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33803 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33802 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33801 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33800 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33799 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33798 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33797 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33796 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33795 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33794 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33793 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33792 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33791 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33790 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33789 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33788 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33787 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33786 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade cipher suite attempt
RuleID : 33785 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33784 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33783 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33782 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33781 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33780 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33779 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33778 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33777 - Revision : 6 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33703 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33702 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33701 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33700 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33699 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33698 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33697 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33696 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33695 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33694 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33693 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33692 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33691 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33690 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33689 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33688 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33687 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33686 - Revision : 2 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2017-12-07 Name : The remote host is potentially affected by an SSL/TLS vulnerability.
File : check_point_gaia_sk103683.nasl - Type : ACT_GATHER_INFO
2016-07-22 Name : The remote database server is affected by multiple vulnerabilities.
File : oracle_rdbms_cpu_jul_2016.nasl - Type : ACT_GATHER_INFO
2016-06-23 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2016-0086.nasl - Type : ACT_GATHER_INFO
2016-06-22 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2016-0071.nasl - Type : ACT_GATHER_INFO
2016-03-29 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_2_6.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-294.nasl - Type : ACT_GATHER_INFO
2016-01-14 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0113-1.nasl - Type : ACT_GATHER_INFO
2016-01-06 Name : The remote database server is affected by multiple vulnerabilities.
File : db2_105fp7_win.nasl - Type : ACT_GATHER_INFO
2016-01-06 Name : The remote database server is affected by multiple vulnerabilities.
File : db2_105fp7_nix.nasl - Type : ACT_GATHER_INFO
2015-12-30 Name : A web application on the remote host is affected by multiple vulnerabilities.
File : puppet_enterprise_380.nasl - Type : ACT_GATHER_INFO
2015-12-16 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2168-2.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15r.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15av.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by a man-in-the-middle vulnerabi...
File : xerox_xrx15ap.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15am.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15aj.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15ad_colorqube.nasl - Type : ACT_GATHER_INFO
2015-12-09 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2216-1.nasl - Type : ACT_GATHER_INFO
2015-12-04 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2182-1.nasl - Type : ACT_GATHER_INFO
2015-12-03 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2168-1.nasl - Type : ACT_GATHER_INFO
2015-12-03 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2166-1.nasl - Type : ACT_GATHER_INFO
2015-10-19 Name : The remote printer is affected by a security bypass vulnerability known as FR...
File : lexmark_printer_TE701.nasl - Type : ACT_GATHER_INFO
2015-10-05 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16139.nasl - Type : ACT_GATHER_INFO
2015-09-04 Name : The remote Linux host has an application installed that is affected by multip...
File : hp_version_control_repo_manager_7_5_0_nix.nasl - Type : ACT_GATHER_INFO
2015-09-04 Name : The remote Windows host has an application installed that is affected by mult...
File : hp_version_control_repo_manager_7_5_0_0.nasl - Type : ACT_GATHER_INFO
2015-07-27 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-507.nasl - Type : ACT_GATHER_INFO
2015-07-22 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_5.nasl - Type : ACT_GATHER_INFO
2015-06-29 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1086-4.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1138-1.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1086-3.nasl - Type : ACT_GATHER_INFO
2015-06-23 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1086-2.nasl - Type : ACT_GATHER_INFO
2015-06-19 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1086-1.nasl - Type : ACT_GATHER_INFO
2015-06-19 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1085-1.nasl - Type : ACT_GATHER_INFO
2015-06-10 Name : The remote AIX host has a version of Java SDK installed that is affected by m...
File : aix_java_april2015_advisory.nasl - Type : ACT_GATHER_INFO
2015-06-09 Name : The remote Windows host has VPN client software installed that is affected by...
File : smb_kb3062760.nasl - Type : ACT_GATHER_INFO
2015-06-04 Name : The remote web server is running an application that is affected by multiple ...
File : splunk_618.nasl - Type : ACT_GATHER_INFO
2015-05-27 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0946-1.nasl - Type : ACT_GATHER_INFO
2015-05-19 Name : The remote Apache Tomcat server is affected by multiple vulnerabilities.
File : tomcat_8_0_21.nasl - Type : ACT_GATHER_INFO
2015-05-19 Name : The remote Apache Tomcat server is affected by multiple vulnerabilities.
File : tomcat_7_0_60.nasl - Type : ACT_GATHER_INFO
2015-05-19 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20150310-ssl-nxos.nasl - Type : ACT_GATHER_INFO
2015-05-15 Name : The remote Apache Tomcat server is affected by multiple vulnerabilities.
File : tomcat_6_0_44.nasl - Type : ACT_GATHER_INFO
2015-04-21 Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_jsa10679.nasl - Type : ACT_GATHER_INFO
2015-04-21 Name : The remote device is missing a vendor-supplied security patch.
File : juniper_jsa10679.nasl - Type : ACT_GATHER_INFO
2015-04-16 Name : The remote Windows host contains a programming platform that is affected by m...
File : oracle_java_cpu_apr_2015.nasl - Type : ACT_GATHER_INFO
2015-04-16 Name : The remote Windows host contains a programming platform that is affected by m...
File : oracle_jrockit_cpu_apr_2015.nasl - Type : ACT_GATHER_INFO
2015-04-16 Name : The remote Unix host contains a programming platform that is affected by mult...
File : oracle_java_cpu_apr_2015_unix.nasl - Type : ACT_GATHER_INFO
2015-04-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0800.nasl - Type : ACT_GATHER_INFO
2015-04-14 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150413_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-04-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0800.nasl - Type : ACT_GATHER_INFO
2015-04-14 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0800.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2015-004.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_10_3.nasl - Type : ACT_GATHER_INFO
2015-04-09 Name : The remote device is affected by a security feature bypass vulnerability.
File : bluecoat_proxy_sg_6_5_6_2.nasl - Type : ACT_GATHER_INFO
2015-03-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-063.nasl - Type : ACT_GATHER_INFO
2015-03-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-062.nasl - Type : ACT_GATHER_INFO
2015-03-27 Name : The remote Windows host has an application that is affected by the FREAK vuln...
File : blackberry_es_freak_kb36811.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-132.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote host is affected by multiple vulnerabilities.
File : cisco_anyconnect_3_1_7021.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote host is affected by multiple vulnerabilities.
File : macosx_cisco_anyconnect_3_1_7021.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201503-11.nasl - Type : ACT_GATHER_INFO
2015-03-20 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_9d15355bce7c11e49db0d050992ecde8.nasl - Type : ACT_GATHER_INFO
2015-03-18 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0030.nasl - Type : ACT_GATHER_INFO
2015-03-17 Name : The remote Mac OS X host has a web browser installed that is affected by the ...
File : macosx_opera_28_0_1750_40.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote web server contains an application that is affected by multiple vu...
File : splunk_622.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote host is affected by multiple vulnerabilities.
File : mcafee_firewall_enterprise_SB10102.nasl - Type : ACT_GATHER_INFO
2015-03-10 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0029.nasl - Type : ACT_GATHER_INFO
2015-03-05 Name : The remote Mac OS X host contains a web browser that is affected by multiple ...
File : macosx_google_chrome_41_0_2272_76.nasl - Type : ACT_GATHER_INFO
2015-03-04 Name : The remote host supports a set of weak ciphers.
File : ssl_rsa_export_supported_ciphers.nasl - Type : ACT_GATHER_INFO
2015-02-18 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16135.nasl - Type : ACT_GATHER_INFO
2015-02-18 Name : The remote AIX host has a version of OpenSSL installed that is affected by mu...
File : aix_openssl_advisory12.nasl - Type : ACT_GATHER_INFO
2015-02-18 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16126.nasl - Type : ACT_GATHER_INFO
2015-02-12 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16123.nasl - Type : ACT_GATHER_INFO
2015-02-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libopenssl-devel-150112.nasl - Type : ACT_GATHER_INFO
2015-02-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_compat-openssl097g-150122.nasl - Type : ACT_GATHER_INFO
2015-01-26 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-67.nasl - Type : ACT_GATHER_INFO
2015-01-23 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0005.nasl - Type : ACT_GATHER_INFO
2015-01-23 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_f9c388c5a25611e4992a7b2a515a1247.nasl - Type : ACT_GATHER_INFO
2015-01-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150121_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0066.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0066.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote Fedora host is missing a security update.
File : fedora_2015-0601.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0066.nasl - Type : ACT_GATHER_INFO
2015-01-16 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_1k.nasl - Type : ACT_GATHER_INFO
2015-01-16 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_0p.nasl - Type : ACT_GATHER_INFO
2015-01-16 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_0_9_8zd.nasl - Type : ACT_GATHER_INFO
2015-01-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2459-1.nasl - Type : ACT_GATHER_INFO
2015-01-13 Name : The remote Fedora host is missing a security update.
File : fedora_2015-0512.nasl - Type : ACT_GATHER_INFO
2015-01-13 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-469.nasl - Type : ACT_GATHER_INFO
2015-01-12 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2015-009-01.nasl - Type : ACT_GATHER_INFO
2015-01-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3125.nasl - Type : ACT_GATHER_INFO
2015-01-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-019.nasl - Type : ACT_GATHER_INFO
2015-01-09 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_4e536c14979111e4977dd050992ecde8.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Date Informations
2016-12-07 09:26:11
  • Multiple Updates
2016-12-03 09:26:46
  • Multiple Updates
2016-10-26 09:24:14
  • Multiple Updates
2016-10-25 09:23:23
  • Multiple Updates
2016-09-28 09:25:11
  • Multiple Updates
2016-08-09 09:25:36
  • Multiple Updates
2016-07-21 12:09:58
  • Multiple Updates
2016-04-27 06:13:01
  • Multiple Updates
2016-04-27 06:12:57
  • Multiple Updates
2016-04-12 05:36:42
  • Multiple Updates
2016-04-07 09:28:04
  • Multiple Updates
2016-01-22 09:26:53
  • Multiple Updates
2015-04-24 00:32:32
  • Multiple Updates
2015-04-22 00:36:49
  • Multiple Updates
2015-04-14 09:32:35
  • Multiple Updates
2015-04-02 01:06:43
  • Multiple Updates
2015-03-27 09:32:15
  • Multiple Updates
2015-03-24 09:36:33
  • Multiple Updates
2015-03-21 00:36:05
  • Multiple Updates
2015-03-20 00:36:58
  • Multiple Updates
2015-03-17 09:32:21
  • Multiple Updates
2015-03-05 09:26:23
  • Multiple Updates
2015-02-21 09:29:32
  • Multiple Updates
2015-01-14 13:23:39
  • Multiple Updates
2015-01-12 21:26:41
  • First insertion