Executive Summary

Summary
Title Firefox vulnerabilities
Informations
Name USN-2656-2 First vendor Publication 2015-07-15
Vendor Ubuntu Last vendor Modification 2015-07-15
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Firefox could be made to crash or run programs as your login if it opened a malicious website.

Software Description: - firefox: Mozilla Open Source web browser

Details:

USN-2656-1 fixed vulnerabilities in Firefox for Ubuntu 14.04 LTS and later releases.

This update provides the corresponding update for Ubuntu 12.04 LTS.

Original advisory details:

Karthikeyan Bhargavan discovered that NSS incorrectly handled state
transitions for the TLS state machine. If a remote attacker were able to
perform a man-in-the-middle attack, this flaw could be exploited to skip
the ServerKeyExchange message and remove the forward-secrecy property.
(CVE-2015-2721)

Looben Yan discovered 2 use-after-free issues when using XMLHttpRequest in
some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit these to cause a
denial of service via application crash, or execute arbitrary code with
the privileges of the user invoking Firefox. (CVE-2015-2722,
CVE-2015-2733)

Bob Clary, Christian Holler, Bobby Holley, Andrew McCreight, Terrence
Cole, Steve Fink, Mats Palmgren, Wes Kocher, Andreas Pehrson, Tooru
Fujisawa, Andrew Sutherland, and Gary Kwong discovered multiple memory
safety issues in Firefox. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit these to cause a
denial of service via application crash, or execute arbitrary code with
the privileges of the user invoking Firefox. (CVE-2015-2724,
CVE-2015-2725, CVE-2015-2726)

Armin Razmdjou discovered that opening hyperlinks with specific mouse
and key combinations could allow a Chrome privileged URL to be opened
without context restrictions being preserved. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to bypass security restrictions. (CVE-2015-2727)

Paul Bandha discovered a type confusion bug in the Indexed DB Manager. If
a user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to cause a denial of service via
application crash or execute arbitrary code with the priviliges of the
user invoking Firefox. (CVE-2015-2728)

Holger Fuhrmannek discovered an out-of-bounds read in Web Audio. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to obtain sensitive information.
(CVE-2015-2729)

Watson Ladd discovered that NSS incorrectly handled Elliptical Curve
Cryptography (ECC) multiplication. A remote attacker could possibly use
this issue to spoof ECDSA signatures. (CVE-2015-2730)

A use-after-free was discovered when a Content Policy modifies the DOM to
remove a DOM object. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to cause a
denial of service via application crash or execute arbitrary code with the
priviliges of the user invoking Firefox. (CVE-2015-2731)

Ronald Crane discovered multiple security vulnerabilities. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user invoking
Firefox. (CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737,
CVE-2015-2738, CVE-2015-2739, CVE-2015-2740)

David Keeler discovered that key pinning checks can be skipped when an
overridable certificate error occurs. This allows a user to manually
override an error for a fake certificate, but cannot be exploited on its
own. (CVE-2015-2741)

Jonas Jenwald discovered that some internal workers were incorrectly
executed with a high privilege. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this in
combination with another security vulnerability, to execute arbitrary code
in a privileged scope. (CVE-2015-2743)

Matthew Green discovered a DHE key processing issue in NSS where a MITM
could force a server to downgrade TLS connections to 512-bit export-grade
cryptography. An attacker could potentially exploit this to impersonate
the server. (CVE-2015-4000)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 LTS:
firefox 39.0+build5-0ubuntu0.12.04.2

After a standard system update you need to restart Firefox to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2656-2
http://www.ubuntu.com/usn/usn-2656-1
CVE-2015-2721, CVE-2015-2722, CVE-2015-2724, CVE-2015-2725,
CVE-2015-2726, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729,
CVE-2015-2730, CVE-2015-2731, CVE-2015-2733, CVE-2015-2734,
CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738,
CVE-2015-2739, CVE-2015-2740, CVE-2015-2741, CVE-2015-2743,
CVE-2015-4000

Package Information:
https://launchpad.net/ubuntu/+source/firefox/39.0+build5-0ubuntu0.12.04.2

Original Source

Url : http://www.ubuntu.com/usn/USN-2656-2

CWE : Common Weakness Enumeration

% Id Name
35 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
35 % CWE-17 Code
24 % CWE-310 Cryptographic Issues
6 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:29329
 
Oval ID: oval:org.mitre.oval:def:29329
Title: AIX Logjam Vulnerability
Description: The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Family: unix Class: vulnerability
Reference(s): CVE-2015-4000
Version: 5
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29478
 
Oval ID: oval:org.mitre.oval:def:29478
Title: HP-UX OpenSSL Vulnerability (DHE man-in-the-middle protection (Logjam))
Description: The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Family: unix Class: vulnerability
Reference(s): CVE-2015-4000
Version: 1
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2
Application 1
Application 1
Application 1
Application 1
Application 398
Application 17
Application 1
Application 1
Application 299
Application 1
Application 358
Application 1
Application 5
Application 5
Application 1
Os 150
Os 101
Os 4
Os 2
Os 1
Os 2
Os 2
Os 1
Os 1
Os 1
Os 2
Os 1
Os 1

Information Assurance Vulnerability Management (IAVM)

Date Description
2015-07-16 IAVM : 2015-A-0158 - Multiple Vulnerabilities in Oracle Java SE
Severity : Category I - VMSKEY : V0061089

Snort® IPS/IDS

Date Description
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33806 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33805 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33804 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33803 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33802 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33801 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33800 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33799 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33798 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33797 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33796 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33795 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33794 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33793 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33792 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33791 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33790 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33789 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33788 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33787 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33786 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade cipher suite attempt
RuleID : 33785 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33784 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33783 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33782 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33781 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33780 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33779 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33778 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33777 - Revision : 6 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2017-03-13 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15955144.nasl - Type : ACT_GATHER_INFO
2017-01-20 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201701-46.nasl - Type : ACT_GATHER_INFO
2016-10-06 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3688.nasl - Type : ACT_GATHER_INFO
2016-09-27 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2385-1.nasl - Type : ACT_GATHER_INFO
2016-09-09 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1064.nasl - Type : ACT_GATHER_INFO
2016-09-02 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2209-1.nasl - Type : ACT_GATHER_INFO
2016-08-29 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1618-1.nasl - Type : ACT_GATHER_INFO
2016-06-23 Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa10727.nasl - Type : ACT_GATHER_INFO
2016-06-22 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2016-0066.nasl - Type : ACT_GATHER_INFO
2016-06-08 Name : The remote Debian host is missing a security update.
File : debian_DLA-507.nasl - Type : ACT_GATHER_INFO
2016-06-01 Name : The remote device is affected by multiple vulnerabilities.
File : cisco_ace_A5_3_3.nasl - Type : ACT_GATHER_INFO
2016-05-31 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201605-06.nasl - Type : ACT_GATHER_INFO
2016-05-13 Name : A web application running on the remote host is affected by multiple vulnerab...
File : solarwinds_srm_profiler_6_2_3.nasl - Type : ACT_GATHER_INFO
2016-03-24 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_5_4.nasl - Type : ACT_GATHER_INFO
2016-03-14 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201603-11.nasl - Type : ACT_GATHER_INFO
2016-03-10 Name : The remote AIX host has a version of OpenSSL installed that is affected by mu...
File : aix_openssl_advisory17.nasl - Type : ACT_GATHER_INFO
2016-02-18 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-218.nasl - Type : ACT_GATHER_INFO
2016-02-17 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-215.nasl - Type : ACT_GATHER_INFO
2016-02-03 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-102.nasl - Type : ACT_GATHER_INFO
2016-02-03 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-104.nasl - Type : ACT_GATHER_INFO
2016-02-02 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_1r.nasl - Type : ACT_GATHER_INFO
2016-02-02 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_2f.nasl - Type : ACT_GATHER_INFO
2016-01-26 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-92.nasl - Type : ACT_GATHER_INFO
2016-01-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0224-1.nasl - Type : ACT_GATHER_INFO
2016-01-21 Name : The application installed on the remote host is affected by multiple vulnerab...
File : oracle_secure_global_desktop_jan_2016_cpu.nasl - Type : ACT_GATHER_INFO
2016-01-06 Name : The remote database server is affected by multiple vulnerabilities.
File : db2_105fp7_nix.nasl - Type : ACT_GATHER_INFO
2016-01-06 Name : The remote database server is affected by multiple vulnerabilities.
File : db2_105fp7_win.nasl - Type : ACT_GATHER_INFO
2016-01-04 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201512-10.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15av.nasl - Type : ACT_GATHER_INFO
2015-11-03 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1851-1.nasl - Type : ACT_GATHER_INFO
2015-11-02 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1840-1.nasl - Type : ACT_GATHER_INFO
2015-10-22 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1699.nasl - Type : ACT_GATHER_INFO
2015-10-12 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1695-1.nasl - Type : ACT_GATHER_INFO
2015-10-09 Name : The remote host allows SSH connections with one or more Diffie-Hellman moduli...
File : ssh_logjam.nasl - Type : ACT_GATHER_INFO
2015-10-06 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-635.nasl - Type : ACT_GATHER_INFO
2015-09-28 Name : The remote Debian host is missing a security update.
File : debian_DLA-315.nasl - Type : ACT_GATHER_INFO
2015-09-23 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-596.nasl - Type : ACT_GATHER_INFO
2015-09-22 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1581-1.nasl - Type : ACT_GATHER_INFO
2015-09-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1699.nasl - Type : ACT_GATHER_INFO
2015-09-16 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16674.nasl - Type : ACT_GATHER_INFO
2015-09-15 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1547-2.nasl - Type : ACT_GATHER_INFO
2015-09-14 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1544-1.nasl - Type : ACT_GATHER_INFO
2015-09-14 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1547-1.nasl - Type : ACT_GATHER_INFO
2015-09-11 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1526-1.nasl - Type : ACT_GATHER_INFO
2015-09-09 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1509-1.nasl - Type : ACT_GATHER_INFO
2015-09-04 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1482-1.nasl - Type : ACT_GATHER_INFO
2015-09-03 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150901_nss_softokn_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-09-02 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1699.nasl - Type : ACT_GATHER_INFO
2015-09-02 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0118.nasl - Type : ACT_GATHER_INFO
2015-09-01 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1449-1.nasl - Type : ACT_GATHER_INFO
2015-08-31 Name : The remote Debian host is missing a security update.
File : debian_DLA-303.nasl - Type : ACT_GATHER_INFO
2015-08-26 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-586.nasl - Type : ACT_GATHER_INFO
2015-08-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1664.nasl - Type : ACT_GATHER_INFO
2015-08-25 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1664.nasl - Type : ACT_GATHER_INFO
2015-08-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1664.nasl - Type : ACT_GATHER_INFO
2015-08-25 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150824_nss_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-08-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3339.nasl - Type : ACT_GATHER_INFO
2015-08-19 Name : The remote AIX host is missing a security patch.
File : aix_IV75967.nasl - Type : ACT_GATHER_INFO
2015-08-18 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3336.nasl - Type : ACT_GATHER_INFO
2015-08-17 Name : The remote AIX host has a version of Java SDK installed that is affected by m...
File : aix_java_july2015_advisory.nasl - Type : ACT_GATHER_INFO
2015-08-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1604.nasl - Type : ACT_GATHER_INFO
2015-08-13 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1375-1.nasl - Type : ACT_GATHER_INFO
2015-08-11 Name : The remote AIX host is missing a security patch.
File : aix_IV75643.nasl - Type : ACT_GATHER_INFO
2015-08-11 Name : The remote AIX host is missing a security patch.
File : aix_IV75644.nasl - Type : ACT_GATHER_INFO
2015-08-11 Name : The remote AIX host is missing a security patch.
File : aix_IV75645.nasl - Type : ACT_GATHER_INFO
2015-08-11 Name : The remote AIX host is missing a security patch.
File : aix_IV75646.nasl - Type : ACT_GATHER_INFO
2015-08-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2706-1.nasl - Type : ACT_GATHER_INFO
2015-08-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1544.nasl - Type : ACT_GATHER_INFO
2015-08-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150730_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-08-04 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1329-1.nasl - Type : ACT_GATHER_INFO
2015-08-04 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1331-1.nasl - Type : ACT_GATHER_INFO
2015-08-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3324.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1526.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1526.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1526.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1319-1.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1320-1.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2696-1.nasl - Type : ACT_GATHER_INFO
2015-07-28 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3316.nasl - Type : ACT_GATHER_INFO
2015-07-27 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-507.nasl - Type : ACT_GATHER_INFO
2015-07-27 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-511.nasl - Type : ACT_GATHER_INFO
2015-07-27 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-512.nasl - Type : ACT_GATHER_INFO
2015-07-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1488.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-569.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-570.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-571.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : A web application on the remote host is affected by multiple vulnerabilities.
File : puppet_enterprise_activemq_psql_ssl.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1485.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1486.nasl - Type : ACT_GATHER_INFO
2015-07-21 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2015-1455.nasl - Type : ACT_GATHER_INFO
2015-07-21 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2015-1455.nasl - Type : ACT_GATHER_INFO
2015-07-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1455.nasl - Type : ACT_GATHER_INFO
2015-07-21 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150720_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-07-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1268-2.nasl - Type : ACT_GATHER_INFO
2015-07-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1269-1.nasl - Type : ACT_GATHER_INFO
2015-07-21 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2673-1.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote AIX host has a version of OpenSSL installed that is affected by mu...
File : aix_openssl_advisory14.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-495.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1241.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1242.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1243.nasl - Type : ACT_GATHER_INFO
2015-07-17 Name : The remote Windows host contains a programming platform that is affected by m...
File : oracle_java_cpu_jul_2015.nasl - Type : ACT_GATHER_INFO
2015-07-17 Name : The remote Unix host contains a programming platform that is affected by mult...
File : oracle_java_cpu_jul_2015_unix.nasl - Type : ACT_GATHER_INFO
2015-07-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1230.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1228.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1229.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1230.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_44d9daee940c417986bb6e3ffd617869.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : A programming platform installed on the remote Windows host is affected by mu...
File : oracle_jrockit_cpu_jul_2015.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1228.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1229.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1228.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1229.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1230.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150715_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150715_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150715_java_1_8_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2656-2.nasl - Type : ACT_GATHER_INFO
2015-07-14 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-480.nasl - Type : ACT_GATHER_INFO
2015-07-14 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1177-2.nasl - Type : ACT_GATHER_INFO
2015-07-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-479.nasl - Type : ACT_GATHER_INFO
2015-07-13 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2656-1.nasl - Type : ACT_GATHER_INFO
2015-07-13 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2672-1.nasl - Type : ACT_GATHER_INFO
2015-07-09 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-474.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2015-1207.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Mac OS X host contains a web browser that is affected by multiple ...
File : macosx_firefox_31_8_esr.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Mac OS X host contains a web browser that is affected by multiple ...
File : macosx_firefox_38_1_esr.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Mac OS X host contains a web browser that is affected by multiple ...
File : macosx_firefox_39_0.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Mac OS X host contains a mail client that is affected by multiple ...
File : macosx_thunderbird_38_1.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_31_8_esr.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_38_1_esr.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_39_0.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_38_1.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1181-2.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1182-2.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1183-2.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1184-2.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1197.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3300.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2015-1207.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1207.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150625_nss_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150630_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150703_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1177-1.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1184-1.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_10_4.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2015-005.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1197.nasl - Type : ACT_GATHER_INFO
2015-06-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1197.nasl - Type : ACT_GATHER_INFO
2015-06-29 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1150-1.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1185.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-447.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1185.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1143-1.nasl - Type : ACT_GATHER_INFO
2015-06-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1185.nasl - Type : ACT_GATHER_INFO
2015-06-23 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201506-02.nasl - Type : ACT_GATHER_INFO
2015-06-18 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-550.nasl - Type : ACT_GATHER_INFO
2015-06-18 Name : The remote Debian host is missing a security update.
File : debian_DLA-247.nasl - Type : ACT_GATHER_INFO
2015-06-15 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3287.nasl - Type : ACT_GATHER_INFO
2015-06-15 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2015-9161.nasl - Type : ACT_GATHER_INFO
2015-06-12 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_8305e215108011e58ba2000c2980a9f3.nasl - Type : ACT_GATHER_INFO
2015-06-12 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_1n.nasl - Type : ACT_GATHER_INFO
2015-06-12 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_2b.nasl - Type : ACT_GATHER_INFO
2015-06-08 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150604_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-06-05 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1072.nasl - Type : ACT_GATHER_INFO
2015-06-05 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1072.nasl - Type : ACT_GATHER_INFO
2015-06-05 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0065.nasl - Type : ACT_GATHER_INFO
2015-06-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1072.nasl - Type : ACT_GATHER_INFO
2015-06-03 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2015-9048.nasl - Type : ACT_GATHER_INFO
2015-06-02 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2015-9130.nasl - Type : ACT_GATHER_INFO
2015-05-28 Name : The remote host allows SSL/TLS connections with one or more Diffie-Hellman mo...
File : ssl_logjam.nasl - Type : ACT_GATHER_INFO
2015-05-21 Name : The remote host supports a set of weak ciphers.
File : ssl_dh_export_supported_ciphers.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2016-01-22 09:26:55
  • Multiple Updates
2015-07-18 13:29:51
  • Multiple Updates
2015-07-15 17:25:38
  • First insertion