Executive Summary
Summary | |
---|---|
Title | VMware Hosted products update libpng and Apache HTTP Server |
Informations | |||
---|---|---|---|
Name | VMSA-2009-0010 | First vendor Publication | 2009-08-20 |
Vendor | VMware | Last vendor Modification | 2009-08-20 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
a. Third Party Library libpng Updated to 1.2.35 Several flaws were discovered in the way third party library libpng handled uninitialized pointers. An attacker could create a PNG image file in such a way, that when loaded by an application linked to libpng, it could cause the application to crash or execute arbitrary code at the privilege level of the user that runs the application. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-0040 to this issue. b. Apache HTTP Server updated to 2.0.63 The new version of ACE updates the Apache HTTP Server on Windows hosts to version 2.0.63 which addresses multiple security issues that existed in the previous versions of this server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752, CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the issues that have been addressed by this update. |
Original Source
Url : http://www.vmware.com/security/advisories/VMSA-2009-0010.html |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-18 | Embedding Scripts in Nonscript Elements |
CAPEC-63 | Simple Script Injection |
CAPEC-73 | User-Controlled Filename |
CAPEC-81 | Web Logs Tampering |
CAPEC-85 | Client Network Footprinting (using AJAX/XSS) |
CAPEC-86 | Embedding Script (XSS ) in HTTP Headers |
CAPEC-104 | Cross Zone Scripting |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
75 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
25 % | CWE-125 | Out-of-bounds Read |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10154 | |||
Oval ID: | oval:org.mitre.oval:def:10154 | ||
Title: | Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified. | ||
Description: | Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-5752 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10272 | |||
Oval ID: | oval:org.mitre.oval:def:10272 | ||
Title: | Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
Description: | Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6388 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10316 | |||
Oval ID: | oval:org.mitre.oval:def:10316 | ||
Title: | The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. | ||
Description: | The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0040 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10525 | |||
Oval ID: | oval:org.mitre.oval:def:10525 | ||
Title: | The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read. | ||
Description: | The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3847 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10812 | |||
Oval ID: | oval:org.mitre.oval:def:10812 | ||
Title: | mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding. | ||
Description: | mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0005 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11589 | |||
Oval ID: | oval:org.mitre.oval:def:11589 | ||
Title: | Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer." | ||
Description: | Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3304 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13052 | |||
Oval ID: | oval:org.mitre.oval:def:13052 | ||
Title: | USN-730-1 -- libpng vulnerabilities | ||
Description: | It was discovered that libpng did not properly perform bounds checking in certain operations. An attacker could send a specially crafted PNG image and cause a denial of service in applications linked against libpng. This issue only affected Ubuntu 8.04 LTS. Tavis Ormandy discovered that libpng did not properly initialize memory. If a user or automated system were tricked into opening a crafted PNG image, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue did not affect Ubuntu 8.10. Harald van Dijk discovered an off-by-one error in libpng. An attacker could could cause an application crash in programs using pngtest. It was discovered that libpng did not properly NULL terminate a keyword string. An attacker could exploit this to set arbitrary memory locations to zero. Glenn Randers-Pehrson discovered that libpng did not properly initialize pointers. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program | ||
Family: | unix | Class: | patch |
Reference(s): | USN-730-1 CVE-2007-5268 CVE-2007-5269 CVE-2008-1382 CVE-2008-3964 CVE-2008-5907 CVE-2009-0040 | Version: | 5 |
Platform(s): | Ubuntu 7.10 Ubuntu 8.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13613 | |||
Oval ID: | oval:org.mitre.oval:def:13613 | ||
Title: | DSA-1750-1 libpng -- several | ||
Description: | Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems: The png_handle_tRNS function allows attackers to cause a denial of service via a grayscale PNG image with a bad tRNS chunk CRC value. Certain chunk handlers allow attackers to cause a denial of service via crafted pCAL, sCAL, tEXt, iTXt, and ztXT chunking in PNG images, which trigger out-of-bounds read operations. libpng allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialised memory. The png_check_keyword might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords. A memory leak in the png_handle_tEXt function allows context-dependent attackers to cause a denial of service via a crafted PNG file. libpng allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialised pointer in the png_read_png function, pCAL chunk handling, or setup of 16-bit gamma tables. For the old stable distribution, these problems have been fixed in version1.2.15~beta5-1+etch2. For the stable distribution, these problems have been fixed in version 1.2.27-2+lenny2. For the unstable distribution, these problems have been fixed in version 1.2.35-1. We recommend that you upgrade your libpng packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1750-1 CVE-2007-2445 CVE-2007-5269 CVE-2008-1382 CVE-2008-5907 CVE-2008-6218 CVE-2009-0040 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17648 | |||
Oval ID: | oval:org.mitre.oval:def:17648 | ||
Title: | USN-575-1 -- apache2 vulnerabilities | ||
Description: | It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-575-1 CVE-2006-3918 CVE-2007-3847 CVE-2007-4465 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | apache2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22299 | |||
Oval ID: | oval:org.mitre.oval:def:22299 | ||
Title: | ELSA-2007:0746: httpd security, bug fix, and enhancement update (Moderate) | ||
Description: | The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0746-04 CVE-2007-3847 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | httpd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22498 | |||
Oval ID: | oval:org.mitre.oval:def:22498 | ||
Title: | ELSA-2008:0008: httpd security update (Moderate) | ||
Description: | mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0008-01 CVE-2007-4465 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 | Version: | 29 |
Platform(s): | Oracle Linux 5 | Product(s): | httpd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22543 | |||
Oval ID: | oval:org.mitre.oval:def:22543 | ||
Title: | ELSA-2007:0556: httpd security update (Moderate) | ||
Description: | Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0556-01 CVE-2006-5752 CVE-2007-1863 CVE-2007-3304 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | httpd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22744 | |||
Oval ID: | oval:org.mitre.oval:def:22744 | ||
Title: | ELSA-2009:0333: libpng security update (Moderate) | ||
Description: | The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:0333-01 CVE-2008-1382 CVE-2009-0040 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | libpng libpng10 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29196 | |||
Oval ID: | oval:org.mitre.oval:def:29196 | ||
Title: | RHSA-2009:0333 -- libpng security update (Moderate) | ||
Description: | Updated libpng and libpng10 packages that fix a couple of security issues are now available for Red Hat Enterprise Linux 2.1, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. A flaw was discovered in libpng that could result in libpng trying to freerandom memory if certain, unlikely error conditions occurred. If a carefully-crafted PNG file was loaded by an application linked against libpng, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-0040) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:0333 CESA-2009:0333-CentOS 2 CVE-2008-1382 CVE-2009-0040 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 2 | Product(s): | libpng libpng10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6458 | |||
Oval ID: | oval:org.mitre.oval:def:6458 | ||
Title: | Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerability | ||
Description: | The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0040 | Version: | 1 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6557 | |||
Oval ID: | oval:org.mitre.oval:def:6557 | ||
Title: | DSA-1750 libpng -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems: The png_handle_tRNS function allows attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value. Certain chunk handlers allow attackers to cause a denial of service (crash) via crafted pCAL, sCAL, tEXt, iTXt, and ztXT chunking in PNG images, which trigger out-of-bounds read operations. libpng allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialised memory. The png_check_keyword might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords. A memory leak in the png_handle_tEXt function allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file. libpng allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialised pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1750 CVE-2007-2445 CVE-2007-5269 CVE-2008-1382 CVE-2008-5907 CVE-2008-6218 CVE-2009-0040 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9539 | |||
Oval ID: | oval:org.mitre.oval:def:9539 | ||
Title: | Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
Description: | Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5000 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9824 | |||
Oval ID: | oval:org.mitre.oval:def:9824 | ||
Title: | cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value. | ||
Description: | cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-1863 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-10-03 | Name : Gentoo Security Advisory GLSA 201209-25 (vmware-server vmware-player vmware-w... File : nvt/glsa_201209_25.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:0315 centos4 i386 File : nvt/gb_CESA-2009_0315_firefox_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:0315 centos5 i386 File : nvt/gb_CESA-2009_0315_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:0325-01 centos2 i386 File : nvt/gb_CESA-2009_0325-01_seamonkey_centos2_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:0325 centos3 i386 File : nvt/gb_CESA-2009_0325_seamonkey_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:0325 centos4 i386 File : nvt/gb_CESA-2009_0325_seamonkey_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for libpng CESA-2009:0333-01 centos2 i386 File : nvt/gb_CESA-2009_0333-01_libpng_centos2_i386.nasl |
2011-08-09 | Name : CentOS Update for libpng10 CESA-2009:0333 centos4 i386 File : nvt/gb_CESA-2009_0333_libpng10_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for libpng10 CESA-2009:0340 centos3 i386 File : nvt/gb_CESA-2009_0340_libpng10_centos3_i386.nasl |
2010-05-12 | Name : Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003 File : nvt/macosx_upd_10_5_3_secupd_2008-003.nasl |
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2010-05-12 | Name : Mac OS X 10.5.8 Update / Mac OS X Security Update 2009-003 File : nvt/macosx_upd_10_5_8_secupd_2009-003.nasl |
2010-02-03 | Name : Solaris Update for Apache 1.3 122911-19 File : nvt/gb_solaris_122911_19.nasl |
2010-02-03 | Name : Solaris Update for Apache 1.3 122912-19 File : nvt/gb_solaris_122912_19.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-22 | Name : HP-UX Update for Apache-based Web Server HPSBUX02465 File : nvt/gb_hp_ux_HPSBUX02465.nasl |
2009-10-13 | Name : Solaris Update for Apache 1.3 122911-17 File : nvt/gb_solaris_122911_17.nasl |
2009-10-13 | Name : Solaris Update for Apache 1.3 122912-17 File : nvt/gb_solaris_122912_17.nasl |
2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox3.nasl |
2009-10-13 | Name : SLES10: Security update for libpng File : nvt/sles10_libpng.nasl |
2009-10-13 | Name : SLES10: Security update for libpng File : nvt/sles10_libpng0.nasl |
2009-10-11 | Name : SLES11: Security update for MozillaFirefox File : nvt/sles11_MozillaFirefox.nasl |
2009-10-11 | Name : SLES11: Security update for libpng File : nvt/sles11_libpng12-0.nasl |
2009-10-10 | Name : SLES9: Security update for apache2 File : nvt/sles9p5012664.nasl |
2009-10-10 | Name : SLES9: Security update for Apache 2 File : nvt/sles9p5023052.nasl |
2009-10-10 | Name : SLES9: Security update for Apache File : nvt/sles9p5023075.nasl |
2009-10-10 | Name : SLES9: Security update for libpng File : nvt/sles9p5043440.nasl |
2009-10-10 | Name : SLES9: Security update for libpng File : nvt/sles9p5043680.nasl |
2009-09-23 | Name : Solaris Update for Apache 1.3 122911-16 File : nvt/gb_solaris_122911_16.nasl |
2009-09-23 | Name : Solaris Update for Apache 1.3 122912-16 File : nvt/gb_solaris_122912_16.nasl |
2009-07-29 | Name : Debian Security Advisory DSA 1830-1 (icedove) File : nvt/deb_1830_1.nasl |
2009-07-29 | Name : Ubuntu USN-799-1 (dbus) File : nvt/ubuntu_799_1.nasl |
2009-07-29 | Name : Ubuntu USN-801-1 (tiff) File : nvt/ubuntu_801_1.nasl |
2009-07-29 | Name : Ubuntu USN-802-1 (apache2) File : nvt/ubuntu_802_1.nasl |
2009-07-17 | Name : HP-UX Update for Apache Web Server Suite HPSBUX02431 File : nvt/gb_hp_ux_HPSBUX02431.nasl |
2009-06-23 | Name : Fedora Core 10 FEDORA-2009-6531 (libpng) File : nvt/fcore_2009_6531.nasl |
2009-06-23 | Name : Fedora Core 9 FEDORA-2009-6603 (libpng) File : nvt/fcore_2009_6603.nasl |
2009-06-05 | Name : Ubuntu USN-723-1 (git-core) File : nvt/ubuntu_723_1.nasl |
2009-06-03 | Name : Solaris Update for Apache Security 113146-12 File : nvt/gb_solaris_113146_12.nasl |
2009-06-03 | Name : Solaris Update for Apache Security 114145-11 File : nvt/gb_solaris_114145_11.nasl |
2009-06-03 | Name : Solaris Update for Apache 116973-07 File : nvt/gb_solaris_116973_07.nasl |
2009-06-03 | Name : Solaris Update for Apache 116974-07 File : nvt/gb_solaris_116974_07.nasl |
2009-06-03 | Name : Solaris Update for Apache 2 120543-14 File : nvt/gb_solaris_120543_14.nasl |
2009-06-03 | Name : Solaris Update for Apache 2 120544-14 File : nvt/gb_solaris_120544_14.nasl |
2009-06-03 | Name : Solaris Update for Apache 1.3 122911-15 File : nvt/gb_solaris_122911_15.nasl |
2009-06-03 | Name : Solaris Update for Apache 1.3 122912-15 File : nvt/gb_solaris_122912_15.nasl |
2009-05-05 | Name : HP-UX Update for Apache HPSBUX02262 File : nvt/gb_hp_ux_HPSBUX02262.nasl |
2009-05-05 | Name : HP-UX Update for Apache HPSBUX02273 File : nvt/gb_hp_ux_HPSBUX02273.nasl |
2009-05-05 | Name : HP-UX Update for Apache HPSBUX02308 File : nvt/gb_hp_ux_HPSBUX02308.nasl |
2009-05-05 | Name : HP-UX Update for Apache HPSBUX02313 File : nvt/gb_hp_ux_HPSBUX02313.nasl |
2009-04-28 | Name : CentOS Security Advisory CESA-2009:0333 (libpng) File : nvt/ovcesa2009_0333.nasl |
2009-04-20 | Name : SuSE Security Advisory SUSE-SA:2009:023 (MozillaFirefox) File : nvt/suse_sa_2009_023.nasl |
2009-04-09 | Name : Mandriva Update for apache MDKSA-2007:140 (apache) File : nvt/gb_mandriva_MDKSA_2007_140.nasl |
2009-04-09 | Name : Mandriva Update for apache MDKSA-2007:235 (apache) File : nvt/gb_mandriva_MDKSA_2007_235.nasl |
2009-04-09 | Name : Mandriva Update for apache MDVSA-2008:016 (apache) File : nvt/gb_mandriva_MDVSA_2008_016.nasl |
2009-04-06 | Name : Mandrake Security Advisory MDVSA-2009:083 (mozilla-thunderbird) File : nvt/mdksa_2009_083.nasl |
2009-03-31 | Name : Debian Security Advisory DSA 1750-1 (libpng) File : nvt/deb_1750_1.nasl |
2009-03-31 | Name : Fedora Core 10 FEDORA-2009-2882 (thunderbird) File : nvt/fcore_2009_2882.nasl |
2009-03-31 | Name : Fedora Core 9 FEDORA-2009-2884 (thunderbird) File : nvt/fcore_2009_2884.nasl |
2009-03-23 | Name : Ubuntu Update for apache2 vulnerabilities USN-499-1 File : nvt/gb_ubuntu_USN_499_1.nasl |
2009-03-23 | Name : Ubuntu Update for apache2 vulnerabilities USN-575-1 File : nvt/gb_ubuntu_USN_575_1.nasl |
2009-03-20 | Name : Gentoo Security Advisory GLSA 200903-28 (libpng) File : nvt/glsa_200903_28.nasl |
2009-03-20 | Name : Mandrake Security Advisory MDVSA-2009:075 (firefox) File : nvt/mdksa_2009_075.nasl |
2009-03-20 | Name : SuSE Security Advisory SUSE-SA:2009:012 (MozillaFirefox) File : nvt/suse_sa_2009_012.nasl |
2009-03-13 | Name : Fedora Core 10 FEDORA-2009-1976 (libpng10) File : nvt/fcore_2009_1976.nasl |
2009-03-13 | Name : Fedora Core 9 FEDORA-2009-2045 (libpng10) File : nvt/fcore_2009_2045.nasl |
2009-03-13 | Name : CentOS Security Advisory CESA-2009:0315 (firefox) File : nvt/ovcesa2009_0315.nasl |
2009-03-13 | Name : CentOS Security Advisory CESA-2009:0325-01 (seamonkey) File : nvt/ovcesa2009_0325_01.nasl |
2009-03-13 | Name : CentOS Security Advisory CESA-2009:0333-01 (libpng) File : nvt/ovcesa2009_0333_01.nasl |
2009-03-13 | Name : CentOS Security Advisory CESA-2009:0340 (libpng) File : nvt/ovcesa2009_0340.nasl |
2009-03-07 | Name : RedHat Security Advisory RHSA-2009:0315 File : nvt/RHSA_2009_0315.nasl |
2009-03-07 | Name : RedHat Security Advisory RHSA-2009:0325 File : nvt/RHSA_2009_0325.nasl |
2009-03-07 | Name : RedHat Security Advisory RHSA-2009:0333 File : nvt/RHSA_2009_0333.nasl |
2009-03-07 | Name : RedHat Security Advisory RHSA-2009:0340 File : nvt/RHSA_2009_0340.nasl |
2009-03-07 | Name : FreeBSD Ports: pngcrush File : nvt/freebsd_pngcrush.nasl |
2009-03-07 | Name : CentOS Security Advisory CESA-2009:0325 (seamonkey) File : nvt/ovcesa2009_0325.nasl |
2009-03-07 | Name : Ubuntu USN-728-1 (xulrunner-1.9) File : nvt/ubuntu_728_1.nasl |
2009-03-07 | Name : Ubuntu USN-730-1 (libpng) File : nvt/ubuntu_730_1.nasl |
2009-03-06 | Name : RedHat Update for apache RHSA-2008:0004-01 File : nvt/gb_RHSA-2008_0004-01_apache.nasl |
2009-03-06 | Name : RedHat Update for httpd RHSA-2008:0005-01 File : nvt/gb_RHSA-2008_0005-01_httpd.nasl |
2009-03-06 | Name : RedHat Update for httpd RHSA-2008:0006-01 File : nvt/gb_RHSA-2008_0006-01_httpd.nasl |
2009-03-06 | Name : RedHat Update for httpd RHSA-2008:0008-01 File : nvt/gb_RHSA-2008_0008-01_httpd.nasl |
2009-03-02 | Name : Fedora Core 10 FEDORA-2009-2112 (libpng) File : nvt/fcore_2009_2112.nasl |
2009-03-02 | Name : Fedora Core 9 FEDORA-2009-2128 (libpng) File : nvt/fcore_2009_2128.nasl |
2009-03-02 | Name : Fedora Core 10 FEDORA-2009-2131 (mingw32-libpng) File : nvt/fcore_2009_2131.nasl |
2009-03-02 | Name : Mandrake Security Advisory MDVSA-2009:051 (libpng) File : nvt/mdksa_2009_051.nasl |
2009-03-02 | Name : SuSE Security Summary SUSE-SR:2009:005 File : nvt/suse_sr_2009_005.nasl |
2009-02-27 | Name : CentOS Update for apache CESA-2008:0004-01 centos2 i386 File : nvt/gb_CESA-2008_0004-01_apache_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0005 centos3 i386 File : nvt/gb_CESA-2008_0005_httpd_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0005 centos3 x86_64 File : nvt/gb_CESA-2008_0005_httpd_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0006 centos4 i386 File : nvt/gb_CESA-2008_0006_httpd_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0006 centos4 x86_64 File : nvt/gb_CESA-2008_0006_httpd_centos4_x86_64.nasl |
2009-02-27 | Name : Fedora Update for httpd FEDORA-2007-0704 File : nvt/gb_fedora_2007_0704_httpd_fc7.nasl |
2009-02-27 | Name : Fedora Update for httpd FEDORA-2007-2214 File : nvt/gb_fedora_2007_2214_httpd_fc7.nasl |
2009-02-27 | Name : Fedora Update for httpd FEDORA-2007-615 File : nvt/gb_fedora_2007_615_httpd_fc6.nasl |
2009-02-27 | Name : Fedora Update for httpd FEDORA-2007-617 File : nvt/gb_fedora_2007_617_httpd_fc5.nasl |
2009-02-27 | Name : Fedora Update for httpd FEDORA-2007-707 File : nvt/gb_fedora_2007_707_httpd_fc6.nasl |
2009-02-16 | Name : Fedora Update for httpd FEDORA-2008-1695 File : nvt/gb_fedora_2008_1695_httpd_fc8.nasl |
2009-02-16 | Name : Fedora Update for httpd FEDORA-2008-1711 File : nvt/gb_fedora_2008_1711_httpd_fc7.nasl |
2009-01-28 | Name : SuSE Update for apache2 SUSE-SA:2007:061 File : nvt/gb_suse_2007_061.nasl |
2009-01-23 | Name : SuSE Update for apache2,apache SUSE-SA:2008:021 File : nvt/gb_suse_2008_021.nasl |
2008-12-02 | Name : HP OpenView Network Node Manager XSS Vulnerability File : nvt/secpod_hp_openview_nnm_xss_vuln_900403.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-06 (apache) File : nvt/glsa_200711_06.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200803-19 (apache) File : nvt/glsa_200803_19.nasl |
2008-09-04 | Name : FreeBSD Ports: apache File : nvt/freebsd_apache12.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-045-01 httpd File : nvt/esoft_slk_ssa_2008_045_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-045-02 apache File : nvt/esoft_slk_ssa_2008_045_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-210-02 httpd File : nvt/esoft_slk_ssa_2008_210_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-051-01 libpng File : nvt/esoft_slk_ssa_2009_051_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-083-02 seamonkey File : nvt/esoft_slk_ssa_2009_083_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-083-03 mozilla-thunderbird File : nvt/esoft_slk_ssa_2009_083_03.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
53317 | libpng 16-bit Gamma Table Handling Uninitialised Pointer Free Arbitrary Code ... |
53316 | libpng pCAL Chunk Handling Uninitialised Pointer Free Arbitrary Code Execution |
53315 | libpng png_read_png Function Uninitialised Pointer Free Arbitrary Code Execution |
42214 | Apache HTTP Server mod_proxy_ftp UTF-7 Encoded XSS |
40262 | Apache HTTP Server mod_status refresh XSS Apache HTTP Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because with mod_status enabled, the application does not validate the refresh parameter on the server-status page. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
39134 | Apache mod_imagemap Module Imagemap Unspecified XSS |
39133 | Apache mod_imap Module Imagemap File Unspecified XSS |
38939 | Apache HTTP Server Prefork MPM Module Array Modification Local DoS |
38630 | IBM HTTP Server mod_status mod_status.c Unspecified XSS |
37079 | Apache HTTP Server mod_cache cache_util.c Malformed Cache-Control Header DoS |
37052 | Apache HTTP Server mod_status mod_status.c Unspecified XSS |
37051 | Apache HTTP Server mod_proxy modules/proxy/proxy_util.c Crafted Header Remote... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Apache http server mod_proxy http response crafted date handling denial of se... RuleID : 13311 - Revision : 7 - Type : WEB-MISC |
2014-01-10 | Apache http server mod_proxy http response crafted date handling denial of se... RuleID : 13310 - Revision : 7 - Type : WEB-MISC |
2014-01-10 | Apache http server mod_proxy http request crafted date handling denial of ser... RuleID : 13309 - Revision : 6 - Type : WEB-MISC |
2014-01-10 | Apache mod_imagemap cross site scripting attempt RuleID : 13302 - Revision : 12 - Type : SERVER-APACHE |
2014-01-10 | Apache mod_cache denial of service attempt RuleID : 12591 - Revision : 12 - Type : SERVER-APACHE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-08.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2009-0010.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL8186.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL9988.nasl - Type : ACT_GATHER_INFO |
2013-08-11 | Name : The remote web server may be affected by multiple vulnerabilities. File : oracle_http_server_cpu_jul_2013.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0533.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0534.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0556.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0662.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0005.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0006.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0008.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0315.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0325.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0333.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0340.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0747.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0263.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0523.nasl - Type : ACT_GATHER_INFO |
2012-10-01 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-25.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070626_httpd_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070627_httpd_on_SL3.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070713_httpd_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071109_httpd_on_SL5.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071115_httpd_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080115_httpd_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090304_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090304_libpng_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090304_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1830.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0261.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0524.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0008.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0333.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12124.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12125.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12353.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12358.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-090319.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libpng-090317.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-6187.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libpng-6003.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libpng-6024.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_8.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-003.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2009-0007.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-090312.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libpng-devel-090217.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libpng-devel-090225.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-090617.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-090312.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libpng-devel-090217.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libpng-devel-090225.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-090617.nasl - Type : ACT_GATHER_INFO |
2009-06-19 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-6310.nasl - Type : ACT_GATHER_INFO |
2009-06-15 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_38147.nasl - Type : ACT_GATHER_INFO |
2009-06-15 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_38148.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_4.0.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1976.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2112.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2131.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2882.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-016.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-051.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-075.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-083.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-728-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-730-1.nasl - Type : ACT_GATHER_INFO |
2009-04-21 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-6194.nasl - Type : ACT_GATHER_INFO |
2009-03-25 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-083-02.nasl - Type : ACT_GATHER_INFO |
2009-03-25 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-083-03.nasl - Type : ACT_GATHER_INFO |
2009-03-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1750.nasl - Type : ACT_GATHER_INFO |
2009-03-22 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2884.nasl - Type : ACT_GATHER_INFO |
2009-03-20 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20021.nasl - Type : ACT_GATHER_INFO |
2009-03-20 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1115.nasl - Type : ACT_GATHER_INFO |
2009-03-16 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200903-28.nasl - Type : ACT_GATHER_INFO |
2009-03-10 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2045.nasl - Type : ACT_GATHER_INFO |
2009-03-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0315.nasl - Type : ACT_GATHER_INFO |
2009-03-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0325.nasl - Type : ACT_GATHER_INFO |
2009-03-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0340.nasl - Type : ACT_GATHER_INFO |
2009-03-05 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_ea2411a408e811deb88a0022157515b2.nasl - Type : ACT_GATHER_INFO |
2009-03-05 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_307.nasl - Type : ACT_GATHER_INFO |
2009-03-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0315.nasl - Type : ACT_GATHER_INFO |
2009-03-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0325.nasl - Type : ACT_GATHER_INFO |
2009-03-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0333.nasl - Type : ACT_GATHER_INFO |
2009-03-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0340.nasl - Type : ACT_GATHER_INFO |
2009-02-27 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2128.nasl - Type : ACT_GATHER_INFO |
2009-02-27 | Name : The remote openSUSE host is missing a security update. File : suse_libpng-6021.nasl - Type : ACT_GATHER_INFO |
2009-02-24 | Name : The remote openSUSE host is missing a security update. File : suse_libpng-6001.nasl - Type : ACT_GATHER_INFO |
2009-02-23 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-051-01.nasl - Type : ACT_GATHER_INFO |
2008-11-25 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_38761.nasl - Type : ACT_GATHER_INFO |
2008-07-29 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-210-02.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_3.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-003.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-5125.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-5126.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-5127.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-5128.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO |
2008-03-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200803-19.nasl - Type : ACT_GATHER_INFO |
2008-03-07 | Name : The remote web server may be affected by several issues. File : apache_1_3_41.nasl - Type : ACT_GATHER_INFO |
2008-03-07 | Name : The remote web server is affected by multiple cross-site scripting vulnerabil... File : apache_2_0_63.nasl - Type : ACT_GATHER_INFO |
2008-03-04 | Name : The remote host is missing Sun Security Patch number 137080-11 File : solaris10_137080.nasl - Type : ACT_GATHER_INFO |
2008-03-04 | Name : The remote host is missing Sun Security Patch number 137081-11 File : solaris10_x86_137081.nasl - Type : ACT_GATHER_INFO |
2008-02-20 | Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_2_8.nasl - Type : ACT_GATHER_INFO |
2008-02-18 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-045-01.nasl - Type : ACT_GATHER_INFO |
2008-02-18 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-045-02.nasl - Type : ACT_GATHER_INFO |
2008-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1695.nasl - Type : ACT_GATHER_INFO |
2008-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1711.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-575-1.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0005.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0006.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0004.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0005.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0006.nasl - Type : ACT_GATHER_INFO |
2008-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0008.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-4669.nasl - Type : ACT_GATHER_INFO |
2007-12-04 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-235.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-4666.nasl - Type : ACT_GATHER_INFO |
2007-11-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0747.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-499-1.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-06.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0746.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-0704.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2214.nasl - Type : ACT_GATHER_INFO |
2007-09-25 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-707.nasl - Type : ACT_GATHER_INFO |
2007-09-14 | Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_2_6.nasl - Type : ACT_GATHER_INFO |
2007-09-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c115271d602b11dc898c001921ab2fa4.nasl - Type : ACT_GATHER_INFO |
2007-07-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0662.nasl - Type : ACT_GATHER_INFO |
2007-07-18 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-615.nasl - Type : ACT_GATHER_INFO |
2007-07-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0662.nasl - Type : ACT_GATHER_INFO |
2007-07-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-140.nasl - Type : ACT_GATHER_INFO |
2007-07-03 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-617.nasl - Type : ACT_GATHER_INFO |
2007-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0533.nasl - Type : ACT_GATHER_INFO |
2007-06-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0533.nasl - Type : ACT_GATHER_INFO |
2007-06-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0534.nasl - Type : ACT_GATHER_INFO |
2007-06-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0556.nasl - Type : ACT_GATHER_INFO |
2007-06-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0532.nasl - Type : ACT_GATHER_INFO |
2007-06-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0534.nasl - Type : ACT_GATHER_INFO |
2007-06-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0556.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-04-26 18:25:12 |
|
2014-11-27 13:28:42 |
|
2013-05-11 00:56:35 |
|