Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | VMware vSphere and vCOps updates to third party libraries |
| Informations | |||
|---|---|---|---|
| Name | VMSA-2012-0013 | First vendor Publication | 2012-08-30 |
| Vendor | VMware | Last vendor Modification | 2012-12-20 |
| Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| a. vCenter and ESX update to JRE 1.6.0 Update 31 The Oracle (Sun) JRE is updated to version 1.6.0_31, which addresses multiple security issues. Oracle has documented the CVE identifiers that are addressed by this update in the Oracle Java SE Critical Patch Update Advisory of February 2012. b. vCenter Update Manager update to JRE 1.5.0 Update 36 The Oracle (Sun) JRE is updated to 1.5.0_36 to address multiple security issues. Oracle has documented the CVE identifiers that are addressed in JRE 1.5.0_36 in the Oracle Java SE Critical Patch Update Advisory for June 2012. c. Update to ESX/ESXi userworld OpenSSL library The ESX/ESXi userworld OpenSSL library is updated from version 0.9.8p to version 0.9.8t to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-4180, CVE-2010-4252, CVE-2011-0014, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, and CVE-2012-0050 to these issues. d. Update to ESX service console OpenSSL RPM The service console OpenSSL RPM is updated to version 0.9.8e-22.el5_8.3 to resolve a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2110 to this issue. e. Update to ESX service console kernel The ESX service console kernel is updated to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-1833, CVE-2011-2484, CVE-2011-2496, CVE-2011-3188, CVE-2011-3209, CVE-2011-3363, CVE-2011-4110, CVE-2011-1020, CVE-2011-4132, CVE-2011-4324, CVE-2011-4325, CVE-2012-0207, CVE-2011-2699, and CVE-2012-1583 to these issues. f. Update to ESX service console Perl RPM The ESX service console Perl RPM is updated to perl-5.8.8.32.1.8999.vmw to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-2761, CVE-2010-4410, and CVE-2011-3597 to these issues. g. Update to ESX service console libxml2 RPMs The ESX service console libmxl2 RPMs are updated to libxml2-2.6.26-2.1.15.el5_8.2 and libxml2-python-2.6.26-2.1.15.el5_8.2 to resolve a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0841 to this issue. h. Update to ESX service console glibc RPM The ESX service console glibc RPM is updated to version glibc-2.5-81.el5_8.1 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-5029, CVE-2009-5064, CVE-2010-0830, CVE-2011-1089, CVE-2011-4609, and CVE-2012-0864 to these issue. i. Update to ESX service console GnuTLS RPM The ESX service console GnuTLS RPM is updated to version 1.4.1-7.el5_8.2 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-4128, CVE-2012-1569, and CVE-2012-1573 to these issues. j. Update to ESX service console popt, rpm, rpm-libs, and rpm-python RPMS The ESX service console popt, rpm, rpm-libs, and rpm-python RPMS are updated to the following versions to resolve multiple security issues: - popt-1.10.2.3-28.el5_8 - rpm-4.4.2.3-28.el5_8 - rpm-libs-4.4.2.3-28.el5_8 - rpm-python-4.4.2.3-28.el5_8 The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0060, CVE-2012-0061, and CVE-2012-0815 to these issues. k. Vulnerability in third party Apache Struts component The version of Apache Struts in vCenter Operations has been updated to 2.3.4 which addresses an arbitrary file overwrite vulnerability. This vulnerability allows an attacker to create a denial of service by overwriting arbitrary files without authentication. The attacker would need to be on the same network as the system where vCOps is installed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0393 to this issue. Note: Apache struts 2.3.4 addresses the following issues as well: CVE-2011-5057, CVE-2012-0391, CVE-2012-0392, CVE-2012-0394. It was found that these do not affect vCOps. VMware would like to thank Alexander Minozhenko from ERPScan for reporting this issue to us. |
Original Source
| Url : http://www.vmware.com/security/advisories/VMSA-2012-0013.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 22 % | CWE-399 | Resource Management Errors |
| 18 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
| 15 % | CWE-20 | Improper Input Validation |
| 12 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 8 % | CWE-310 | Cryptographic Issues |
| 8 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 5 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 2 % | CWE-369 | Divide By Zero |
| 2 % | CWE-362 | Race Condition |
| 2 % | CWE-287 | Improper Authentication |
| 2 % | CWE-200 | Information Exposure |
| 2 % | CWE-16 | Configuration |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:12481 | |||
| Oval ID: | oval:org.mitre.oval:def:12481 | ||
| Title: | DSA-2141-4 lighttpd -- compatibility problem with updated openssl | ||
| Description: | The openssl update in DSA-2141-1 caused a regression in lighttpd. Due to a bug in lighttpd, the server fails to start in some configurations if using the updated openssl libraries. This update fixes this problem. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2141-4 CVE-2009-3555 CVE-2010-4180 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | lighttpd |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12573 | |||
| Oval ID: | oval:org.mitre.oval:def:12573 | ||
| Title: | DSA-2141-3 apache2 -- backward compatibility option for SSL/TLS insecure | ||
| Description: | DSA-2141-1 changed the behaviour of the openssl libraries in a server environment to only allow SSL/TLS renegotiation for clients that support the RFC5746 renegotiation extension. This update to apache2 adds the new SSLInsecureRenegotiation configuration option that allows to restore support for insecure clients. More information can be found in the file /usr/share/doc/apache2.2-common/NEWS.Debian.gz . | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2141-3 CVE-2009-3555 CVE-2010-4180 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | apache2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12707 | |||
| Oval ID: | oval:org.mitre.oval:def:12707 | ||
| Title: | DSA-2141-1 openssl -- SSL/TLS insecure renegotiation protocol design flaw | ||
| Description: | CVE-2009-3555: Marsh Ray, Steve Dispensa, and Martin Rex discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds backported support for the new RFC5746 renegotiation extension which fixes this issue. If openssl is used in a server application, it will by default no longer accept renegotiation from clients that do not support the RFC5746 secure renegotiation extension. A separate advisory will add RFC5746 support for nss, the security library used by the iceweasel web browser. For apache2, there will be an update which allows to re-enable insecure renegotiation. This version of openssl is not compatible with older versions of tor. You have to use at least tor version 0.2.1.26-1~lenny+1, which has been included in the point release 5.0.7 of Debian stable. Currently we are not aware of other software with similar compatibility problems. CVE-2010-4180: In addition, this update fixes a flaw that allowed a client to bypass restrictions configured in the server for the used cipher suite. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2141-1 CVE-2009-3555 CVE-2010-4180 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12801 | |||
| Oval ID: | oval:org.mitre.oval:def:12801 | ||
| Title: | DSA-2141-2 nss -- SSL/TLS insecure renegotiation protocol design flaw | ||
| Description: | CVE-2009-3555: Marsh Ray, Steve Dispensa, and Martin Rex discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds backported support for the new RFC5746 renegotiation extension which fixes this issue. The updated libraries allow to use shell environment variables to configure if insecure renegotiation is still allowed. The syntax of these environment variables is described in the release notes to version 3.12.6 of nss: https://developer.mozilla.org/NSS_3.12.6_release_notes However, the default behaviour for nss in Debian 5.0 is NSS_SSL_ENABLE_RENEGOTIATION=3, which allows clients to continue to renegotiate with vulnerable servers. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2141-2 CVE-2009-3555 CVE-2010-4180 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | nss |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12932 | |||
| Oval ID: | oval:org.mitre.oval:def:12932 | ||
| Title: | DSA-2162-1 openssl -- invalid memory access | ||
| Description: | Neel Mehta discovered that an incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications may be vulnerable to expose contents of a parsed OCSP nonce extension. Packages in the oldstable distribution are not affected by this problem. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2162-1 CVE-2011-0014 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:13533 | |||
| Oval ID: | oval:org.mitre.oval:def:13533 | ||
| Title: | DSA-2058-1 glibc, eglibc -- multiple | ||
| Description: | Several vulnerabilities have been discovered in the GNU C Library and its derivatives. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-1391, CVE-2009-4880, CVE-2009-4881 Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon family of functions. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service. CVE-2010-0296 Jeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges. CVE-2010-0830 Dan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges. For the stable distribution, these problems have been fixed in version 2.7-18lenny4 of the glibc package. For the testing distribution, these problems will be fixed soon. For the unstable distribution, these problems have been fixed in version 2.1.11-1 of the eglibc package. We recommend that you upgrade your glibc or eglibc packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2058-1 CVE-2008-1391 CVE-2009-4880 CVE-2009-4881 CVE-2010-0296 CVE-2010-0830 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | glibc eglibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13649 | |||
| Oval ID: | oval:org.mitre.oval:def:13649 | ||
| Title: | USN-1064-1 -- openssl vulnerability | ||
| Description: | Neel Mehta discovered that incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. This could allow a remote attacker to cause a crash and denial of service by triggering invalid memory accesses. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1064-1 CVE-2011-0014 | Version: | 5 |
| Platform(s): | Ubuntu 10.10 Ubuntu 10.04 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:14087 | |||
| Oval ID: | oval:org.mitre.oval:def:14087 | ||
| Title: | USN-1161-1 -- linux-ec2 vulnerabilities | ||
| Description: | linux-ec2: Linux kernel for EC2 Multiple kernel flaws have been fixed. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1161-1 CVE-2010-3881 CVE-2011-1017 CVE-2011-1090 CVE-2011-1163 CVE-2011-1494 CVE-2011-1495 CVE-2011-1593 CVE-2011-1598 CVE-2011-1748 CVE-2011-1745 CVE-2011-2022 CVE-2011-1746 CVE-2011-1759 CVE-2011-1770 CVE-2011-1776 CVE-2011-3363 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:14862 | |||
| Oval ID: | oval:org.mitre.oval:def:14862 | ||
| Title: | USN-1318-1 -- Linux kernel (FSL-IMX51) vulnerabilities | ||
| Description: | linux-fsl-imx51: Linux kernel for IMX51 Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1318-1 CVE-2011-1162 CVE-2011-2203 CVE-2011-4110 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:14887 | |||
| Oval ID: | oval:org.mitre.oval:def:14887 | ||
| Title: | DSA-2417-1 libxml2 -- computational denial of service | ||
| Description: | It was discovered that the internal hashing routine of libxml2, a library providing an extensive API to handle XML data, is vulnerable to predictable hash collisions. Given an attacker with knowledge of the hashing algorithm, it is possible to craft input that creates a large amount of collisions. As a result it is possible to perform denial of service attacks against applications using libxml2 functionality because of the computational overhead. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2417-1 CVE-2012-0841 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | libxml2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15006 | |||
| Oval ID: | oval:org.mitre.oval:def:15006 | ||
| Title: | USN-1356-1 -- Linux kernel (OMAP4) vulnerabilities | ||
| Description: | linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1356-1 CVE-2012-0038 CVE-2012-0044 CVE-2012-0207 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15013 | |||
| Oval ID: | oval:org.mitre.oval:def:15013 | ||
| Title: | USN-1386-1 -- Linux kernel (Natty backport) vulnerabilities | ||
| Description: | linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1386-1 CVE-2011-2498 CVE-2011-2518 CVE-2011-3353 CVE-2011-4097 CVE-2011-4622 CVE-2012-0038 CVE-2012-0044 CVE-2012-0207 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15037 | |||
| Oval ID: | oval:org.mitre.oval:def:15037 | ||
| Title: | USN-1281-1 -- Linux (OMAP4) vulnerabilities | ||
| Description: | linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1281-1 CVE-2011-2183 CVE-2011-2479 CVE-2011-2491 CVE-2011-2494 CVE-2011-2495 CVE-2011-2496 CVE-2011-2517 CVE-2011-2905 CVE-2011-2909 CVE-2011-3363 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15043 | |||
| Oval ID: | oval:org.mitre.oval:def:15043 | ||
| Title: | USN-1280-1 -- Linux (OMAP4) vulnerabilities | ||
| Description: | linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1280-1 CVE-2011-1585 CVE-2011-2496 | Version: | 5 |
| Platform(s): | Ubuntu 10.10 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15162 | |||
| Oval ID: | oval:org.mitre.oval:def:15162 | ||
| Title: | USN-1364-1 -- Linux kernel (OMAP4) vulnerabilities | ||
| Description: | linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1364-1 CVE-2011-4097 CVE-2012-0038 CVE-2012-0055 CVE-2012-0056 CVE-2012-0207 | Version: | 5 |
| Platform(s): | Ubuntu 11.10 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15178 | |||
| Oval ID: | oval:org.mitre.oval:def:15178 | ||
| Title: | DSA-2441-1 gnutls26 -- missing bounds check | ||
| Description: | Matthew Hall discovered that GNUTLS does not properly handle truncated GenericBlockCipher structures nested inside TLS records, leading to crashes in applications using the GNUTLS library. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2441-1 CVE-2012-1573 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | gnutls26 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15214 | |||
| Oval ID: | oval:org.mitre.oval:def:15214 | ||
| Title: | USN-1319-1 -- Linux kernel (OMAP4) vulnerabilities | ||
| Description: | linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1319-1 CVE-2011-1162 CVE-2011-2203 CVE-2011-4110 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15237 | |||
| Oval ID: | oval:org.mitre.oval:def:15237 | ||
| Title: | USN-1396-1 -- GNU C Library vulnerabilities | ||
| Description: | eglibc: Embedded GNU C Library: sources - glibc: GNU C Library: Documentation Multiple vulnerabilities were discovered and fixed in the GNU C Library. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1396-1 CVE-2009-5029 CVE-2010-0015 CVE-2011-1071 CVE-2011-1659 CVE-2011-1089 CVE-2011-1095 CVE-2011-1658 CVE-2011-2702 CVE-2011-4609 CVE-2012-0864 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | GNU |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15257 | |||
| Oval ID: | oval:org.mitre.oval:def:15257 | ||
| Title: | DSA-2392-1 openssl -- out-of-bounds read | ||
| Description: | Antonio Martin discovered a denial-of-service vulnerability in OpenSSL, an implementation of TLS and related protocols. A malicious client can cause the DTLS server implementation to crash. Regular, TCP-based TLS is not affected by this issue. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2392-1 CVE-2012-0050 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15268 | |||
| Oval ID: | oval:org.mitre.oval:def:15268 | ||
| Title: | DSA-2440-1 libtasn1-3 – missing bounds check | ||
| Description: | Matthew Hall discovered that many callers of the asn1_get_length_der function did not check the result against the overall buffer length before processing it further. This could result in out-of-bounds memory accesses and application crashes. Applications using GNUTLS are exposed to this issue. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2440-1 CVE-2012-1569 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | libtasn1-3 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15269 | |||
| Oval ID: | oval:org.mitre.oval:def:15269 | ||
| Title: | USN-1328-1 -- Linux kernel (Marvell DOVE) vulnerabilities | ||
| Description: | linux-mvl-dove: Linux kernel for DOVE Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1328-1 CVE-2011-2203 CVE-2011-4110 | Version: | 5 |
| Platform(s): | Ubuntu 10.10 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15286 | |||
| Oval ID: | oval:org.mitre.oval:def:15286 | ||
| Title: | DSA-2390-1 openssl -- several | ||
| Description: | Several vulnerabilities were discovered in OpenSSL, an implementation of TLS and related protocols. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2011-4108 The DTLS implementation performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. CVE-2011-4109 A double free vulnerability when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to cause applications crashes and potentially allow execution of arbitrary code by triggering failure of a policy check. CVE-2011-4354 On 32-bit systems, the operations on NIST elliptic curves P-256 and P-384 are not correctly implemented, potentially leaking the private ECC key of a TLS server. CVE-2011-4576 The SSL 3.0 implementation does not properly initialise data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. CVE-2011-4619 The Server Gated Cryptography implementation in OpenSSL does not properly handle handshake restarts, unnecessarily simplifying CPU exhaustion attacks. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2390-1 CVE-2011-4108 CVE-2011-4109 CVE-2011-4354 CVE-2011-4576 CVE-2011-4619 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15311 | |||
| Oval ID: | oval:org.mitre.oval:def:15311 | ||
| Title: | USN-1324-1 -- Linux kernel (EC2) vulnerabilities | ||
| Description: | linux-ec2: Linux kernel for EC2 Two security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1324-1 CVE-2011-2203 CVE-2011-4110 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15318 | |||
| Oval ID: | oval:org.mitre.oval:def:15318 | ||
| Title: | USN-1337-1 -- Linux kernel (Natty backport) vulnerabilities | ||
| Description: | linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1337-1 CVE-2011-1162 CVE-2011-2203 CVE-2011-4110 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15337 | |||
| Oval ID: | oval:org.mitre.oval:def:15337 | ||
| Title: | USN-1332-1 -- Linux kernel (Maverick backport) vulnerabilities | ||
| Description: | linux-lts-backport-maverick: Linux kernel backport from Maverick Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1332-1 CVE-2011-1162 CVE-2011-1759 CVE-2011-2182 CVE-2011-2203 CVE-2011-4110 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15353 | |||
| Oval ID: | oval:org.mitre.oval:def:15353 | ||
| Title: | USN-1325-1 -- Linux kernel (OMAP4) vulnerabilities | ||
| Description: | linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1325-1 CVE-2011-1162 CVE-2011-2203 CVE-2011-3353 CVE-2011-3359 CVE-2011-4110 | Version: | 5 |
| Platform(s): | Ubuntu 10.10 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15454 | |||
| Oval ID: | oval:org.mitre.oval:def:15454 | ||
| Title: | USN-1376-1 -- libxml2 vulnerability | ||
| Description: | libxml2: GNOME XML library libxml2 could be made to cause a denial of service by consuming excessive CPU resources. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1376-1 CVE-2012-0841 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | libxml2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17742 | |||
| Oval ID: | oval:org.mitre.oval:def:17742 | ||
| Title: | USN-1418-1 -- gnutls13, gnutls26 vulnerabilities | ||
| Description: | The GnuTLS library could be made to crash under certain conditions. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1418-1 CVE-2011-4128 CVE-2012-1573 | Version: | 7 |
| Platform(s): | Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.10 Ubuntu 10.04 Ubuntu 8.04 | Product(s): | gnutls26 gnutls13 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17827 | |||
| Oval ID: | oval:org.mitre.oval:def:17827 | ||
| Title: | USN-1436-1 -- libtasn1-3 vulnerability | ||
| Description: | Libtasn1 could be made to crash or run programs as your login if it received specially crafted input. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1436-1 CVE-2012-1569 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 Ubuntu 8.04 | Product(s): | libtasn1-3 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17842 | |||
| Oval ID: | oval:org.mitre.oval:def:17842 | ||
| Title: | USN-1695-1 -- rpm vulnerabilities | ||
| Description: | RPM could be made to crash or run programs if it opened a specially crafted package file. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1695-1 CVE-2011-3378 CVE-2012-0060 CVE-2012-0061 CVE-2012-0815 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 | Product(s): | rpm |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17928 | |||
| Oval ID: | oval:org.mitre.oval:def:17928 | ||
| Title: | USN-1424-1 -- openssl vulnerabilities | ||
| Description: | An application using OpenSSL could be made to crash or run programs if it opened a specially crafted file. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1424-1 CVE-2006-7250 CVE-2012-1165 CVE-2012-2110 | Version: | 7 |
| Platform(s): | Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 Ubuntu 8.04 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18001 | |||
| Oval ID: | oval:org.mitre.oval:def:18001 | ||
| Title: | DSA-2454-1 openssl - multiple | ||
| Description: | Multiple vulnerabilities have been found in OpenSSL. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2454-1 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2131 CVE-2011-4619 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18910 | |||
| Oval ID: | oval:org.mitre.oval:def:18910 | ||
| Title: | OpenSSL vulnerability before 0.9.8q, and 1.0.x before 1.0.0c in VisualSVN Server (CVE-2010-4180) | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-4180 | Version: | 5 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | VisualSVN Server |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18985 | |||
| Oval ID: | oval:org.mitre.oval:def:18985 | ||
| Title: | OpenSSL vulnerability 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c in VisualSVN Server (CVE-2011-0014) | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0014 | Version: | 5 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | VisualSVN Server |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19039 | |||
| Oval ID: | oval:org.mitre.oval:def:19039 | ||
| Title: | OpenSSL vulnerability before 1.0.0c in VisualSVN Server (CVE-2010-4252) | ||
| Description: | OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-4252 | Version: | 5 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | VisualSVN Server |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19309 | |||
| Oval ID: | oval:org.mitre.oval:def:19309 | ||
| Title: | CRITICAL PATCH UPDATE JULY 2012 | ||
| Description: | The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2699 | Version: | 3 |
| Platform(s): | Sun Solaris 10 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19446 | |||
| Oval ID: | oval:org.mitre.oval:def:19446 | ||
| Title: | Perl Digest Module Code Injection Vulnerability | ||
| Description: | Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-3597 | Version: | 5 |
| Platform(s): | IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19752 | |||
| Oval ID: | oval:org.mitre.oval:def:19752 | ||
| Title: | VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4180 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19764 | |||
| Oval ID: | oval:org.mitre.oval:def:19764 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and CVE-2010-3172. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4410 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19779 | |||
| Oval ID: | oval:org.mitre.oval:def:19779 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2484 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19831 | |||
| Oval ID: | oval:org.mitre.oval:def:19831 | ||
| Title: | VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues. | ||
| Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-2110 | Version: | 4 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19936 | |||
| Oval ID: | oval:org.mitre.oval:def:19936 | ||
| Title: | DSA-2454-2 openssl - incomplete fix | ||
| Description: | Multiple vulnerabilities have been found in OpenSSL. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2454-2 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2131 CVE-2011-4619 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20110 | |||
| Oval ID: | oval:org.mitre.oval:def:20110 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-0841 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20158 | |||
| Oval ID: | oval:org.mitre.oval:def:20158 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-3209 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20194 | |||
| Oval ID: | oval:org.mitre.oval:def:20194 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-1569 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20227 | |||
| Oval ID: | oval:org.mitre.oval:def:20227 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4619 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20253 | |||
| Oval ID: | oval:org.mitre.oval:def:20253 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-3188 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20289 | |||
| Oval ID: | oval:org.mitre.oval:def:20289 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | ** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-5064 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20347 | |||
| Oval ID: | oval:org.mitre.oval:def:20347 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-0050 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20355 | |||
| Oval ID: | oval:org.mitre.oval:def:20355 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4128 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20390 | |||
| Oval ID: | oval:org.mitre.oval:def:20390 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4576 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20408 | |||
| Oval ID: | oval:org.mitre.oval:def:20408 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-0060 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20409 | |||
| Oval ID: | oval:org.mitre.oval:def:20409 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4108 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20458 | |||
| Oval ID: | oval:org.mitre.oval:def:20458 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-0864 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20487 | |||
| Oval ID: | oval:org.mitre.oval:def:20487 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-5029 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20495 | |||
| Oval ID: | oval:org.mitre.oval:def:20495 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4108 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20497 | |||
| Oval ID: | oval:org.mitre.oval:def:20497 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-0815 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20507 | |||
| Oval ID: | oval:org.mitre.oval:def:20507 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1089 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20511 | |||
| Oval ID: | oval:org.mitre.oval:def:20511 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4109 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20547 | |||
| Oval ID: | oval:org.mitre.oval:def:20547 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-2761 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20560 | |||
| Oval ID: | oval:org.mitre.oval:def:20560 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-3597 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20561 | |||
| Oval ID: | oval:org.mitre.oval:def:20561 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4252 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20568 | |||
| Oval ID: | oval:org.mitre.oval:def:20568 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-0014 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20583 | |||
| Oval ID: | oval:org.mitre.oval:def:20583 | ||
| Title: | RHSA-2012:0429: gnutls security update (Important) | ||
| Description: | gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0429-02 CESA-2012:0429 CVE-2011-4128 CVE-2012-1573 | Version: | 29 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | gnutls |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20585 | |||
| Oval ID: | oval:org.mitre.oval:def:20585 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-1573 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20617 | |||
| Oval ID: | oval:org.mitre.oval:def:20617 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-3363 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20634 | |||
| Oval ID: | oval:org.mitre.oval:def:20634 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-0061 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20664 | |||
| Oval ID: | oval:org.mitre.oval:def:20664 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1833 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20667 | |||
| Oval ID: | oval:org.mitre.oval:def:20667 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4577 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20668 | |||
| Oval ID: | oval:org.mitre.oval:def:20668 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6/xfrm6_tunnel.c in the Linux kernel before 2.6.22, when the xfrm6_tunnel module is enabled, allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-1583 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20676 | |||
| Oval ID: | oval:org.mitre.oval:def:20676 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4609 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20683 | |||
| Oval ID: | oval:org.mitre.oval:def:20683 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an "invalid log first block value." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4132 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20684 | |||
| Oval ID: | oval:org.mitre.oval:def:20684 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-0830 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20694 | |||
| Oval ID: | oval:org.mitre.oval:def:20694 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2496 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20705 | |||
| Oval ID: | oval:org.mitre.oval:def:20705 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4180 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20706 | |||
| Oval ID: | oval:org.mitre.oval:def:20706 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4110 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20716 | |||
| Oval ID: | oval:org.mitre.oval:def:20716 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-2110 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20720 | |||
| Oval ID: | oval:org.mitre.oval:def:20720 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2699 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20728 | |||
| Oval ID: | oval:org.mitre.oval:def:20728 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1020 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20732 | |||
| Oval ID: | oval:org.mitre.oval:def:20732 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-0014 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20733 | |||
| Oval ID: | oval:org.mitre.oval:def:20733 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-0207 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20736 | |||
| Oval ID: | oval:org.mitre.oval:def:20736 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain functions without properly initializing certain data, which allows local users to cause a denial of service (NULL pointer dereference and O_DIRECT oops), as demonstrated using diotest4 from LTP. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4325 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20747 | |||
| Oval ID: | oval:org.mitre.oval:def:20747 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4324 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20756 | |||
| Oval ID: | oval:org.mitre.oval:def:20756 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4619 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20777 | |||
| Oval ID: | oval:org.mitre.oval:def:20777 | ||
| Title: | USN-1242-1 -- linux-lts-backport-maverick vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1242-1 CVE-2010-4250 CVE-2011-1479 CVE-2011-2494 CVE-2011-2495 CVE-2011-2695 CVE-2011-2905 CVE-2011-2909 CVE-2011-3188 CVE-2011-3363 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-lts-backport-maverick |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20817 | |||
| Oval ID: | oval:org.mitre.oval:def:20817 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4109 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20828 | |||
| Oval ID: | oval:org.mitre.oval:def:20828 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4180 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20867 | |||
| Oval ID: | oval:org.mitre.oval:def:20867 | ||
| Title: | USN-1244-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1244-1 CVE-2010-3873 CVE-2011-2183 CVE-2011-2491 CVE-2011-2494 CVE-2011-2495 CVE-2011-2517 CVE-2011-2695 CVE-2011-2905 CVE-2011-2909 CVE-2011-3363 | Version: | 5 |
| Platform(s): | Ubuntu 10.10 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20877 | |||
| Oval ID: | oval:org.mitre.oval:def:20877 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-0050 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20887 | |||
| Oval ID: | oval:org.mitre.oval:def:20887 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4576 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20938 | |||
| Oval ID: | oval:org.mitre.oval:def:20938 | ||
| Title: | RHSA-2012:0451: rpm security update (Important) | ||
| Description: | The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0451-03 CESA-2012:0451 CVE-2012-0060 CVE-2012-0061 CVE-2012-0815 | Version: | 42 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | rpm |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20975 | |||
| Oval ID: | oval:org.mitre.oval:def:20975 | ||
| Title: | RHSA-2011:0677: openssl security, bug fix, and enhancement update (Moderate) | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:0677-01 CVE-2011-0014 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20976 | |||
| Oval ID: | oval:org.mitre.oval:def:20976 | ||
| Title: | RHSA-2012:0324: libxml2 security update (Moderate) | ||
| Description: | libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0324-01 CESA-2012:0324 CVE-2012-0841 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | libxml2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21032 | |||
| Oval ID: | oval:org.mitre.oval:def:21032 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-2110 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:21088 | |||
| Oval ID: | oval:org.mitre.oval:def:21088 | ||
| Title: | RHSA-2012:0427: libtasn1 security update (Important) | ||
| Description: | The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0427-02 CESA-2012:0427 CVE-2012-1569 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | libtasn1 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21192 | |||
| Oval ID: | oval:org.mitre.oval:def:21192 | ||
| Title: | RHSA-2012:0059: openssl security update (Moderate) | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0059-01 CESA-2012:0059 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 | Version: | 55 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21250 | |||
| Oval ID: | oval:org.mitre.oval:def:21250 | ||
| Title: | RHSA-2012:0428: gnutls security update (Important) | ||
| Description: | gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0428-02 CESA-2012:0428 CVE-2011-4128 CVE-2012-1569 CVE-2012-1573 | Version: | 42 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gnutls |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21296 | |||
| Oval ID: | oval:org.mitre.oval:def:21296 | ||
| Title: | RHSA-2012:0058: glibc security and bug fix update (Moderate) | ||
| Description: | The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0058-01 CESA-2012:0058 CVE-2009-5029 CVE-2011-4609 | Version: | 29 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21353 | |||
| Oval ID: | oval:org.mitre.oval:def:21353 | ||
| Title: | RHSA-2012:0397: glibc security update (Moderate) | ||
| Description: | Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0397-01 CESA-2012:0397 CVE-2012-0864 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21363 | |||
| Oval ID: | oval:org.mitre.oval:def:21363 | ||
| Title: | RHSA-2012:0060: openssl security update (Moderate) | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0060-01 CESA-2012:0060 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4619 | Version: | 55 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21365 | |||
| Oval ID: | oval:org.mitre.oval:def:21365 | ||
| Title: | RHSA-2012:0126: glibc security update (Moderate) | ||
| Description: | The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0126-01 CESA-2012:0126 CVE-2009-5029 CVE-2009-5064 CVE-2010-0830 CVE-2011-1089 CVE-2011-4609 | Version: | 68 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21366 | |||
| Oval ID: | oval:org.mitre.oval:def:21366 | ||
| Title: | RHSA-2012:0518: openssl security update (Important) | ||
| Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0518-02 CESA-2012:0518 CVE-2012-2110 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | openssl openssl097a openssl098e |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21459 | |||
| Oval ID: | oval:org.mitre.oval:def:21459 | ||
| Title: | RHSA-2012:0393: glibc security and bug fix update (Moderate) | ||
| Description: | Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0393-01 CESA-2012:0393 CVE-2012-0864 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21725 | |||
| Oval ID: | oval:org.mitre.oval:def:21725 | ||
| Title: | RHSA-2011:1797: perl security update (Moderate) | ||
| Description: | Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:1797-01 CESA-2011:1797 CVE-2010-2761 CVE-2010-4410 CVE-2011-3597 | Version: | 42 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | perl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22038 | |||
| Oval ID: | oval:org.mitre.oval:def:22038 | ||
| Title: | RHSA-2010:0978: openssl security update (Moderate) | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0978-01 CESA-2010:0978 CVE-2008-7270 CVE-2010-4180 | Version: | 29 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22097 | |||
| Oval ID: | oval:org.mitre.oval:def:22097 | ||
| Title: | RHSA-2010:0979: openssl security update (Moderate) | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0979-01 CVE-2010-4180 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22306 | |||
| Oval ID: | oval:org.mitre.oval:def:22306 | ||
| Title: | ELSA-2010:0978: openssl security update (Moderate) | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0978-01 CVE-2008-7270 CVE-2010-4180 | Version: | 13 |
| Platform(s): | Oracle Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22667 | |||
| Oval ID: | oval:org.mitre.oval:def:22667 | ||
| Title: | ELSA-2012:0397: glibc security update (Moderate) | ||
| Description: | Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0397-01 CVE-2012-0864 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22780 | |||
| Oval ID: | oval:org.mitre.oval:def:22780 | ||
| Title: | ELSA-2010:0979: openssl security update (Moderate) | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0979-01 CVE-2010-4180 | Version: | 6 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22910 | |||
| Oval ID: | oval:org.mitre.oval:def:22910 | ||
| Title: | ELSA-2012:0126: glibc security update (Moderate) | ||
| Description: | The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0126-01 CVE-2009-5029 CVE-2009-5064 CVE-2010-0830 CVE-2011-1089 CVE-2011-4609 | Version: | 25 |
| Platform(s): | Oracle Linux 5 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23081 | |||
| Oval ID: | oval:org.mitre.oval:def:23081 | ||
| Title: | ELSA-2012:0428: gnutls security update (Important) | ||
| Description: | gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0428-02 CVE-2011-4128 CVE-2012-1569 CVE-2012-1573 | Version: | 17 |
| Platform(s): | Oracle Linux 5 | Product(s): | gnutls |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23087 | |||
| Oval ID: | oval:org.mitre.oval:def:23087 | ||
| Title: | DEPRECATED: ELSA-2012:0324: libxml2 security update (Moderate) | ||
| Description: | libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0324-01 CVE-2012-0841 | Version: | 7 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libxml2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23231 | |||
| Oval ID: | oval:org.mitre.oval:def:23231 | ||
| Title: | ELSA-2011:1797: perl security update (Moderate) | ||
| Description: | Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011:1797-01 CVE-2010-2761 CVE-2010-4410 CVE-2011-3597 | Version: | 17 |
| Platform(s): | Oracle Linux 5 | Product(s): | perl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23304 | |||
| Oval ID: | oval:org.mitre.oval:def:23304 | ||
| Title: | DEPRECATED: ELSA-2012:0518: openssl security update (Important) | ||
| Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0518-02 CVE-2012-2110 | Version: | 7 |
| Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | openssl openssl097a openssl098e |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23329 | |||
| Oval ID: | oval:org.mitre.oval:def:23329 | ||
| Title: | ELSA-2012:0429: gnutls security update (Important) | ||
| Description: | gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0429-02 CVE-2011-4128 CVE-2012-1573 | Version: | 13 |
| Platform(s): | Oracle Linux 6 | Product(s): | gnutls |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23401 | |||
| Oval ID: | oval:org.mitre.oval:def:23401 | ||
| Title: | ELSA-2012:0060: openssl security update (Moderate) | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0060-01 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4619 | Version: | 21 |
| Platform(s): | Oracle Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23416 | |||
| Oval ID: | oval:org.mitre.oval:def:23416 | ||
| Title: | ELSA-2011:0677: openssl security, bug fix, and enhancement update (Moderate) | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011:0677-01 CVE-2011-0014 | Version: | 6 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23704 | |||
| Oval ID: | oval:org.mitre.oval:def:23704 | ||
| Title: | ELSA-2012:0518: openssl security update (Important) | ||
| Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0518-02 CVE-2012-2110 | Version: | 6 |
| Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | openssl openssl097a openssl098e |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23733 | |||
| Oval ID: | oval:org.mitre.oval:def:23733 | ||
| Title: | ELSA-2012:0324: libxml2 security update (Moderate) | ||
| Description: | libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0324-01 CVE-2012-0841 | Version: | 6 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libxml2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23804 | |||
| Oval ID: | oval:org.mitre.oval:def:23804 | ||
| Title: | ELSA-2012:0427: libtasn1 security update (Important) | ||
| Description: | The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0427-02 CVE-2012-1569 | Version: | 6 |
| Platform(s): | Oracle Linux 6 | Product(s): | libtasn1 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23809 | |||
| Oval ID: | oval:org.mitre.oval:def:23809 | ||
| Title: | ELSA-2012:0058: glibc security and bug fix update (Moderate) | ||
| Description: | The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0058-01 CVE-2009-5029 CVE-2011-4609 | Version: | 13 |
| Platform(s): | Oracle Linux 6 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23853 | |||
| Oval ID: | oval:org.mitre.oval:def:23853 | ||
| Title: | ELSA-2012:0393: glibc security and bug fix update (Moderate) | ||
| Description: | Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0393-01 CVE-2012-0864 | Version: | 6 |
| Platform(s): | Oracle Linux 6 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23859 | |||
| Oval ID: | oval:org.mitre.oval:def:23859 | ||
| Title: | ELSA-2012:0059: openssl security update (Moderate) | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0059-01 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 | Version: | 21 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24640 | |||
| Oval ID: | oval:org.mitre.oval:def:24640 | ||
| Title: | Vulnerability in OpenSSL before 0.9.8s and 1.x before 1.0.0f, might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer | ||
| Description: | The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-4576 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24643 | |||
| Oval ID: | oval:org.mitre.oval:def:24643 | ||
| Title: | Vulnerability in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c, allows remote attackers to cause a denial of service (crash) | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0014 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24730 | |||
| Oval ID: | oval:org.mitre.oval:def:24730 | ||
| Title: | Vulnerability in OpenSSL before 0.9.8s and 1.x before 1.0.0f, allows remote attackers to cause a denial of service (assertion failure) | ||
| Description: | OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-4577 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24750 | |||
| Oval ID: | oval:org.mitre.oval:def:24750 | ||
| Title: | OpenSSL vulnerability in 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a, allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact | ||
| Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-2110 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24765 | |||
| Oval ID: | oval:org.mitre.oval:def:24765 | ||
| Title: | Vulnerability in OpenSSL before 0.9.8s and 1.x before 1.0.0f, allows remote attackers to cause a denial of service (CPU consumption) | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-4619 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24936 | |||
| Oval ID: | oval:org.mitre.oval:def:24936 | ||
| Title: | Vulnerability in OpenSSL before 0.9.8s and 1.x before 1.0.0f, performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext | ||
| Description: | The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-4108 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24969 | |||
| Oval ID: | oval:org.mitre.oval:def:24969 | ||
| Title: | Vulnerability in OpenSSL 0.9.8q, and 1.0.x before 1.0.0c, does not properly prevent modification of the ciphersuite in the session cache | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-4180 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24989 | |||
| Oval ID: | oval:org.mitre.oval:def:24989 | ||
| Title: | OpenSSL vulnerability in 0.9.8s and 1.0.0f, allows remote attackers to cause a denial of service (crash) | ||
| Description: | OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0050 | Version: | 4 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24993 | |||
| Oval ID: | oval:org.mitre.oval:def:24993 | ||
| Title: | Vulnerability in OpenSSL before 1.0.0c, does not properly validate the public parameters in the J-PAKE protocol | ||
| Description: | OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-4252 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25059 | |||
| Oval ID: | oval:org.mitre.oval:def:25059 | ||
| Title: | Vulnerability in OpenSSL 0.9.8 before 0.9.8s, allows remote attackers to have an unspecified impact by triggering failure of a policy check | ||
| Description: | Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-4109 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25193 | |||
| Oval ID: | oval:org.mitre.oval:def:25193 | ||
| Title: | SUSE-SU-2013:1165-1 -- Security update for libcurl4 | ||
| Description: | This update of curl fixes several security issues: * libcurl URL decode buffer boundary flaw (bnc#824517 / CVE-2013-2174) * cookie domain tailmatch (bnc#814655 / CVE-2013-1944) * curl sets SSL_OP_ALL (bnc#742306 / CVE-2011-3389) * When SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier (CVE-2010-4180) | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2013:1165-1 CVE-2013-2174 CVE-2013-1944 CVE-2011-3389 CVE-2010-4180 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Desktop 10 | Product(s): | libcurl4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25222 | |||
| Oval ID: | oval:org.mitre.oval:def:25222 | ||
| Title: | SUSE-SU-2013:1287-1 -- Security update for glibc | ||
| Description: | This collective update for the GNU C library (glibc) provides the following fixes and enhancements: Security issues fixed: - Fix stack overflow in getaddrinfo with many results. (bnc#813121, CVE-2013-1914) - Fixed another stack overflow in getaddrinfo with many results (bnc#828637) - Fix buffer overflow in glob. (bnc#691365) (CVE-2010-4756) - Fix array overflow in floating point parser [bnc#775690] (CVE-2012-3480) - Fix strtod integer/buffer overflows [bnc#775690] (CVE-2012-3480) - Make addmntent return errors also for cached streams. [bnc #676178, CVE-2011-1089] - Fix overflows in vfprintf. [bnc #770891, CVE 2012-3406] - Add vfprintf-nargs.diff for possible format string overflow. [bnc #747768, CVE-2012-0864] - Check values from file header in __tzfile_read. [bnc #735850, CVE-2009-5029] Also several bugs were fixed: - Fix locking in _IO_cleanup. (bnc#796982) - Fix memory leak in execve. (bnc#805899) - Fix nscd timestamps in logging (bnc#783196) - Fix perl script error message (bnc#774467) - Fall back to localhost if no nameserver defined (bnc#818630) - Fix incomplete results from nscd. [bnc #753756] - Fix a deadlock in dlsym in case the symbol isn't found, for multithreaded programs. [bnc #760216] - Fix problem with TLS and dlopen. [#732110] - Backported regex fix for skipping of valid EUC-JP matches [bnc#743689] - Fixed false regex match on incomplete chars in EUC-JP [bnc#743689] - Add glibc-pmap-timeout.diff in order to fix useless connection attempts to NFS servers. [bnc #661460] | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2013:1287-1 CVE-2013-1914 CVE-2010-4756 CVE-2012-3480 CVE-2011-1089 CVE-2012-0864 CVE-2009-5029 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25330 | |||
| Oval ID: | oval:org.mitre.oval:def:25330 | ||
| Title: | SUSE-SU-2014:0320-1 -- Security update for gnutls | ||
| Description: | The GnuTLS library received a critical security fix and other updates. | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:0320-1 CVE-2014-0092 CVE-2009-5138 CVE-2013-2116 CVE-2013-1619 CVE-2013-0169 CVE-2012-1569 CVE-2012-1573 CVE-2012-0390 CVE-2011-4108 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | gnutls |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25868 | |||
| Oval ID: | oval:org.mitre.oval:def:25868 | ||
| Title: | SUSE-SU-2013:1251-1 -- Security update for glibc | ||
| Description: | This collective update for the GNU C library (glibc) provides the following fixes and enhancements: Security issues fixed: * Fix stack overflow in getaddrinfo with many results. (bnc#813121, CVE-2013-1914) * Fix a different stack overflow in getaddrinfo with many results. (bnc#828637) * Fix array overflow in floating point parser [bnc#775690] (CVE-2012-3480) * Fix strtod integer/buffer overflows [bnc#775690] (CVE-2012-3480) * Add patches for fix overflows in vfprintf. [bnc #770891, CVE-2012-3405, CVE-2012-3406] * Fix buffer overflow in glob. (bnc#691365) (CVE-2010-4756) * Flush stream in addmntent, to catch errors like reached file size limits. [bnc #676178, CVE-2011-1089] Bugs fixed: * Fix locking in _IO_cleanup. (bnc#796982) * Fix resolver when first query fails, but seconds succeeds. [bnc #767266] | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2013:1251-1 CVE-2013-1914 CVE-2012-3480 CVE-2012-3405 CVE-2012-3406 CVE-2010-4756 CVE-2011-1089 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26787 | |||
| Oval ID: | oval:org.mitre.oval:def:26787 | ||
| Title: | RHSA-2011:1526 -- glibc security, bug fix, and enhancement update (Low) | ||
| Description: | The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. A flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064) It was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089) Red Hat would like to thank Dan Rosenberg for reporting the CVE-2011-1089 issue. This update also fixes several bugs and adds various enhancements. Documentation for these bug fixes and enhancements will be available shortly from the Technical Notes document, linked to in the References section. Users are advised to upgrade to these updated glibc packages, which contain backported patches to resolve these issues and add these enhancements. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:1526 CVE-2009-5064 CVE-2011-1089 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27073 | |||
| Oval ID: | oval:org.mitre.oval:def:27073 | ||
| Title: | DEPRECATED: ELSA-2012-0059 -- openssl security update (moderate) | ||
| Description: | [1.0.0-20.1] - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0059 CVE-2011-4577 CVE-2011-4108 CVE-2011-4576 CVE-2011-4619 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27217 | |||
| Oval ID: | oval:org.mitre.oval:def:27217 | ||
| Title: | RHSA-2011:1530 -- Red Hat Enterprise Linux 6 kernel security, bug fix and enhancement update (Moderate) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * The proc file system could allow a local, unprivileged user to obtain sensitive information or possibly cause integrity issues. (CVE-2011-1020, Moderate) * Non-member VLAN (virtual LAN) packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service. (CVE-2011-3347, Moderate) * A flaw was found in the Linux kernel in the way splitting two extents in ext4_ext_convert_to_initialized() worked. A local, unprivileged user with access to mount and unmount ext4 file systems could use this flaw to cause a denial of service. (CVE-2011-3638, Moderate) * A NULL pointer dereference flaw was found in the way the Linux kernel's key management facility handled user-defined key types. A local, unprivileged user could use the keyctl utility to cause a denial of service. (CVE-2011-4110, Moderate) Red Hat would like to thank Kees Cook for reporting CVE-2011-1020; Somnath Kotur for reporting CVE-2011-3347; and Zheng Liu for reporting CVE-2011-3638. This update also fixes several hundred bugs and adds enhancements. Refer to the Red Hat Enterprise Linux 6.2 Release Notes for information on the most significant of these changes, and the Technical Notes for further information, both linked to in the References. All Red Hat Enterprise Linux 6 users are advised to install these updated packages, which correct these issues, and fix the bugs and add the enhancements noted in the Red Hat Enterprise Linux 6.2 Release Notes and Technical Notes. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:1530 CVE-2011-1020 CVE-2011-3347 CVE-2011-3638 CVE-2011-4110 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27625 | |||
| Oval ID: | oval:org.mitre.oval:def:27625 | ||
| Title: | DEPRECATED: ELSA-2012-0393 -- glibc security and bug fix update (moderate) | ||
| Description: | [2.12-1.47.el6_2.9] - Always use another area after a failed allocation in the main arena (#795328) - Remove sse3 memcpy (#695812) changes (#799259) [2.12-1.47.el6_2.8] - Avoid nargs integer overflow which could be used to bypass FORTIFY_SOURCE (#794815) [2.12-1.47.el6_2.7] - Fix locking on malloc family retry paths (#795328) [2.12-1.47.el6_2.6] - Fix cycle detection in dynamic loader (#783999) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0393 CVE-2012-0864 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27663 | |||
| Oval ID: | oval:org.mitre.oval:def:27663 | ||
| Title: | DEPRECATED: ELSA-2012-0427 -- libtasn1 security update (important) | ||
| Description: | [2.3-3.1] - fix CVE-2012-1569 - missing length check when decoding DER lengths (#804920) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0427 CVE-2012-1569 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | libtasn1 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27726 | |||
| Oval ID: | oval:org.mitre.oval:def:27726 | ||
| Title: | DEPRECATED: ELSA-2012-0060 -- openssl security update (moderate) | ||
| Description: | [0.9.8e-20.1] - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4109 - double free in policy checks (#771771) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0060 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4619 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27741 | |||
| Oval ID: | oval:org.mitre.oval:def:27741 | ||
| Title: | DEPRECATED: ELSA-2011-1479 -- kernel security, bug fix, and enhancement update (important) | ||
| Description: | kernel [2.6.18-274.12.1.0.1.el5] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [scsi] add additional scsi medium error handling (John Sobecki) [orabug 12904887] - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - bonding: reread information about speed and duplex when interface goes up (John Haxby) [orabug 11890822] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-1479 CVE-2011-1162 CVE-2011-1898 CVE-2011-2203 CVE-2011-2494 CVE-2011-3363 CVE-2011-4110 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27800 | |||
| Oval ID: | oval:org.mitre.oval:def:27800 | ||
| Title: | DEPRECATED: ELSA-2012-0429 -- gnutls security update (important) | ||
| Description: | [2.8.5-4.2] - fix CVE-2012-1573 - security issue in packet parsing (#805432) - fix CVE-2011-4128 - buffer overflow in gnutls_session_get_data() (#752308) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0429 CVE-2011-4128 CVE-2012-1573 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | gnutls |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27811 | |||
| Oval ID: | oval:org.mitre.oval:def:27811 | ||
| Title: | DEPRECATED: ELSA-2012-0518 -- openssl security update (important) | ||
| Description: | openssl: [1.0.0-20.4] - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185) openssl098e: [0.9.8e-17.el6_2.2] - Updated the description [0.9.8e-17.2] - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0518 CVE-2012-2110 | Version: | 4 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openssl openssl097a openssl098e |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27823 | |||
| Oval ID: | oval:org.mitre.oval:def:27823 | ||
| Title: | ELSA-2012-0480-1 -- kernel security, bug fix, and enhancement update (important) | ||
| Description: | [2.6.18-308.4.1.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0480-1 CVE-2012-1583 | Version: | 5 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel ocfs2 oracleasm kernel-PAE kernel-PAE-devel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-headers kernel-xen kernel-xen-devel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27835 | |||
| Oval ID: | oval:org.mitre.oval:def:27835 | ||
| Title: | DEPRECATED: ELSA-2012-0397 -- glibc security update (moderate) | ||
| Description: | [2.5-81.el5_8.1] - Add dist tag [when building file lists (#784646).] - Avoid nargs integer overflow which could be used to bypass FORTIFY_SOURCE (#794813) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0397 CVE-2012-0864 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27873 | |||
| Oval ID: | oval:org.mitre.oval:def:27873 | ||
| Title: | DEPRECATED: ELSA-2012-0324 -- libxml2 security update (moderate) | ||
| Description: | [2.7.6-4.0.1.el6_2.4] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.7.6-4.el6_2.4] - remove chunk in patch related to configure.in as it breaks rebuild - Resolves: rhbz#788845 [2.7.6-4.el6_2.3] - fix previous build to force compilation of randomization code - Resolves: rhbz#788845 [2.7.6-4.el6_2.2] - adds randomization to hash and dict structures CVE-2012-0841 - Resolves: rhbz#788845 | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0324 CVE-2012-0841 | Version: | 4 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libxml2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27898 | |||
| Oval ID: | oval:org.mitre.oval:def:27898 | ||
| Title: | DEPRECATED: ELSA-2012-0058 -- glibc security and bug fix update (moderate) | ||
| Description: | [2.12-1.47.el6_2.5] - Avoid high cpu usage when accept fails with EMFILE (#767692) [2.12-1.47.el6_2.4] - Make implementation of ARENAS_TEST and ARENAS_MAX match documentation (#769594) - Check malloc arena atomically (#769594) [2.12-1.47.el6_2.3] - Check values from TZ file header (#767692) [2.12-1.47.el6_2.2] - Correctly reparse group line after enlarging the buffer (#766484) [2.12-1.47.el6_2.1] - Fix grouping and reuse other locales in various locales (#754116) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0058 CVE-2009-5029 CVE-2011-4609 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27901 | |||
| Oval ID: | oval:org.mitre.oval:def:27901 | ||
| Title: | DEPRECATED: ELSA-2012-0428 -- gnutls security update (important) | ||
| Description: | [1.4.1-7.2] - fix CVE-2011-4128 - buffer overflow in gnutls_session_get_data() (#752308) - fix CVE-2012-1569 - missing length check when decoding DER lengths (#804920) - fix CVE-2012-1573 - security issue in packet parsing (#805432) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0428 CVE-2011-4128 CVE-2012-1569 CVE-2012-1573 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | gnutls |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27912 | |||
| Oval ID: | oval:org.mitre.oval:def:27912 | ||
| Title: | DEPRECATED: ELSA-2012-0480 -- kernel security, bug fix, and enhancement update (important) | ||
| Description: | [2.6.18-308.4.1.el5] - [net] ipv6: fix skb double free in xfrm6_tunnel (Jiri Benc) [752305 743375] {CVE-2012-1583} [2.6.18-308.3.1.el5] - [net] be2net: cancel be_worker during EEH recovery (Ivan Vecera) [805462 773735] - [net] be2net: add vlan/rx-mode/flow-control config to be_setup (Ivan Vecera) [805462 773735] - [x86] disable TSC synchronization when using kvmclock (Marcelo Tosatti) [805460 799170] - [fs] vfs: fix LOOKUP_DIRECTORY not propagated to managed_dentry (Ian Kent) [801726 798809] - [fs] vfs: fix d_instantiate_unique (Ian Kent) [801726 798809] - [fs] nfs: allow high priority COMMITs to bypass inode commit lock (Jeff Layton) [799941 773777] - [fs] nfs: don't skip COMMITs if system under is mem pressure (Jeff Layton) [799941 773777] - [scsi] qla2xxx: Read the HCCR register to flush any PCIe writes (Chad Dupuis) [798748 772192] - [scsi] qla2xxx: Complete mbox cmd timeout before next reset cycle (Chad Dupuis) [798748 772192] - [s390] qdio: wrong buffers-used counter for ERROR buffers (Hendrik Brueckner) [801724 790840] - [net] bridge: Reset IPCB when entering IP stack (Herbert Xu) [804721 749813] - [fs] procfs: add hidepid= and gid= mount options (Jerome Marchand) [770649 770650] - [fs] procfs: parse mount options (Jerome Marchand) [770649 770650] [2.6.18-308.2.1.el5] - [fs] nfs: nfs_fhget should wait on I_NEW instead of I_LOCK (Sachin Prabhu) [795664 785062] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0480 CVE-2012-1583 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27927 | |||
| Oval ID: | oval:org.mitre.oval:def:27927 | ||
| Title: | DEPRECATED: ELSA-2012-0126 -- glibc security update (moderate) | ||
| Description: | [2.5-65.el5_7.3] - Use correct type when casting d_tag (#767687) - Report write error in addmnt even for cached streams (#767687) - ldd: Never run file directly (#767687). - Workaround misconfigured system (#767687) [2.5-65.el5_7.2] - Check values from TZ file header (#767687) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0126 CVE-2010-0830 CVE-2009-5029 CVE-2009-5064 CVE-2011-1089 CVE-2011-4609 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28024 | |||
| Oval ID: | oval:org.mitre.oval:def:28024 | ||
| Title: | DEPRECATED: ELSA-2011-0677 -- openssl security, bug fix, and enhancement update (moderate) | ||
| Description: | [1.0.0-10] - fix OCSP stapling vulnerability - CVE-2011-0014 (#676063) - correct the README.FIPS document [1.0.0-8] - add -x931 parameter to openssl genrsa command to use the ANSI X9.31 key generation method - use FIPS-186-3 method for DSA parameter generation - add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable to allow using MD5 when the system is in the maintenance state even if the /proc fips flag is on - make openssl pkcs12 command work by default in the FIPS mode [1.0.0-7] - listen on ipv6 wildcard in s_server so we accept connections from both ipv4 and ipv6 (#601612) - fix openssl speed command so it can be used in the FIPS mode with FIPS allowed ciphers (#619762) [1.0.0-6] - disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864 (#649304) [1.0.0-5] - fix race in extension parsing code - CVE-2010-3864 (#649304) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0677 CVE-2011-0014 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:28049 | |||
| Oval ID: | oval:org.mitre.oval:def:28049 | ||
| Title: | ELSA-2011-1526 -- glibc security, bug fix, and enhancement update (low) | ||
| Description: | A flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064) It was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-1526 CVE-2009-5064 CVE-2011-1089 | Version: | 3 |
| Platform(s): | Oracle Linux 6 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28187 | |||
| Oval ID: | oval:org.mitre.oval:def:28187 | ||
| Title: | DEPRECATED: ELSA-2010-0979 -- openssl security update (moderate) | ||
| Description: | [1.0.0-4.2] - disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864 (#649304) [1.0.0-4.1] - fix race in extension parsing code - CVE-2010-3864 (#649304) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010-0979 CVE-2010-3864 CVE-2010-4180 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
SAINT Exploits
| Description | Link |
|---|---|
| Apache Struts 2 ConversionErrorInterceptor Java Injection | More info here |
ExploitDB Exploits
| id | Description |
|---|---|
| 2013-05-01 | sudo v1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass |
| 2012-04-19 | OpenSSL ASN1 BIO Memory Corruption Vulnerability |
| 2012-01-17 | Linux IGMP Remote Denial Of Service (Introduced in linux-2.6.36) |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2389-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2389_1.nasl |
| 2013-09-18 | Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2443_1.nasl |
| 2012-12-27 | Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi File : nvt/gb_VMSA-2012-0018.nasl |
| 2012-12-18 | Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl |
| 2012-12-04 | Name : Ubuntu Update for perl USN-1643-1 File : nvt/gb_ubuntu_USN_1643_1.nasl |
| 2012-11-29 | Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl |
| 2012-11-06 | Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl |
| 2012-10-03 | Name : Fedora Update for libxml2 FEDORA-2012-13824 File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl |
| 2012-09-27 | Name : Fedora Update for libxml2 FEDORA-2012-13820 File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl |
| 2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-12 (libtasn1) File : nvt/glsa_201209_12.nasl |
| 2012-09-10 | Name : Slackware Advisory SSA:2012-041-03 glibc File : nvt/esoft_slk_ssa_2012_041_03.nasl |
| 2012-09-04 | Name : Fedora Update for kernel FEDORA-2012-12684 File : nvt/gb_fedora_2012_12684_kernel_fc16.nasl |
| 2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
| 2012-08-30 | Name : Fedora Update for glibc FEDORA-2012-2123 File : nvt/gb_fedora_2012_2123_glibc_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libtasn1 FEDORA-2012-4357 File : nvt/gb_fedora_2012_4357_libtasn1_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for mingw-gnutls FEDORA-2012-4451 File : nvt/gb_fedora_2012_4451_mingw-gnutls_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for mingw-libtasn1 FEDORA-2012-4451 File : nvt/gb_fedora_2012_4451_mingw-libtasn1_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for mingw-p11-kit FEDORA-2012-4451 File : nvt/gb_fedora_2012_4451_mingw-p11-kit_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for rpm FEDORA-2012-5298 File : nvt/gb_fedora_2012_5298_rpm_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for openssl FEDORA-2012-6343 File : nvt/gb_fedora_2012_6343_openssl_fc17.nasl |
| 2012-08-10 | Name : FreeBSD Ports: FreeBSD File : nvt/freebsd_FreeBSD19.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-18 (GnuTLS) File : nvt/glsa_201206_18.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-26 (RPM) File : nvt/glsa_201206_26.nasl |
| 2012-08-06 | Name : Fedora Update for kernel FEDORA-2012-11348 File : nvt/gb_fedora_2012_11348_kernel_fc16.nasl |
| 2012-08-03 | Name : Mandriva Update for openssl MDVSA-2012:007 (openssl) File : nvt/gb_mandriva_MDVSA_2012_007.nasl |
| 2012-08-03 | Name : Mandriva Update for libtasn1 MDVSA-2012:039 (libtasn1) File : nvt/gb_mandriva_MDVSA_2012_039.nasl |
| 2012-08-03 | Name : Mandriva Update for gnutls MDVSA-2012:040 (gnutls) File : nvt/gb_mandriva_MDVSA_2012_040.nasl |
| 2012-08-03 | Name : Mandriva Update for gnutls MDVSA-2012:045 (gnutls) File : nvt/gb_mandriva_MDVSA_2012_045.nasl |
| 2012-08-03 | Name : Mandriva Update for rpm MDVSA-2012:056 (rpm) File : nvt/gb_mandriva_MDVSA_2012_056.nasl |
| 2012-08-03 | Name : Mandriva Update for openssl MDVSA-2012:060 (openssl) File : nvt/gb_mandriva_MDVSA_2012_060.nasl |
| 2012-08-03 | Name : Mandriva Update for openssl0.9.8 MDVSA-2012:064 (openssl0.9.8) File : nvt/gb_mandriva_MDVSA_2012_064.nasl |
| 2012-08-03 | Name : Mandriva Update for util-linux MDVSA-2012:083 (util-linux) File : nvt/gb_mandriva_MDVSA_2012_083.nasl |
| 2012-08-03 | Name : Mandriva Update for ncpfs MDVSA-2012:084 (ncpfs) File : nvt/gb_mandriva_MDVSA_2012_084.nasl |
| 2012-08-02 | Name : SuSE Update for glibc openSUSE-SU-2012:0064-1 (glibc) File : nvt/gb_suse_2012_0064_1.nasl |
| 2012-08-02 | Name : SuSE Update for openssl openSUSE-SU-2012:0083-1 (openssl) File : nvt/gb_suse_2012_0083_1.nasl |
| 2012-08-02 | Name : SuSE Update for kernel openSUSE-SU-2012:0206-1 (kernel) File : nvt/gb_suse_2012_0206_1.nasl |
| 2012-08-02 | Name : SuSE Update for kernel openSUSE-SU-2012:0236-1 (kernel) File : nvt/gb_suse_2012_0236_1.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2010:0977 centos4 x86_64 File : nvt/gb_CESA-2010_0977_openssl_centos4_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 x86_64 File : nvt/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64 File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:1479 centos5 x86_64 File : nvt/gb_CESA-2011_1479_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for perl CESA-2011:1797 centos4 x86_64 File : nvt/gb_CESA-2011_1797_perl_centos4_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for perl CESA-2011:1797 centos5 x86_64 File : nvt/gb_CESA-2011_1797_perl_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2012:0007 centos5 File : nvt/gb_CESA-2012_0007_kernel_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for glibc CESA-2012:0058 centos6 File : nvt/gb_CESA-2012_0058_glibc_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2012:0059 centos6 File : nvt/gb_CESA-2012_0059_openssl_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2012:0060 centos5 File : nvt/gb_CESA-2012_0060_openssl_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2012:0086 centos4 File : nvt/gb_CESA-2012_0086_openssl_centos4.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2012:0107 centos5 File : nvt/gb_CESA-2012_0107_kernel_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for glibc CESA-2012:0125 centos4 File : nvt/gb_CESA-2012_0125_glibc_centos4.nasl |
| 2012-07-30 | Name : CentOS Update for glibc CESA-2012:0126 centos5 File : nvt/gb_CESA-2012_0126_glibc_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for libxml2 CESA-2012:0324 centos6 File : nvt/gb_CESA-2012_0324_libxml2_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2012:0350 centos6 File : nvt/gb_CESA-2012_0350_kernel_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for glibc CESA-2012:0393 centos6 File : nvt/gb_CESA-2012_0393_glibc_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for glibc CESA-2012:0397 centos5 File : nvt/gb_CESA-2012_0397_glibc_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2012:0426 centos5 File : nvt/gb_CESA-2012_0426_openssl_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2012:0426 centos6 File : nvt/gb_CESA-2012_0426_openssl_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for libtasn1 CESA-2012:0427 centos6 File : nvt/gb_CESA-2012_0427_libtasn1_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for gnutls CESA-2012:0428 centos5 File : nvt/gb_CESA-2012_0428_gnutls_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for gnutls CESA-2012:0429 centos6 File : nvt/gb_CESA-2012_0429_gnutls_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for popt CESA-2012:0451 centos5 File : nvt/gb_CESA-2012_0451_popt_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for rpm CESA-2012:0451 centos6 File : nvt/gb_CESA-2012_0451_rpm_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2012:0480 centos5 File : nvt/gb_CESA-2012_0480_kernel_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for openssl097a CESA-2012:0518 centos5 File : nvt/gb_CESA-2012_0518_openssl097a_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for openssl098e CESA-2012:0518 centos6 File : nvt/gb_CESA-2012_0518_openssl098e_centos6.nasl |
| 2012-07-13 | Name : VMSA-2012-0012 VMware ESXi update addresses several security issues. File : nvt/gb_VMSA-2012-0012.nasl |
| 2012-07-09 | Name : RedHat Update for perl RHSA-2011:0558-01 File : nvt/gb_RHSA-2011_0558-01_perl.nasl |
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1350-01 File : nvt/gb_RHSA-2011_1350-01_kernel.nasl |
| 2012-07-09 | Name : RedHat Update for perl RHSA-2011:1424-01 File : nvt/gb_RHSA-2011_1424-01_perl.nasl |
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1465-01 File : nvt/gb_RHSA-2011_1465-01_kernel.nasl |
| 2012-07-09 | Name : RedHat Update for glibc RHSA-2011:1526-03 File : nvt/gb_RHSA-2011_1526-03_glibc.nasl |
| 2012-07-09 | Name : RedHat Update for Red Hat Enterprise Linux 6 kernel RHSA-2011:1530-03 File : nvt/gb_RHSA-2011_1530-03_Red_Hat_Enterprise_Linux_6_kernel.nasl |
| 2012-07-09 | Name : RedHat Update for glibc RHSA-2012:0058-01 File : nvt/gb_RHSA-2012_0058-01_glibc.nasl |
| 2012-07-09 | Name : RedHat Update for openssl RHSA-2012:0059-01 File : nvt/gb_RHSA-2012_0059-01_openssl.nasl |
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2012:0350-01 File : nvt/gb_RHSA-2012_0350-01_kernel.nasl |
| 2012-07-09 | Name : RedHat Update for glibc RHSA-2012:0393-01 File : nvt/gb_RHSA-2012_0393-01_glibc.nasl |
| 2012-07-09 | Name : RedHat Update for libtasn1 RHSA-2012:0427-01 File : nvt/gb_RHSA-2012_0427-01_libtasn1.nasl |
| 2012-07-09 | Name : RedHat Update for gnutls RHSA-2012:0429-01 File : nvt/gb_RHSA-2012_0429-01_gnutls.nasl |
| 2012-06-25 | Name : Fedora Update for kernel FEDORA-2012-8931 File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl |
| 2012-06-15 | Name : RedHat Update for kernel RHSA-2012:0480-01 File : nvt/gb_RHSA-2012_0480-01_kernel.nasl |
| 2012-06-15 | Name : Fedora Update for kernel FEDORA-2012-8890 File : nvt/gb_fedora_2012_8890_kernel_fc16.nasl |
| 2012-06-06 | Name : RedHat Update for openssl RHSA-2011:0677-01 File : nvt/gb_RHSA-2011_0677-01_openssl.nasl |
| 2012-06-04 | Name : Fedora Update for openssl FEDORA-2012-8014 File : nvt/gb_fedora_2012_8014_openssl_fc16.nasl |
| 2012-06-04 | Name : Fedora Update for openssl FEDORA-2012-8024 File : nvt/gb_fedora_2012_8024_openssl_fc15.nasl |
| 2012-05-17 | Name : Fedora Update for kernel FEDORA-2012-7594 File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl |
| 2012-05-14 | Name : Fedora Update for kernel FEDORA-2012-7538 File : nvt/gb_fedora_2012_7538_kernel_fc16.nasl |
| 2012-05-11 | Name : Fedora Update for openssl FEDORA-2012-6395 File : nvt/gb_fedora_2012_6395_openssl_fc15.nasl |
| 2012-05-04 | Name : Ubuntu Update for libtasn1-3 USN-1436-1 File : nvt/gb_ubuntu_USN_1436_1.nasl |
| 2012-04-30 | Name : Debian Security Advisory DSA 2440-1 (libtasn1-3) File : nvt/deb_2440_1.nasl |
| 2012-04-30 | Name : Debian Security Advisory DSA 2441-1 (gnutls26) File : nvt/deb_2441_1.nasl |
| 2012-04-30 | Name : Debian Security Advisory DSA 2454-1 (openssl) File : nvt/deb_2454_1.nasl |
| 2012-04-30 | Name : Debian Security Advisory DSA 2454-2 (openssl) File : nvt/deb_2454_2.nasl |
| 2012-04-30 | Name : FreeBSD Ports: gnutls File : nvt/freebsd_gnutls7.nasl |
| 2012-04-30 | Name : FreeBSD Ports: libtasn1 File : nvt/freebsd_libtasn1.nasl |
| 2012-04-30 | Name : FreeBSD Ports: openssl File : nvt/freebsd_openssl7.nasl |
| 2012-04-30 | Name : Fedora Update for openssl FEDORA-2012-6403 File : nvt/gb_fedora_2012_6403_openssl_fc16.nasl |
| 2012-04-26 | Name : RedHat Update for openssl RHSA-2012:0518-01 File : nvt/gb_RHSA-2012_0518-01_openssl.nasl |
| 2012-04-26 | Name : Fedora Update for kernel FEDORA-2012-6406 File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl |
| 2012-04-26 | Name : Ubuntu Update for openssl USN-1428-1 File : nvt/gb_ubuntu_USN_1428_1.nasl |
| 2012-04-23 | Name : Fedora Update for rpm FEDORA-2012-5420 File : nvt/gb_fedora_2012_5420_rpm_fc15.nasl |
| 2012-04-23 | Name : Fedora Update for rpm FEDORA-2012-5421 File : nvt/gb_fedora_2012_5421_rpm_fc16.nasl |
| 2012-04-20 | Name : Ubuntu Update for openssl USN-1424-1 File : nvt/gb_ubuntu_USN_1424_1.nasl |
| 2012-04-13 | Name : Fedora Update for mingw-libtasn1 FEDORA-2012-4417 File : nvt/gb_fedora_2012_4417_mingw-libtasn1_fc15.nasl |
| 2012-04-13 | Name : Fedora Update for mingw32-gnutls FEDORA-2012-4417 File : nvt/gb_fedora_2012_4417_mingw32-gnutls_fc15.nasl |
| 2012-04-13 | Name : Fedora Update for openssl FEDORA-2012-4659 File : nvt/gb_fedora_2012_4659_openssl_fc15.nasl |
| 2012-04-11 | Name : Fedora Update for libtasn1 FEDORA-2012-4308 File : nvt/gb_fedora_2012_4308_libtasn1_fc15.nasl |
| 2012-04-11 | Name : Fedora Update for libtasn1 FEDORA-2012-4342 File : nvt/gb_fedora_2012_4342_libtasn1_fc16.nasl |
| 2012-04-11 | Name : Fedora Update for gnutls FEDORA-2012-4569 File : nvt/gb_fedora_2012_4569_gnutls_fc15.nasl |
| 2012-04-11 | Name : Fedora Update for openssl FEDORA-2012-4665 File : nvt/gb_fedora_2012_4665_openssl_fc16.nasl |
| 2012-04-11 | Name : Ubuntu Update for gnutls26 USN-1418-1 File : nvt/gb_ubuntu_USN_1418_1.nasl |
| 2012-04-05 | Name : RedHat Update for rpm RHSA-2012:0451-01 File : nvt/gb_RHSA-2012_0451-01_rpm.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2011-15959 File : nvt/gb_fedora_2011_15959_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2011-16237 File : nvt/gb_fedora_2011_16237_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2011-17381 File : nvt/gb_fedora_2011_17381_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0145 File : nvt/gb_fedora_2012_0145_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for openssl FEDORA-2012-0232 File : nvt/gb_fedora_2012_0232_openssl_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0363 File : nvt/gb_fedora_2012_0363_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0480 File : nvt/gb_fedora_2012_0480_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for openssl FEDORA-2012-0708 File : nvt/gb_fedora_2012_0708_openssl_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0876 File : nvt/gb_fedora_2012_0876_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for glibc FEDORA-2012-2162 File : nvt/gb_fedora_2012_2162_glibc_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-3030 File : nvt/gb_fedora_2012_3030_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-3712 File : nvt/gb_fedora_2012_3712_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for mingw-libtasn1 FEDORA-2012-4409 File : nvt/gb_fedora_2012_4409_mingw-libtasn1_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for mingw32-gnutls FEDORA-2012-4409 File : nvt/gb_fedora_2012_4409_mingw32-gnutls_fc16.nasl |
| 2012-03-29 | Name : RedHat Update for openssl RHSA-2012:0426-01 File : nvt/gb_RHSA-2012_0426-01_openssl.nasl |
| 2012-03-29 | Name : RedHat Update for gnutls RHSA-2012:0428-01 File : nvt/gb_RHSA-2012_0428-01_gnutls.nasl |
| 2012-03-29 | Name : Fedora Update for kernel FEDORA-2012-3715 File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl |
| 2012-03-26 | Name : Fedora Update for gnutls FEDORA-2012-4578 File : nvt/gb_fedora_2012_4578_gnutls_fc16.nasl |
| 2012-03-22 | Name : RedHat Update for glibc RHSA-2012:0397-01 File : nvt/gb_RHSA-2012_0397-01_glibc.nasl |
| 2012-03-22 | Name : Fedora Update for kernel FEDORA-2012-4410 File : nvt/gb_fedora_2012_4410_kernel_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for ecryptfs-utils FEDORA-2011-10671 File : nvt/gb_fedora_2011_10671_ecryptfs-utils_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for kernel FEDORA-2012-1497 File : nvt/gb_fedora_2012_1497_kernel_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for kernel FEDORA-2012-3350 File : nvt/gb_fedora_2012_3350_kernel_fc16.nasl |
| 2012-03-16 | Name : Fedora Update for kernel FEDORA-2012-3356 File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl |
| 2012-03-16 | Name : Ubuntu Update for linux USN-1322-1 File : nvt/gb_ubuntu_USN_1322_1.nasl |
| 2012-03-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1330-1 File : nvt/gb_ubuntu_USN_1330_1.nasl |
| 2012-03-16 | Name : Ubuntu Update for linux USN-1363-1 File : nvt/gb_ubuntu_USN_1363_1.nasl |
| 2012-03-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1364-1 File : nvt/gb_ubuntu_USN_1364_1.nasl |
| 2012-03-15 | Name : VMSA-2011-0013.2 VMware third party component updates for VMware vCenter Serv... File : nvt/gb_VMSA-2011-0013.nasl |
| 2012-03-12 | Name : Debian Security Advisory DSA 2417-1 (libxml2) File : nvt/deb_2417_1.nasl |
| 2012-03-12 | Name : Ubuntu Update for eglibc USN-1396-1 File : nvt/gb_ubuntu_USN_1396_1.nasl |
| 2012-03-12 | Name : Gentoo Security Advisory GLSA 201203-04 (libxml2) File : nvt/glsa_201203_04.nasl |
| 2012-03-12 | Name : Gentoo Security Advisory GLSA 201203-12 (openssl) File : nvt/glsa_201203_12.nasl |
| 2012-03-09 | Name : Fedora Update for glibc FEDORA-2012-2144 File : nvt/gb_fedora_2012_2144_glibc_fc15.nasl |
| 2012-03-07 | Name : Fedora Update for kernel FEDORA-2012-2753 File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl |
| 2012-03-07 | Name : Ubuntu Update for libxml2 USN-1376-1 File : nvt/gb_ubuntu_USN_1376_1.nasl |
| 2012-03-07 | Name : Ubuntu Update for linux USN-1380-1 File : nvt/gb_ubuntu_USN_1380_1.nasl |
| 2012-03-07 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1384-1 File : nvt/gb_ubuntu_USN_1384_1.nasl |
| 2012-03-07 | Name : Ubuntu Update for linux-lts-backport-natty USN-1386-1 File : nvt/gb_ubuntu_USN_1386_1.nasl |
| 2012-03-07 | Name : Ubuntu Update for linux USN-1390-1 File : nvt/gb_ubuntu_USN_1390_1.nasl |
| 2012-02-27 | Name : RedHat Update for libxml2 RHSA-2012:0324-01 File : nvt/gb_RHSA-2012_0324-01_libxml2.nasl |
| 2012-02-21 | Name : RedHat Update for glibc RHSA-2012:0125-01 File : nvt/gb_RHSA-2012_0125-01_glibc.nasl |
| 2012-02-21 | Name : RedHat Update for glibc RHSA-2012:0126-01 File : nvt/gb_RHSA-2012_0126-01_glibc.nasl |
| 2012-02-13 | Name : RedHat Update for kernel RHSA-2012:0107-01 File : nvt/gb_RHSA-2012_0107-01_kernel.nasl |
| 2012-02-13 | Name : Fedora Update for kernel FEDORA-2012-1503 File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl |
| 2012-02-13 | Name : Ubuntu Update for linux-ti-omap4 USN-1356-1 File : nvt/gb_ubuntu_USN_1356_1.nasl |
| 2012-02-13 | Name : Ubuntu Update for openssl USN-1357-1 File : nvt/gb_ubuntu_USN_1357_1.nasl |
| 2012-02-12 | Name : FreeBSD Ports: openssl File : nvt/freebsd_openssl5.nasl |
| 2012-02-12 | Name : FreeBSD Ports: openssl File : nvt/freebsd_openssl6.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-01 (openssl) File : nvt/glsa_201110_01.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-03 (bugzilla) File : nvt/glsa_201110_03.nasl |
| 2012-02-11 | Name : Debian Security Advisory DSA 2390-1 (openssl) File : nvt/deb_2390_1.nasl |
| 2012-02-11 | Name : Debian Security Advisory DSA 2392-1 (openssl) File : nvt/deb_2392_1.nasl |
| 2012-02-03 | Name : RedHat Update for openssl RHSA-2012:0086-01 File : nvt/gb_RHSA-2012_0086-01_openssl.nasl |
| 2012-02-01 | Name : Mandriva Update for openssl MDVSA-2012:011 (openssl) File : nvt/gb_mandriva_MDVSA_2012_011.nasl |
| 2012-01-25 | Name : RedHat Update for openssl RHSA-2012:0060-01 File : nvt/gb_RHSA-2012_0060-01_openssl.nasl |
| 2012-01-25 | Name : Fedora Update for openssl FEDORA-2012-0702 File : nvt/gb_fedora_2012_0702_openssl_fc15.nasl |
| 2012-01-25 | Name : Fedora Update for kernel FEDORA-2012-0861 File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl |
| 2012-01-25 | Name : Ubuntu Update for linux-lts-backport-natty USN-1337-1 File : nvt/gb_ubuntu_USN_1337_1.nasl |
| 2012-01-25 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1340-1 File : nvt/gb_ubuntu_USN_1340_1.nasl |
| 2012-01-25 | Name : Ubuntu Update for linux USN-1341-1 File : nvt/gb_ubuntu_USN_1341_1.nasl |
| 2012-01-25 | Name : Ubuntu Update for linux USN-1344-1 File : nvt/gb_ubuntu_USN_1344_1.nasl |
| 2012-01-25 | Name : Ubuntu Update for linux USN-1345-1 File : nvt/gb_ubuntu_USN_1345_1.nasl |
| 2012-01-20 | Name : Fedora Update for glibc FEDORA-2012-0018 File : nvt/gb_fedora_2012_0018_glibc_fc15.nasl |
| 2012-01-20 | Name : Mandriva Update for openssl MDVSA-2012:006 (openssl) File : nvt/gb_mandriva_MDVSA_2012_006.nasl |
| 2012-01-20 | Name : Mandriva Update for perl MDVSA-2012:008 (perl) File : nvt/gb_mandriva_MDVSA_2012_008.nasl |
| 2012-01-20 | Name : Mandriva Update for perl MDVSA-2012:009 (perl) File : nvt/gb_mandriva_MDVSA_2012_009.nasl |
| 2012-01-20 | Name : OpenSSL Multiple Vulnerabilities File : nvt/gb_openssl_51281.nasl |
| 2012-01-19 | Name : Linux Kernel IGMP Remote Denial of Service Vulnerability File : nvt/gb_linux_kernel_igmp_dos_vuln.nasl |
| 2012-01-17 | Name : Strawberry Perl Modules Multiple Vulnerabilities (Windows) File : nvt/gb_perl_modules_mult_vuln_win.nasl |
| 2012-01-16 | Name : Fedora Update for openssl FEDORA-2012-0250 File : nvt/gb_fedora_2012_0250_openssl_fc15.nasl |
| 2012-01-16 | Name : Fedora Update for kernel FEDORA-2012-0492 File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl |
| 2012-01-16 | Name : Ubuntu Update for linux-mvl-dove USN-1328-1 File : nvt/gb_ubuntu_USN_1328_1.nasl |
| 2012-01-16 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1332-1 File : nvt/gb_ubuntu_USN_1332_1.nasl |
| 2012-01-13 | Name : RedHat Update for kernel RHSA-2012:0007-01 File : nvt/gb_RHSA-2012_0007-01_kernel.nasl |
| 2012-01-13 | Name : Ubuntu Update for linux USN-1323-1 File : nvt/gb_ubuntu_USN_1323_1.nasl |
| 2012-01-13 | Name : Ubuntu Update for linux-ec2 USN-1324-1 File : nvt/gb_ubuntu_USN_1324_1.nasl |
| 2012-01-13 | Name : Ubuntu Update for linux-ti-omap4 USN-1325-1 File : nvt/gb_ubuntu_USN_1325_1.nasl |
| 2012-01-09 | Name : Ubuntu Update for linux-fsl-imx51 USN-1318-1 File : nvt/gb_ubuntu_USN_1318_1.nasl |
| 2012-01-09 | Name : Ubuntu Update for linux-ti-omap4 USN-1319-1 File : nvt/gb_ubuntu_USN_1319_1.nasl |
| 2011-12-23 | Name : Ubuntu Update for linux USN-1311-1 File : nvt/gb_ubuntu_USN_1311_1.nasl |
| 2011-12-23 | Name : Ubuntu Update for linux USN-1312-1 File : nvt/gb_ubuntu_USN_1312_1.nasl |
| 2011-12-16 | Name : Ubuntu Update for linux-ec2 USN-1299-1 File : nvt/gb_ubuntu_USN_1299_1.nasl |
| 2011-12-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1300-1 File : nvt/gb_ubuntu_USN_1300_1.nasl |
| 2011-12-16 | Name : Ubuntu Update for linux-lts-backport-natty USN-1301-1 File : nvt/gb_ubuntu_USN_1301_1.nasl |
| 2011-12-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1302-1 File : nvt/gb_ubuntu_USN_1302_1.nasl |
| 2011-12-16 | Name : Ubuntu Update for linux-mvl-dove USN-1303-1 File : nvt/gb_ubuntu_USN_1303_1.nasl |
| 2011-12-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1304-1 File : nvt/gb_ubuntu_USN_1304_1.nasl |
| 2011-12-12 | Name : CentOS Update for perl CESA-2011:1797 centos4 i386 File : nvt/gb_CESA-2011_1797_perl_centos4_i386.nasl |
| 2011-12-12 | Name : CentOS Update for perl CESA-2011:1797 centos5 i386 File : nvt/gb_CESA-2011_1797_perl_centos5_i386.nasl |
| 2011-12-12 | Name : Fedora Update for kernel FEDORA-2011-16621 File : nvt/gb_fedora_2011_16621_kernel_fc15.nasl |
| 2011-12-09 | Name : RedHat Update for perl RHSA-2011:1797-01 File : nvt/gb_RHSA-2011_1797-01_perl.nasl |
| 2011-12-09 | Name : Ubuntu Update for linux USN-1291-1 File : nvt/gb_ubuntu_USN_1291_1.nasl |
| 2011-12-09 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1292-1 File : nvt/gb_ubuntu_USN_1292_1.nasl |
| 2011-12-09 | Name : Ubuntu Update for linux USN-1293-1 File : nvt/gb_ubuntu_USN_1293_1.nasl |
| 2011-12-09 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1294-1 File : nvt/gb_ubuntu_USN_1294_1.nasl |
| 2011-12-05 | Name : Ubuntu Update for linux USN-1286-1 File : nvt/gb_ubuntu_USN_1286_1.nasl |
| 2011-12-02 | Name : CentOS Update for kernel CESA-2011:1479 centos5 i386 File : nvt/gb_CESA-2011_1479_kernel_centos5_i386.nasl |
| 2011-12-02 | Name : RedHat Update for kernel RHSA-2011:1479-01 File : nvt/gb_RHSA-2011_1479-01_kernel.nasl |
| 2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
| 2011-11-28 | Name : Mandriva Update for glibc MDVSA-2011:178 (glibc) File : nvt/gb_mandriva_MDVSA_2011_178.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux USN-1268-1 File : nvt/gb_ubuntu_USN_1268_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-ec2 USN-1269-1 File : nvt/gb_ubuntu_USN_1269_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux USN-1272-1 File : nvt/gb_ubuntu_USN_1272_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-mvl-dove USN-1274-1 File : nvt/gb_ubuntu_USN_1274_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1278-1 File : nvt/gb_ubuntu_USN_1278_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-ti-omap4 USN-1280-1 File : nvt/gb_ubuntu_USN_1280_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-ti-omap4 USN-1281-1 File : nvt/gb_ubuntu_USN_1281_1.nasl |
| 2011-11-11 | Name : Ubuntu Update for linux USN-1253-1 File : nvt/gb_ubuntu_USN_1253_1.nasl |
| 2011-11-11 | Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1 File : nvt/gb_ubuntu_USN_1256_1.nasl |
| 2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
| 2011-11-03 | Name : Fedora Update for perl FEDORA-2011-13874 File : nvt/gb_fedora_2011_13874_perl_fc14.nasl |
| 2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-ec2 USN-1239-1 File : nvt/gb_ubuntu_USN_1239_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1240-1 File : nvt/gb_ubuntu_USN_1240_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-fsl-imx51 USN-1241-1 File : nvt/gb_ubuntu_USN_1241_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1242-1 File : nvt/gb_ubuntu_USN_1242_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux USN-1243-1 File : nvt/gb_ubuntu_USN_1243_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-ti-omap4 USN-1244-1 File : nvt/gb_ubuntu_USN_1244_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1245-1 File : nvt/gb_ubuntu_USN_1245_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux USN-1246-1 File : nvt/gb_ubuntu_USN_1246_1.nasl |
| 2011-10-21 | Name : CentOS Update for kernel CESA-2011:1386 centos5 i386 File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl |
| 2011-10-21 | Name : RedHat Update for kernel RHSA-2011:1386-01 File : nvt/gb_RHSA-2011_1386-01_kernel.nasl |
| 2011-10-21 | Name : Ubuntu Update for linux USN-1236-1 File : nvt/gb_ubuntu_USN_1236_1.nasl |
| 2011-10-14 | Name : Mandriva Update for samba MDVSA-2011:148 (samba) File : nvt/gb_mandriva_MDVSA_2011_148.nasl |
| 2011-10-14 | Name : Ubuntu Update for linux USN-1227-1 File : nvt/gb_ubuntu_USN_1227_1.nasl |
| 2011-10-14 | Name : Ubuntu Update for linux-ti-omap4 USN-1228-1 File : nvt/gb_ubuntu_USN_1228_1.nasl |
| 2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
| 2011-10-10 | Name : Ubuntu Update for linux USN-1225-1 File : nvt/gb_ubuntu_USN_1225_1.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux-ec2 USN-1216-1 File : nvt/gb_ubuntu_USN_1216_1.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux USN-1218-1 File : nvt/gb_ubuntu_USN_1218_1.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1219-1 File : nvt/gb_ubuntu_USN_1219_1.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux-ti-omap4 USN-1220-1 File : nvt/gb_ubuntu_USN_1220_1.nasl |
| 2011-09-23 | Name : CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 i386 File : nvt/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_i386.nasl |
| 2011-09-23 | Name : Ubuntu Update for linux USN-1211-1 File : nvt/gb_ubuntu_USN_1211_1.nasl |
| 2011-09-23 | Name : Ubuntu Update for linux-ti-omap4 USN-1212-1 File : nvt/gb_ubuntu_USN_1212_1.nasl |
| 2011-09-16 | Name : Fedora Update for ecryptfs-utils FEDORA-2011-11936 File : nvt/gb_fedora_2011_11936_ecryptfs-utils_fc15.nasl |
| 2011-09-16 | Name : Fedora Update for ecryptfs-utils FEDORA-2011-11979 File : nvt/gb_fedora_2011_11979_ecryptfs-utils_fc14.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux USN-1201-1 File : nvt/gb_ubuntu_USN_1201_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1202-1 File : nvt/gb_ubuntu_USN_1202_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1203-1 File : nvt/gb_ubuntu_USN_1203_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1 File : nvt/gb_ubuntu_USN_1204_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1205-1 File : nvt/gb_ubuntu_USN_1205_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1208-1 File : nvt/gb_ubuntu_USN_1208_1.nasl |
| 2011-09-12 | Name : Fedora Update for openssl FEDORA-2011-12281 File : nvt/gb_fedora_2011_12281_openssl_fc14.nasl |
| 2011-09-07 | Name : RedHat Update for ecryptfs-utils RHSA-2011:1241-01 File : nvt/gb_RHSA-2011_1241-01_ecryptfs-utils.nasl |
| 2011-09-07 | Name : Fedora Update for ecryptfs-utils FEDORA-2011-10718 File : nvt/gb_fedora_2011_10718_ecryptfs-utils_fc14.nasl |
| 2011-09-07 | Name : Fedora Update for ecryptfs-utils FEDORA-2011-10733 File : nvt/gb_fedora_2011_10733_ecryptfs-utils_fc15.nasl |
| 2011-08-27 | Name : Fedora Update for kernel FEDORA-2011-11103 File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl |
| 2011-08-24 | Name : Ubuntu Update for linux USN-1189-1 File : nvt/gb_ubuntu_USN_1189_1.nasl |
| 2011-08-24 | Name : Ubuntu Update for linux USN-1193-1 File : nvt/gb_ubuntu_USN_1193_1.nasl |
| 2011-08-19 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004) File : nvt/secpod_macosx_su11-004.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux USN-1186-1 File : nvt/gb_ubuntu_USN_1186_1.nasl |
| 2011-08-12 | Name : Ubuntu Update for ecryptfs-utils USN-1188-1 File : nvt/gb_ubuntu_USN_1188_1.nasl |
| 2011-08-09 | Name : CentOS Update for openssl CESA-2010:0978 centos5 i386 File : nvt/gb_CESA-2010_0978_openssl_centos5_i386.nasl |
| 2011-05-10 | Name : Ubuntu Update for perl USN-1129-1 File : nvt/gb_ubuntu_USN_1129_1.nasl |
| 2011-05-05 | Name : Fedora Update for mingw32-openssl FEDORA-2011-5865 File : nvt/gb_fedora_2011_5865_mingw32-openssl_fc14.nasl |
| 2011-05-05 | Name : Fedora Update for mingw32-openssl FEDORA-2011-5876 File : nvt/gb_fedora_2011_5876_mingw32-openssl_fc13.nasl |
| 2011-05-05 | Name : HP-UX Update for OpenSSL HPSBUX02638 File : nvt/gb_hp_ux_HPSBUX02638.nasl |
| 2011-03-24 | Name : Fedora Update for openssl FEDORA-2011-1255 File : nvt/gb_fedora_2011_1255_openssl_fc13.nasl |
| 2011-03-09 | Name : Gentoo Security Advisory GLSA 201011-01 (glibc) File : nvt/glsa_201011_01.nasl |
| 2011-03-07 | Name : Debian Security Advisory DSA 2162-1 (openssl) File : nvt/deb_2162_1.nasl |
| 2011-03-05 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla12.nasl |
| 2011-02-18 | Name : Mandriva Update for openssl MDVSA-2011:028 (openssl) File : nvt/gb_mandriva_MDVSA_2011_028.nasl |
| 2011-02-18 | Name : Ubuntu Update for openssl vulnerability USN-1064-1 File : nvt/gb_ubuntu_USN_1064_1.nasl |
| 2011-02-16 | Name : Fedora Update for openssl FEDORA-2011-1273 File : nvt/gb_fedora_2011_1273_openssl_fc14.nasl |
| 2011-02-04 | Name : Fedora Update for perl-CGI FEDORA-2011-0640 File : nvt/gb_fedora_2011_0640_perl-CGI_fc14.nasl |
| 2011-02-04 | Name : Fedora Update for perl-CGI FEDORA-2011-0654 File : nvt/gb_fedora_2011_0654_perl-CGI_fc13.nasl |
| 2011-02-04 | Name : Fedora Update for bugzilla FEDORA-2011-0741 File : nvt/gb_fedora_2011_0741_bugzilla_fc14.nasl |
| 2011-01-31 | Name : CentOS Update for openssl CESA-2010:0977 centos4 i386 File : nvt/gb_CESA-2010_0977_openssl_centos4_i386.nasl |
| 2011-01-31 | Name : Fedora Update for perl-CGI-Simple FEDORA-2011-0631 File : nvt/gb_fedora_2011_0631_perl-CGI-Simple_fc13.nasl |
| 2011-01-31 | Name : Fedora Update for perl-CGI-Simple FEDORA-2011-0653 File : nvt/gb_fedora_2011_0653_perl-CGI-Simple_fc14.nasl |
| 2011-01-21 | Name : Mandriva Update for perl-CGI MDVSA-2011:008 (perl-CGI) File : nvt/gb_mandriva_MDVSA_2011_008.nasl |
| 2010-12-28 | Name : RedHat Update for openssl RHSA-2010:0977-01 File : nvt/gb_RHSA-2010_0977-01_openssl.nasl |
| 2010-12-28 | Name : RedHat Update for openssl RHSA-2010:0978-01 File : nvt/gb_RHSA-2010_0978-01_openssl.nasl |
| 2010-12-28 | Name : Fedora Update for openssl FEDORA-2010-18736 File : nvt/gb_fedora_2010_18736_openssl_fc13.nasl |
| 2010-12-28 | Name : Fedora Update for openssl FEDORA-2010-18765 File : nvt/gb_fedora_2010_18765_openssl_fc14.nasl |
| 2010-12-28 | Name : Mandriva Update for perl-CGI-Simple MDVSA-2010:252 (perl-CGI-Simple) File : nvt/gb_mandriva_MDVSA_2010_252.nasl |
| 2010-12-23 | Name : Mandriva Update for openssl MDVSA-2010:248 (openssl) File : nvt/gb_mandriva_MDVSA_2010_248.nasl |
| 2010-12-23 | Name : Mandriva Update for perl-CGI-Simple MDVSA-2010:250 (perl-CGI-Simple) File : nvt/gb_mandriva_MDVSA_2010_250.nasl |
| 2010-12-23 | Name : Ubuntu Update for openssl vulnerabilities USN-1029-1 File : nvt/gb_ubuntu_USN_1029_1.nasl |
| 2010-12-02 | Name : Perl CGI.pm Header Values Newline Handling Unspecified Security Vulnerability File : nvt/gb_perl_CGI_45145.nasl |
| 2010-11-23 | Name : Mandriva Update for perl-CGI MDVSA-2010:237 (perl-CGI) File : nvt/gb_mandriva_MDVSA_2010_237.nasl |
| 2010-11-16 | Name : SuSE Update for glibc SUSE-SA:2010:052 File : nvt/gb_suse_2010_052.nasl |
| 2010-06-11 | Name : Mandriva Update for glibc MDVSA-2010:111 (glibc) File : nvt/gb_mandriva_MDVSA_2010_111.nasl |
| 2010-06-11 | Name : Mandriva Update for glibc MDVSA-2010:112 (glibc) File : nvt/gb_mandriva_MDVSA_2010_112.nasl |
| 2010-06-10 | Name : Debian Security Advisory DSA 2058-1 (glibc, eglibc) File : nvt/deb_2058_1.nasl |
| 2010-05-28 | Name : Ubuntu Update for glibc, eglibc vulnerabilities USN-944-1 File : nvt/gb_ubuntu_USN_944_1.nasl |
| 2010-04-06 | Name : Mandriva Update for initscripts MDVA-2010:111 (initscripts) File : nvt/gb_mandriva_MDVA_2010_111.nasl |
| 2010-04-06 | Name : Mandriva Update for kdebase4-workspace MDVA-2010:112 (kdebase4-workspace) File : nvt/gb_mandriva_MDVA_2010_112.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2010-340-01 openssl File : nvt/esoft_slk_ssa_2010_340_01.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2011-041-04 openssl File : nvt/esoft_slk_ssa_2011_041_04.nasl |
| 0000-00-00 | Name : FreeBSD Ports: gnutls File : nvt/freebsd_gnutls6.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 78320 | OpenSSL DTLS Remote DoS |
| 78316 | GNU C Library (glibc) Multiple Function EMFILE Error Handling Remote DoS |
| 78301 | Linux Kernel NSF O_Direct Implementation Local DoS |
| 78277 | Apache Struts ExceptionDelegator Component Parameter Parsing Remote Code Exec... |
| 78276 | Apache Struts DebuggingInterceptor Component Developer Mode Unspecified Remot... |
| 78225 | Linux Kernel net/ipv4/igmp.c igmp_heard_query() Function IGMP Query Parsing R... |
| 78190 | OpenSSL Server Gated Cryptograpy (SGC) Handshake Restart Handling Remote DoS |
| 78189 | OpenSSL RFC 3779 Certificate Data Parsing Assertion Failure Remote DoS |
| 78188 | OpenSSL SSL 3.0 Record Cipher Padding Uninitialized Memory Information Disclo... |
| 78187 | OpenSSL X509_V_FLAG_POLICY_CHECK Double-free Unspecified Weakness |
| 78186 | OpenSSL Datagram Transport Layer Security (DTLS) CBC Encryption Weakness Plai... |
| 78109 | Apache Struts ParameterInterceptor Traversal Arbitrary File Overwrite Apache Struts contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the ParameterInterceptor not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../). This directory traversal attack would allow the attacker to overwrite arbitrary files. |
| 78108 | Apache Struts CookieInterceptor Cookie Name Handling Remote Command Execution |
| 77625 | Linux Kernel NFSv4 Mount mknod(2) Syscall Local DoS |
| 77599 | Struts2 SessionAware / RequestAware Request Parsing Session Map Manipulation |
| 77508 | GNU C Library time/tzfile.c __tzfile_read() Function Timezone File Handling R... |
| 77450 | Linux Kernel security/keys/user_defined.c user_update() Function NULL Pointer... |
| 77355 | Linux Kernel clock_gettime() Call Parsing Local DoS |
| 77092 | Linux Kernel fs/jbd/journal.c journal_get_superblock() ext3 Image Handling Lo... |
| 76961 | GnuTLS lib/gnutls_session.c gnutls_session_get_data() Function Server Connect... |
| 75990 | Digest Module for Perl Digest->new() Function eval() Call Remote Perl Code... |
| 75716 | Linux Kernel Sequence Number Generation Weakness Remote Packet Injection |
| 75580 | Linux Kernel CIFS Share Mounting DIFS Referral BUG_ON() Remote DoS |
| 74883 | GNU C Library addmntent Function mtab Write RLIMIT_FSIZE Value Handling Local... |
| 74879 | Red Hat ecryptfs-utils mount.ecryptfs_private Arbitrary Directory Mount Local... |
| 74678 | Linux Kernel IPv6 Fragment Identification Prediction Weakness |
| 74659 | Linux Kernel mremap() Wrapping Condition Weakness |
| 74278 | GNU C Library ldd LD_TRACE_LOADED_OBJECTS Check Modified Executable Loader Lo... |
| 73451 | Linux Kernel kernel/taskstats.c add_del_listener Function Exit Handler Regist... |
| 71271 | Linux Kernel /proc/<pid>/ Weak Permissions Issue Linux Kernel contains a flaw related to the proc filesystem implementation failing to properly restrict access to the '/proc/<pid>/' directory during execution of a SUID program. This may allow a local attacker to cause a denial of service or obtain sensitive information. |
| 70847 | OpenSSL ClientHello Handshake Message Parsing Invalid Memory Access OpenSSL contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs while parsing malformed ClientHello handshake messages, which may be exploited to trigger an invalid memory access with a crafted ClientHello handshake message. This may allow a remote attacker to cause a denial of service. Certain applications which use SSL may also allow the disclosure of the contents of parsed OCSP extensions. |
| 69657 | OpenSSL J-PAKE Public Parameter Validation Shared Secret Authentication Bypass OpenSSL contains a flaw related to public parameter validation of the J-PAKE protocol. The issue is triggered when a remote attacker uses crafted values for each round of the protocol to avoid the requirement for the shared sacred and bypass authentication. |
| 69589 | CGI.pm header() Function Newline Character Handling HTTP Header Injection CGI.pm contains a flaw related to the 'header()' function's handling of newline characters. This may allow a remote attacker to inject arbitrary HTTP headers in a response to the user. |
| 69588 | CGI.pm multipart_init() Function multipart/x-mixed-replace MIME Type HTTP Hea... CGI.pm contains a flaw related to the 'multipart_init()' function when handing a message with 'multipart/x-mixed-replace' MIME type. This may allow a remote attacker to inject arbitrary HTTP headers in a response to the user. |
| 69565 | OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Session Resume Ciphersuite Do... OpenSSL contains a flaw related to the SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG workaround in the SSL/TLS server code. The issue is triggered when a remote attacker downgrades the cached ciphersuite, leading to the client using a weaker ciphersuite. |
| 65077 | GNU C Library ld.so elf/dynamic-link.h elf_get_dynamic_info Crafted ELF Progr... |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2013-02-28 | IAVM : 2013-A-0056 - VMware ESXi 3.5 and ESX 3.5 Memory Corruption Vulnerability Severity : Category I - VMSKEY : V0037066 |
| 2013-01-31 | IAVM : 2013-A-0027 - Multiple Vulnerabilities in Juniper Networks Steel Belted Radius Severity : Category I - VMSKEY : V0036639 |
| 2012-09-27 | IAVM : 2012-A-0153 - Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity : Category I - VMSKEY : V0033884 |
| 2012-09-13 | IAVM : 2012-B-0086 - VMware vCenter Operations Arbitrary File Overwrite Vulnerability Severity : Category I - VMSKEY : V0033791 |
| 2012-09-13 | IAVM : 2012-A-0146 - Multiple Vulnerabilities in VMware vCenter Update Manager 4.1 Severity : Category I - VMSKEY : V0033792 |
| 2012-09-13 | IAVM : 2012-A-0147 - Multiple Vulnerabilities in VMware vCenter Server 4.1 Severity : Category I - VMSKEY : V0033793 |
| 2012-09-13 | IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0033794 |
| 2012-08-16 | IAVM : 2012-A-0136 - Multiple Vulnerabilities in Juniper Network Management Products Severity : Category I - VMSKEY : V0033662 |
| 2012-04-05 | IAVM : 2012-B-0038 - Multiple Vulnerabilities in HP Onboard Administrator Severity : Category I - VMSKEY : V0031972 |
| 2011-12-01 | IAVM : 2011-A-0160 - Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana... Severity : Category I - VMSKEY : V0030769 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-03-27 | Apache Struts remote code execution attempt - CookieInterceptor RuleID : 29936 - Revision : 3 - Type : SERVER-APACHE |
| 2014-01-10 | Linux kernel IGMP queries denial of service attempt RuleID : 25314 - Revision : 8 - Type : OS-LINUX |
| 2014-01-10 | Free Software Foundation GnuTLS record application integer overflow attempt RuleID : 24996 - Revision : 3 - Type : SERVER-OTHER |
| 2014-01-10 | Free Software Foundation GnuTLS record application integer overflow attempt RuleID : 24995 - Revision : 6 - Type : SERVER-OTHER |
| 2014-01-10 | Apache Struts remote code execution attempt - POST parameter RuleID : 23631 - Revision : 7 - Type : SERVER-APACHE |
| 2014-01-10 | Apache Struts remote code execution attempt - GET parameter RuleID : 21656 - Revision : 6 - Type : SERVER-APACHE |
| 2014-01-10 | Apache Struts remote code execution attempt - DebuggingInterceptor RuleID : 21075 - Revision : 5 - Type : SERVER-APACHE |
| 2014-01-10 | Apache Struts remote code execution attempt - CookieInterceptor RuleID : 21074 - Revision : 10 - Type : SERVER-APACHE |
| 2014-01-10 | Apache Struts allowStaticMethodAccess invocation attempt RuleID : 21073 - Revision : 7 - Type : SERVER-APACHE |
| 2014-01-10 | Apache Struts remote code execution attempt - GET parameter RuleID : 21072 - Revision : 8 - Type : SERVER-APACHE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-06-22 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0077.nasl - Type : ACT_GATHER_INFO |
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0013_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0003_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-02-29 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0012_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-02-29 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0013_remote.nasl - Type : ACT_GATHER_INFO |
| 2015-10-12 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17382.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1391-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1488-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1251-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1287-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1627-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO |
| 2015-04-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16285.nasl - Type : ACT_GATHER_INFO |
| 2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-140.nasl - Type : ACT_GATHER_INFO |
| 2015-02-02 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0023.nasl - Type : ACT_GATHER_INFO |
| 2015-01-23 | Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10669.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_gnutls_20121016.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_gnutls_20130619.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_libxml2_20121120.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_openssl_20120404.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_openssl_20120626.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_perl-58_20131017_2.nasl - Type : ACT_GATHER_INFO |
| 2014-12-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10659.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0007.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0008.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1408.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0109.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0422.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0488.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0531.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1324.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15301.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15388.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15461.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0010.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0333.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-179.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-259.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-260.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-277.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-308.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-32.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-52.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-65.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-76.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-99.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-153.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_ecryptfs-utils-110811.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_glibc-111219.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110726.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-111026.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-120104.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libopenssl-devel-101207.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libopenssl-devel-110210.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libopenssl-devel-120111.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_ncpfs-110824.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_perl-110112.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_perl-CGI-Simple-110107.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_perl-CGI-Simple-110127.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_curl-120124.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_ecryptfs-utils-110811.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_glibc-111219.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_gnutls-120124.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-110726.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-111026.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-120104.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libopenssl-devel-120111.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libopenssl-devel-120206.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libxml2-120224.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_ncpfs-110824.nasl - Type : ACT_GATHER_INFO |
| 2014-04-16 | Name : The remote AIX host is running a vulnerable version of OpenSSL. File : aix_openssl_advisory2.nasl - Type : ACT_GATHER_INFO |
| 2014-04-16 | Name : The remote AIX host is running a vulnerable version of OpenSSL. File : aix_openssl_advisory3.nasl - Type : ACT_GATHER_INFO |
| 2014-04-16 | Name : The remote AIX host is running a vulnerable version of OpenSSL. File : aix_openssl_advisory4.nasl - Type : ACT_GATHER_INFO |
| 2014-01-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-33.nasl - Type : ACT_GATHER_INFO |
| 2014-01-23 | Name : The remote host contains an application that has multiple vulnerabilities. File : itunes_11_1_4.nasl - Type : ACT_GATHER_INFO |
| 2014-01-23 | Name : The remote host contains a multimedia application that has multiple vulnerabi... File : itunes_11_1_4_banner.nasl - Type : ACT_GATHER_INFO |
| 2013-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-01.nasl - Type : ACT_GATHER_INFO |
| 2013-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-03.nasl - Type : ACT_GATHER_INFO |
| 2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_0_build_764879_remote.nasl - Type : ACT_GATHER_INFO |
| 2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities. File : vmware_esxi_5_0_build_912577_remote.nasl - Type : ACT_GATHER_INFO |
| 2013-11-13 | Name : The remote VMware ESXi 5.1 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_1_build_1063671_remote.nasl - Type : ACT_GATHER_INFO |
| 2013-10-24 | Name : The remote host contains an application that has multiple vulnerabilities. File : itunes_11_1_2.nasl - Type : ACT_GATHER_INFO |
| 2013-10-24 | Name : The remote host contains a multimedia application that has multiple vulnerabi... File : itunes_11_1_2_banner.nasl - Type : ACT_GATHER_INFO |
| 2013-10-15 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-287-03.nasl - Type : ACT_GATHER_INFO |
| 2013-10-01 | Name : The remote device is affected by multiple vulnerabilities. File : appletv_6_0.nasl - Type : ACT_GATHER_INFO |
| 2013-09-27 | Name : The remote host has an application installed that is affected by multiple Ope... File : juniper_sbr_multiple.nasl - Type : ACT_GATHER_INFO |
| 2013-09-13 | Name : The remote host has a predictable TCP sequence number generator. File : juniper_nsm_psn_2012_08_688.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-16.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-19.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-26.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-38.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-39.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-52.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-55.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-57.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-59.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-60.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-61.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-72.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-73.nasl - Type : ACT_GATHER_INFO |
| 2013-08-07 | Name : The remote web server contains a web application that uses a Java framework t... File : struts_exceptiondelegator_command_execution.nasl - Type : ACT_ATTACK |
| 2013-07-29 | Name : The remote host has a virtualization appliance installed that is affected by ... File : vcenter_operations_manager_vmsa_2012-0013.nasl - Type : ACT_GATHER_INFO |
| 2013-07-23 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_2_1_0.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0977.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0978.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0979.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1241.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1350.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1424.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1465.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1479.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1797.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2029.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2033.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2037.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0007.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0058.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0059.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0060.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0086.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0107.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0125.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0126.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0324.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0393.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0397.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0426.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0427.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0428.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0429.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0451.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0480-1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0480.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0518.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2003.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2011.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0217.nasl - Type : ACT_GATHER_INFO |
| 2013-07-10 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libcurl4-8618.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1479.nasl - Type : ACT_GATHER_INFO |
| 2013-06-17 | Name : The remote host has an update manager installed that is affected by multiple ... File : vmware_vcenter_update_mgr_vmsa-2012-0013.nasl - Type : ACT_GATHER_INFO |
| 2013-06-05 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_8_4.nasl - Type : ACT_GATHER_INFO |
| 2013-06-05 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2013-002.nasl - Type : ACT_GATHER_INFO |
| 2013-06-05 | Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2012-0013.nasl - Type : ACT_GATHER_INFO |
| 2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-048.nasl - Type : ACT_GATHER_INFO |
| 2013-02-22 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2013-0003.nasl - Type : ACT_GATHER_INFO |
| 2013-02-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130131_mingw32_libxml2_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2013-02-01 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0217.nasl - Type : ACT_GATHER_INFO |
| 2013-02-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0217.nasl - Type : ACT_GATHER_INFO |
| 2013-01-30 | Name : The remote AIX host is missing a security patch. File : aix_IV10197.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-openssl097g-120830.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gnutls-120615.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-120503.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libxml2-120223.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_popt-120419.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_popt-120420.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1418.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1419.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0116.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0358.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0522.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0720.nasl - Type : ACT_GATHER_INFO |
| 2013-01-18 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1695-1.nasl - Type : ACT_GATHER_INFO |
| 2012-12-24 | Name : The remote VMware ESXi host is missing one or more security-related patches. File : vmware_VMSA-2012-0018.nasl - Type : ACT_GATHER_INFO |
| 2012-11-30 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1643-1.nasl - Type : ACT_GATHER_INFO |
| 2012-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18035.nasl - Type : ACT_GATHER_INFO |
| 2012-11-19 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_glibc-8351.nasl - Type : ACT_GATHER_INFO |
| 2012-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8324.nasl - Type : ACT_GATHER_INFO |
| 2012-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8325.nasl - Type : ACT_GATHER_INFO |
| 2012-09-27 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13820.nasl - Type : ACT_GATHER_INFO |
| 2012-09-27 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13824.nasl - Type : ACT_GATHER_INFO |
| 2012-09-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-12.nasl - Type : ACT_GATHER_INFO |
| 2012-09-12 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_compat-openssl097g-8262.nasl - Type : ACT_GATHER_INFO |
| 2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-179.nasl - Type : ACT_GATHER_INFO |
| 2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-007.nasl - Type : ACT_GATHER_INFO |
| 2012-08-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0013.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101213_openssl_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101213_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110519_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110519_perl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110831_ecryptfs_utils_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111005_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111020_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111103_perl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111122_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111129_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111206_Scientific_Linux_6_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111206_glibc_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111208_perl_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120110_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120124_glibc_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120124_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120124_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120201_openssl_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120209_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120213_glibc_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120213_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120221_libxml2_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120306_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120315_glibc_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120319_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120327_gnutls_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120327_gnutls_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120327_libtasn1_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120327_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120403_rpm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120417_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120424_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-07-17 | Name : The remote router has a memory corruption vulnerability. File : juniper_psn-2012-07-645.nasl - Type : ACT_GATHER_INFO |
| 2012-07-13 | Name : The remote VMware ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0012.nasl - Type : ACT_GATHER_INFO |
| 2012-07-05 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_1_1_1.nasl - Type : ACT_GATHER_INFO |
| 2012-07-03 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gnutls-8066.nasl - Type : ACT_GATHER_INFO |
| 2012-06-28 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2ae114dec06411e1b5e0000c299b62e1.nasl - Type : ACT_GATHER_INFO |
| 2012-06-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-18.nasl - Type : ACT_GATHER_INFO |
| 2012-06-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-26.nasl - Type : ACT_GATHER_INFO |
| 2012-06-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8161.nasl - Type : ACT_GATHER_INFO |
| 2012-06-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8162.nasl - Type : ACT_GATHER_INFO |
| 2012-05-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-083.nasl - Type : ACT_GATHER_INFO |
| 2012-05-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-084.nasl - Type : ACT_GATHER_INFO |
| 2012-05-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-8112.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7665.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7729.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7811.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libxml2-7997.nasl - Type : ACT_GATHER_INFO |
| 2012-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2012-6395.nasl - Type : ACT_GATHER_INFO |
| 2012-05-03 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1436-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-30 | Name : The remote Fedora host is missing a security update. File : fedora_2012-6403.nasl - Type : ACT_GATHER_INFO |
| 2012-04-27 | Name : The remote Fedora host is missing a security update. File : fedora_2012-6343.nasl - Type : ACT_GATHER_INFO |
| 2012-04-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0518.nasl - Type : ACT_GATHER_INFO |
| 2012-04-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-064.nasl - Type : ACT_GATHER_INFO |
| 2012-04-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0518.nasl - Type : ACT_GATHER_INFO |
| 2012-04-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1428-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-24 | Name : The remote host may be affected by a memory corruption vulnerability. File : openssl_0_9_8v.nasl - Type : ACT_GATHER_INFO |
| 2012-04-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120418.nasl - Type : ACT_GATHER_INFO |
| 2012-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5420.nasl - Type : ACT_GATHER_INFO |
| 2012-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5421.nasl - Type : ACT_GATHER_INFO |
| 2012-04-23 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_7184f92e8bb811e18d7b003067b2972c.nasl - Type : ACT_GATHER_INFO |
| 2012-04-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2454.nasl - Type : ACT_GATHER_INFO |
| 2012-04-20 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_0_0_24.nasl - Type : ACT_GATHER_INFO |
| 2012-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-060.nasl - Type : ACT_GATHER_INFO |
| 2012-04-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1424-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0480.nasl - Type : ACT_GATHER_INFO |
| 2012-04-19 | Name : The remote host may be affected by a memory corruption vulnerability. File : openssl_1_0_0i.nasl - Type : ACT_GATHER_INFO |
| 2012-04-19 | Name : The remote host may be affected by a memory corruption vulnerability. File : openssl_1_0_1a.nasl - Type : ACT_GATHER_INFO |
| 2012-04-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0480.nasl - Type : ACT_GATHER_INFO |
| 2012-04-13 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-4417.nasl - Type : ACT_GATHER_INFO |
| 2012-04-12 | Name : The remote Fedora host is missing a security update. File : fedora_2012-4357.nasl - Type : ACT_GATHER_INFO |
| 2012-04-12 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-4451.nasl - Type : ACT_GATHER_INFO |
| 2012-04-12 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5298.nasl - Type : ACT_GATHER_INFO |
| 2012-04-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-056.nasl - Type : ACT_GATHER_INFO |
| 2012-04-11 | Name : The remote Fedora host is missing a security update. File : fedora_2012-4569.nasl - Type : ACT_GATHER_INFO |
| 2012-04-09 | Name : The remote Fedora host is missing a security update. File : fedora_2012-4308.nasl - Type : ACT_GATHER_INFO |
| 2012-04-09 | Name : The remote Fedora host is missing a security update. File : fedora_2012-4342.nasl - Type : ACT_GATHER_INFO |
| 2012-04-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1418-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-04 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0451.nasl - Type : ACT_GATHER_INFO |
| 2012-04-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0451.nasl - Type : ACT_GATHER_INFO |
| 2012-04-02 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-4409.nasl - Type : ACT_GATHER_INFO |
| 2012-04-02 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-045.nasl - Type : ACT_GATHER_INFO |
| 2012-04-02 | Name : The remote host may be affected by multiple vulnerabilities. File : openssl_0_9_8u.nasl - Type : ACT_GATHER_INFO |
| 2012-04-02 | Name : The remote host may be affected by multiple vulnerabilities. File : openssl_1_0_0h.nasl - Type : ACT_GATHER_INFO |
| 2012-03-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0429.nasl - Type : ACT_GATHER_INFO |
| 2012-03-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0426.nasl - Type : ACT_GATHER_INFO |
| 2012-03-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0427.nasl - Type : ACT_GATHER_INFO |
| 2012-03-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0428.nasl - Type : ACT_GATHER_INFO |
| 2012-03-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-040.nasl - Type : ACT_GATHER_INFO |
| 2012-03-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0426.nasl - Type : ACT_GATHER_INFO |
| 2012-03-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0427.nasl - Type : ACT_GATHER_INFO |
| 2012-03-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0428.nasl - Type : ACT_GATHER_INFO |
| 2012-03-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0429.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2443.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-039.nasl - Type : ACT_GATHER_INFO |
| 2012-03-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2440.nasl - Type : ACT_GATHER_INFO |
| 2012-03-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2441.nasl - Type : ACT_GATHER_INFO |
| 2012-03-26 | Name : The remote Fedora host is missing a security update. File : fedora_2012-4578.nasl - Type : ACT_GATHER_INFO |
| 2012-03-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2e7e907273a011e1a883001cc0a36e12.nasl - Type : ACT_GATHER_INFO |
| 2012-03-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_aecee357739e11e1a883001cc0a36e12.nasl - Type : ACT_GATHER_INFO |
| 2012-03-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0397.nasl - Type : ACT_GATHER_INFO |
| 2012-03-20 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0393.nasl - Type : ACT_GATHER_INFO |
| 2012-03-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0397.nasl - Type : ACT_GATHER_INFO |
| 2012-03-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0393.nasl - Type : ACT_GATHER_INFO |
| 2012-03-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1396-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
| 2012-03-08 | Name : The remote Fedora host is missing a security update. File : fedora_2012-2144.nasl - Type : ACT_GATHER_INFO |
| 2012-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
| 2012-03-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1384-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1386-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1390-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201203-04.nasl - Type : ACT_GATHER_INFO |
| 2012-03-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201203-12.nasl - Type : ACT_GATHER_INFO |
| 2012-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2012-2123.nasl - Type : ACT_GATHER_INFO |
| 2012-02-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1380-1.nasl - Type : ACT_GATHER_INFO |
| 2012-02-28 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1376-1.nasl - Type : ACT_GATHER_INFO |
| 2012-02-27 | Name : The remote Fedora host is missing a security update. File : fedora_2012-2162.nasl - Type : ACT_GATHER_INFO |
| 2012-02-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0324.nasl - Type : ACT_GATHER_INFO |
| 2012-02-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2417.nasl - Type : ACT_GATHER_INFO |
| 2012-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0324.nasl - Type : ACT_GATHER_INFO |
| 2012-02-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-120209.nasl - Type : ACT_GATHER_INFO |
| 2012-02-20 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7961.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0107.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0125.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0126.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0125.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0126.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1363-1.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1364-1.nasl - Type : ACT_GATHER_INFO |
| 2012-02-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2012-041-03.nasl - Type : ACT_GATHER_INFO |
| 2012-02-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0107.nasl - Type : ACT_GATHER_INFO |
| 2012-02-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1357-1.nasl - Type : ACT_GATHER_INFO |
| 2012-02-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120129.nasl - Type : ACT_GATHER_INFO |
| 2012-02-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120130.nasl - Type : ACT_GATHER_INFO |
| 2012-02-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1356-1.nasl - Type : ACT_GATHER_INFO |
| 2012-02-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0086.nasl - Type : ACT_GATHER_INFO |
| 2012-02-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0086.nasl - Type : ACT_GATHER_INFO |
| 2012-01-31 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0058.nasl - Type : ACT_GATHER_INFO |
| 2012-01-31 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0059.nasl - Type : ACT_GATHER_INFO |
| 2012-01-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-011.nasl - Type : ACT_GATHER_INFO |
| 2012-01-27 | Name : The remote host may be affected by a denial of service vulnerability. File : openssl_0_9_8t.nasl - Type : ACT_GATHER_INFO |
| 2012-01-27 | Name : The remote host may be affected by a denial of service vulnerability. File : openssl_1_0_0g.nasl - Type : ACT_GATHER_INFO |
| 2012-01-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0060.nasl - Type : ACT_GATHER_INFO |
| 2012-01-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gnutls-120123.nasl - Type : ACT_GATHER_INFO |
| 2012-01-25 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0702.nasl - Type : ACT_GATHER_INFO |
| 2012-01-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0058.nasl - Type : ACT_GATHER_INFO |
| 2012-01-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0059.nasl - Type : ACT_GATHER_INFO |
| 2012-01-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0060.nasl - Type : ACT_GATHER_INFO |
| 2012-01-25 | Name : A remote web application uses a framework that is affected by code execution ... File : struts_xwork_ognl_code_execution_safe1.nasl - Type : ACT_ATTACK |
| 2012-01-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1344-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1345-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2392.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1336-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1337-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1340-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1341-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-23 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0708.nasl - Type : ACT_GATHER_INFO |
| 2012-01-23 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_5c5f19ce43af11e189b4001ec9578670.nasl - Type : ACT_GATHER_INFO |
| 2012-01-19 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-008.nasl - Type : ACT_GATHER_INFO |
| 2012-01-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2389.nasl - Type : ACT_GATHER_INFO |
| 2012-01-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0018.nasl - Type : ACT_GATHER_INFO |
| 2012-01-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-006.nasl - Type : ACT_GATHER_INFO |
| 2012-01-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-120111.nasl - Type : ACT_GATHER_INFO |
| 2012-01-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7923.nasl - Type : ACT_GATHER_INFO |
| 2012-01-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2390.nasl - Type : ACT_GATHER_INFO |
| 2012-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0250.nasl - Type : ACT_GATHER_INFO |
| 2012-01-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_78cc8a463e5611e189b4001ec9578670.nasl - Type : ACT_GATHER_INFO |
| 2012-01-13 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1328-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1330-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1332-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0007.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1323-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1324-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1325-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-11 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0232.nasl - Type : ACT_GATHER_INFO |
| 2012-01-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0007.nasl - Type : ACT_GATHER_INFO |
| 2012-01-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1322-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-09 | Name : The remote web server has multiple SSL-related vulnerabilities. File : openssl_0_9_8s.nasl - Type : ACT_GATHER_INFO |
| 2012-01-09 | Name : The remote web server is affected by multiple SSL-related vulnerabilities. File : openssl_1_0_0f.nasl - Type : ACT_GATHER_INFO |
| 2012-01-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1318-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1319-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-05 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-111219.nasl - Type : ACT_GATHER_INFO |
| 2011-12-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1311-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1312-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-14 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-111202.nasl - Type : ACT_GATHER_INFO |
| 2011-12-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1299-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1300-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1301-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1302-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1303-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1304-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-100709.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_ncpfs-110824.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_compat-openssl097g-7645.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7666.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7812.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7462.nasl - Type : ACT_GATHER_INFO |
| 2011-12-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1797.nasl - Type : ACT_GATHER_INFO |
| 2011-12-12 | Name : The remote Fedora host is missing a security update. File : fedora_2011-16621.nasl - Type : ACT_GATHER_INFO |
| 2011-12-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1797.nasl - Type : ACT_GATHER_INFO |
| 2011-12-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1291-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1292-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1293-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1294-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1526.nasl - Type : ACT_GATHER_INFO |
| 2011-12-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1530.nasl - Type : ACT_GATHER_INFO |
| 2011-12-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1286-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1479.nasl - Type : ACT_GATHER_INFO |
| 2011-11-29 | Name : The remote Fedora host is missing a security update. File : fedora_2011-16346.nasl - Type : ACT_GATHER_INFO |
| 2011-11-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-178.nasl - Type : ACT_GATHER_INFO |
| 2011-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2011-16237.nasl - Type : ACT_GATHER_INFO |
| 2011-11-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1269-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1278-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1280-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1281-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1465.nasl - Type : ACT_GATHER_INFO |
| 2011-11-22 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15959.nasl - Type : ACT_GATHER_INFO |
| 2011-11-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1268-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1272-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-22 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1274-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-10 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_bdec8dc20b3b11e1b722001cc0476564.nasl - Type : ACT_GATHER_INFO |
| 2011-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1253-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-04 | Name : The remote host is missing the patch for the advisory RHSA-2011-1424 File : redhat-RHSA-2011-1424.nasl - Type : ACT_GATHER_INFO |
| 2011-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-13874.nasl - Type : ACT_GATHER_INFO |
| 2011-10-28 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0013.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1239-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1240-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1241-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1242-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1243-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1244-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1245-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1246-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7734.nasl - Type : ACT_GATHER_INFO |
| 2011-10-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
| 2011-10-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
| 2011-10-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1236-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1228-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-148.nasl - Type : ACT_GATHER_INFO |
| 2011-10-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1227-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-11 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-03.nasl - Type : ACT_GATHER_INFO |
| 2011-10-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12874.nasl - Type : ACT_GATHER_INFO |
| 2011-10-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-01.nasl - Type : ACT_GATHER_INFO |
| 2011-10-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1350.nasl - Type : ACT_GATHER_INFO |
| 2011-10-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1225-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1218-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1219-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1220-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1216-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2310.nasl - Type : ACT_GATHER_INFO |
| 2011-09-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1241.nasl - Type : ACT_GATHER_INFO |
| 2011-09-23 | Name : It may be possible to predict TCP/IP Initial Sequence Numbers for the remote ... File : linux_isn.nasl - Type : ACT_GATHER_INFO |
| 2011-09-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1211-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1212-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1208-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1201-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1203-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1205-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2303.nasl - Type : ACT_GATHER_INFO |
| 2011-09-07 | Name : The remote Fedora host is missing a security update. File : fedora_2011-10671.nasl - Type : ACT_GATHER_INFO |
| 2011-09-06 | Name : The remote Fedora host is missing a security update. File : fedora_2011-10718.nasl - Type : ACT_GATHER_INFO |
| 2011-09-06 | Name : The remote Fedora host is missing a security update. File : fedora_2011-10733.nasl - Type : ACT_GATHER_INFO |
| 2011-09-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1241.nasl - Type : ACT_GATHER_INFO |
| 2011-08-23 | Name : The remote Fedora host is missing a security update. File : fedora_2011-11103.nasl - Type : ACT_GATHER_INFO |
| 2011-08-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1189-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1193-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-12 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_ecryptfs-utils-110804.nasl - Type : ACT_GATHER_INFO |
| 2011-08-10 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1188-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO |
| 2011-07-28 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_compat-openssl097g-7644.nasl - Type : ACT_GATHER_INFO |
| 2011-07-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110718.nasl - Type : ACT_GATHER_INFO |
| 2011-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1168-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1161-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-24 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_6_8.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1129-1.nasl - Type : ACT_GATHER_INFO |
| 2011-05-20 | Name : The remote host is missing the patch for the advisory RHSA-2011-0558 File : redhat-RHSA-2011-0558.nasl - Type : ACT_GATHER_INFO |
| 2011-05-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0677.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libopenssl-devel-101207.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libopenssl-devel-101207.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libopenssl-devel-110210.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_perl-110112.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_perl-CGI-Simple-110107.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_perl-CGI-Simple-110127.nasl - Type : ACT_GATHER_INFO |
| 2011-05-04 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12701.nasl - Type : ACT_GATHER_INFO |
| 2011-05-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7463.nasl - Type : ACT_GATHER_INFO |
| 2011-05-02 | Name : The remote Fedora host is missing a security update. File : fedora_2011-5865.nasl - Type : ACT_GATHER_INFO |
| 2011-05-02 | Name : The remote Fedora host is missing a security update. File : fedora_2011-5876.nasl - Type : ACT_GATHER_INFO |
| 2011-04-29 | Name : The remote Fedora host is missing a security update. File : fedora_2011-5878.nasl - Type : ACT_GATHER_INFO |
| 2011-03-27 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-110210.nasl - Type : ACT_GATHER_INFO |
| 2011-03-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1255.nasl - Type : ACT_GATHER_INFO |
| 2011-02-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-028.nasl - Type : ACT_GATHER_INFO |
| 2011-02-16 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1064-1.nasl - Type : ACT_GATHER_INFO |
| 2011-02-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2162.nasl - Type : ACT_GATHER_INFO |
| 2011-02-15 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1273.nasl - Type : ACT_GATHER_INFO |
| 2011-02-11 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2011-041-04.nasl - Type : ACT_GATHER_INFO |
| 2011-02-09 | Name : The remote web server has an SSL-related denial of service vulnerability. File : openssl_1_0_0d.nasl - Type : ACT_GATHER_INFO |
| 2011-02-07 | Name : The remote host allows resuming SSL sessions with a weaker cipher than the on... File : openssl_resume_different_cipher.nasl - Type : ACT_ATTACK |
| 2011-02-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0741.nasl - Type : ACT_GATHER_INFO |
| 2011-02-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0755.nasl - Type : ACT_GATHER_INFO |
| 2011-02-01 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0640.nasl - Type : ACT_GATHER_INFO |
| 2011-02-01 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0654.nasl - Type : ACT_GATHER_INFO |
| 2011-01-31 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0631.nasl - Type : ACT_GATHER_INFO |
| 2011-01-31 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0653.nasl - Type : ACT_GATHER_INFO |
| 2011-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0977.nasl - Type : ACT_GATHER_INFO |
| 2011-01-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-008.nasl - Type : ACT_GATHER_INFO |
| 2011-01-26 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_c8c927e5289111e08f2600151735203a.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-100708.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-101207.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_perl-110112.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_perl-7316.nasl - Type : ACT_GATHER_INFO |
| 2011-01-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2141.nasl - Type : ACT_GATHER_INFO |
| 2010-12-20 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18736.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0978.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0977.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0978.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0979.nasl - Type : ACT_GATHER_INFO |
| 2010-12-12 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18765.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-340-01.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-248.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1029-1.nasl - Type : ACT_GATHER_INFO |
| 2010-12-07 | Name : The remote web server is affected by multiple vulnerabilities. File : openssl_1_0_0c.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-101025.nasl - Type : ACT_GATHER_INFO |
| 2010-11-16 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201011-01.nasl - Type : ACT_GATHER_INFO |
| 2010-11-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-237.nasl - Type : ACT_GATHER_INFO |
| 2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_glibc-101026.nasl - Type : ACT_GATHER_INFO |
| 2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_glibc-101027.nasl - Type : ACT_GATHER_INFO |
| 2010-10-28 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_glibc-7201.nasl - Type : ACT_GATHER_INFO |
| 2010-10-06 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12641.nasl - Type : ACT_GATHER_INFO |
| 2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-112.nasl - Type : ACT_GATHER_INFO |
| 2010-06-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2058.nasl - Type : ACT_GATHER_INFO |
| 2010-06-09 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-111.nasl - Type : ACT_GATHER_INFO |
| 2010-05-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-944-1.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2016-03-01 13:26:32 |
|
| 2015-12-24 13:25:54 |
|
| 2014-02-17 12:07:24 |
|
| 2013-11-11 12:41:41 |
|
| 2013-05-02 21:20:23 |
|
| 2012-12-21 13:21:18 |
|
| 2012-12-21 09:23:29 |
|
| 2012-12-21 09:22:00 |
|
