Executive Summary
Summary | |
---|---|
Title | - VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues. |
Informations | |||
---|---|---|---|
Name | VMSA-2013-0003 | First vendor Publication | 2013-02-21 |
Vendor | VMware | Last vendor Modification | 2013-02-21 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.6 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
a. VMware vCenter, ESXi and ESX NFC protocol memory corruption vulnerability VMware vCenter Server, ESXi and ESX contain a vulnerability in the handling of the Network File Copy (NFC) protocol. To exploit this vulnerability, an attacker must intercept and modify the NFC traffic between vCenter Server and the client or ESXi/ESX and the client. Exploitation of the issue may lead to code execution. To reduce the likelihood of exploitation, vSphere components should be deployed on an isolated management network VMware would like to thank Alex Chapman of Context Information Security for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-1659 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= vCenter Server 5.1 any vCenter Server 5.1.0b vCenter Server 5.0 any vCenter Server 5.0 Update 2 vCenter Server 4.1 any not affected vCenter Server 4.0 any vCenter Server 4.0 Update 4b VirtualCenter 2.5 any not affected hosted* any any not affected ESXi 5.1 ESXi ESXi510-201212101-SG ESXi 5.0 ESXi ESXi500-201212101-SG ESXi 4.1 ESXi ESXi410-201301401-SG ESXi 4.0 ESXi ESXi400-201302401-SG ESXi 3.5 ESXi ESXe350-201302401-I-SG ESX 4.1 ESX ESX410-201301401-SG ESX 4.0 ESX ESX400-201302401-SG ESX 3.5 ESX ESX350-201302401-SG * hosted products are VMware Workstation, Player, ACE, Fusion. b. VirtualCenter, ESX and ESXi Oracle (Sun) JRE update 1.5.0_38 Oracle (Sun) JRE is updated to version 1.5.0_38, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. Oracle has documented the CVE identifiers that are addressed in JRE 1.5.0_38 in the Oracle Java SE Critical Patch Update Advisory of October 2012. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= vCenter Server 5.1 any not applicable ** vCenter Server 5.0 any not applicable ** vCenter Server 4.1 any not applicable ** vCenter Server 4.0 any Patch Pending VirtualCenter 2.5 any VirtualCenter 2.5 Update 6c hosted* any any not affected ESXi any ESXi not applicable ESX 4.1 ESX not applicable ** ESX 4.0 ESX Patch Pending ESX 3.5 ESX ESX350-201302401-SG * hosted products are VMware Workstation, Player, Fusion. ** this product uses the Oracle (Sun) JRE 1.6.0 family c. Update to ESX service console OpenSSL RPM The service console OpenSSL RPM is updated to version openssl-0.9.7a.33.28.i686 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2110 to this issue. b. VirtualCenter, ESX and ESXi Oracle (Sun) JRE update 1.5.0_38 Oracle (Sun) JRE is updated to version 1.5.0_38, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. Oracle has documented the CVE identifiers that are addressed in JRE 1.5.0_38 in the Oracle Java SE Critical Patch Update Advisory of October 2012. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= vCenter Server 5.1 any not applicable ** vCenter Server 5.0 any not applicable ** vCenter Server 4.1 any not applicable ** vCenter Server 4.0 any Patch Pending VirtualCenter 2.5 any VirtualCenter 2.5 Update 6c hosted* any any not affected ESXi any ESXi not applicable ESX 4.1 ESX not applicable ** ESX 4.0 ESX Patch Pending ESX 3.5 ESX ESX350-201302401-SG * hosted products are VMware Workstation, Player, Fusion. ** this product uses the Oracle (Sun) JRE 1.6.0 family c. Update to ESX service console OpenSSL RPM The service console OpenSSL RPM is updated to version openssl-0.9.7a.33.28.i686 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2110 to this issue. c. Update to ESX service console OpenSSL RPM The service console OpenSSL RPM is updated to version openssl-0.9.7a.33.28.i686 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2110 to this issue. |
Original Source
Url : http://www.vmware.com/security/advisories/VMSA-2013-0003.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:17928 | |||
Oval ID: | oval:org.mitre.oval:def:17928 | ||
Title: | USN-1424-1 -- openssl vulnerabilities | ||
Description: | An application using OpenSSL could be made to crash or run programs if it opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1424-1 CVE-2006-7250 CVE-2012-1165 CVE-2012-2110 | Version: | 7 |
Platform(s): | Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 Ubuntu 8.04 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19831 | |||
Oval ID: | oval:org.mitre.oval:def:19831 | ||
Title: | VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues. | ||
Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-2110 | Version: | 4 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20707 | |||
Oval ID: | oval:org.mitre.oval:def:20707 | ||
Title: | VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues. | ||
Description: | VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1659 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20716 | |||
Oval ID: | oval:org.mitre.oval:def:20716 | ||
Title: | VMware vSphere and vCOps updates to third party libraries | ||
Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-2110 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21032 | |||
Oval ID: | oval:org.mitre.oval:def:21032 | ||
Title: | Multiple OpenSSL vulnerabilities | ||
Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-2110 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21366 | |||
Oval ID: | oval:org.mitre.oval:def:21366 | ||
Title: | RHSA-2012:0518: openssl security update (Important) | ||
Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0518-02 CESA-2012:0518 CVE-2012-2110 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | openssl openssl097a openssl098e |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23304 | |||
Oval ID: | oval:org.mitre.oval:def:23304 | ||
Title: | DEPRECATED: ELSA-2012:0518: openssl security update (Important) | ||
Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0518-02 CVE-2012-2110 | Version: | 7 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | openssl openssl097a openssl098e |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23704 | |||
Oval ID: | oval:org.mitre.oval:def:23704 | ||
Title: | ELSA-2012:0518: openssl security update (Important) | ||
Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0518-02 CVE-2012-2110 | Version: | 6 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | openssl openssl097a openssl098e |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24750 | |||
Oval ID: | oval:org.mitre.oval:def:24750 | ||
Title: | OpenSSL vulnerability in 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a, allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact | ||
Description: | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-2110 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27811 | |||
Oval ID: | oval:org.mitre.oval:def:27811 | ||
Title: | DEPRECATED: ELSA-2012-0518 -- openssl security update (important) | ||
Description: | openssl: [1.0.0-20.4] - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185) openssl098e: [0.9.8e-17.el6_2.2] - Updated the description [0.9.8e-17.2] - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0518 CVE-2012-2110 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openssl openssl097a openssl098e |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2012-04-19 | OpenSSL ASN1 BIO Memory Corruption Vulnerability |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
2012-08-30 | Name : Fedora Update for openssl FEDORA-2012-6343 File : nvt/gb_fedora_2012_6343_openssl_fc17.nasl |
2012-08-10 | Name : FreeBSD Ports: FreeBSD File : nvt/freebsd_FreeBSD19.nasl |
2012-08-03 | Name : Mandriva Update for openssl0.9.8 MDVSA-2012:064 (openssl0.9.8) File : nvt/gb_mandriva_MDVSA_2012_064.nasl |
2012-08-03 | Name : Mandriva Update for openssl MDVSA-2012:060 (openssl) File : nvt/gb_mandriva_MDVSA_2012_060.nasl |
2012-07-30 | Name : CentOS Update for openssl097a CESA-2012:0518 centos5 File : nvt/gb_CESA-2012_0518_openssl097a_centos5.nasl |
2012-07-30 | Name : CentOS Update for openssl098e CESA-2012:0518 centos6 File : nvt/gb_CESA-2012_0518_openssl098e_centos6.nasl |
2012-06-04 | Name : Fedora Update for openssl FEDORA-2012-8024 File : nvt/gb_fedora_2012_8024_openssl_fc15.nasl |
2012-06-04 | Name : Fedora Update for openssl FEDORA-2012-8014 File : nvt/gb_fedora_2012_8014_openssl_fc16.nasl |
2012-05-11 | Name : Fedora Update for openssl FEDORA-2012-6395 File : nvt/gb_fedora_2012_6395_openssl_fc15.nasl |
2012-04-30 | Name : Debian Security Advisory DSA 2454-2 (openssl) File : nvt/deb_2454_2.nasl |
2012-04-30 | Name : Fedora Update for openssl FEDORA-2012-6403 File : nvt/gb_fedora_2012_6403_openssl_fc16.nasl |
2012-04-30 | Name : FreeBSD Ports: openssl File : nvt/freebsd_openssl7.nasl |
2012-04-30 | Name : Debian Security Advisory DSA 2454-1 (openssl) File : nvt/deb_2454_1.nasl |
2012-04-26 | Name : RedHat Update for openssl RHSA-2012:0518-01 File : nvt/gb_RHSA-2012_0518-01_openssl.nasl |
2012-04-26 | Name : Ubuntu Update for openssl USN-1428-1 File : nvt/gb_ubuntu_USN_1428_1.nasl |
2012-04-20 | Name : Ubuntu Update for openssl USN-1424-1 File : nvt/gb_ubuntu_USN_1424_1.nasl |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2013-02-28 | IAVM : 2013-B-0018 - Multiple Vulnerabilities in VMware vCenter Server 5.0 Severity : Category I - VMSKEY : V0037063 |
2013-02-28 | IAVM : 2013-A-0053 - VMware ESXi 5.1 Memory Corruption Vulnerability Severity : Category I - VMSKEY : V0037065 |
2013-02-28 | IAVM : 2013-A-0056 - VMware ESXi 3.5 and ESX 3.5 Memory Corruption Vulnerability Severity : Category I - VMSKEY : V0037066 |
2013-02-28 | IAVM : 2013-A-0055 - VMware ESXi 4.0 and ESX 4.0 Memory Corruption Vulnerability Severity : Category I - VMSKEY : V0037067 |
2012-09-27 | IAVM : 2012-A-0153 - Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity : Category I - VMSKEY : V0033884 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0003_remote.nasl - Type : ACT_GATHER_INFO |
2016-02-29 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0013_remote.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16285.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_openssl_20120626.nasl - Type : ACT_GATHER_INFO |
2014-12-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10659.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0008.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0007.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0003.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-153.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-308.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote AIX host is running a vulnerable version of OpenSSL. File : aix_openssl_advisory4.nasl - Type : ACT_GATHER_INFO |
2013-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-03.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote VMware ESXi 5.1 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_1_build_911593_remote.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities. File : vmware_esxi_5_0_build_912577_remote.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-73.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-72.nasl - Type : ACT_GATHER_INFO |
2013-07-23 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_2_1_0.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0518.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2011.nasl - Type : ACT_GATHER_INFO |
2013-06-05 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_8_4.nasl - Type : ACT_GATHER_INFO |
2013-06-05 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2013-002.nasl - Type : ACT_GATHER_INFO |
2013-03-13 | Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2013-0003.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2013-0003.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-openssl097g-120830.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-120503.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0522.nasl - Type : ACT_GATHER_INFO |
2012-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18035.nasl - Type : ACT_GATHER_INFO |
2012-09-12 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_compat-openssl097g-8262.nasl - Type : ACT_GATHER_INFO |
2012-08-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0013.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120424_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-07-17 | Name : The remote router has a memory corruption vulnerability. File : juniper_psn-2012-07-645.nasl - Type : ACT_GATHER_INFO |
2012-06-28 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2ae114dec06411e1b5e0000c299b62e1.nasl - Type : ACT_GATHER_INFO |
2012-05-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-8112.nasl - Type : ACT_GATHER_INFO |
2012-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2012-6395.nasl - Type : ACT_GATHER_INFO |
2012-04-30 | Name : The remote Fedora host is missing a security update. File : fedora_2012-6403.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Fedora host is missing a security update. File : fedora_2012-6343.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1428-1.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-064.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0518.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0518.nasl - Type : ACT_GATHER_INFO |
2012-04-24 | Name : The remote host may be affected by a memory corruption vulnerability. File : openssl_0_9_8v.nasl - Type : ACT_GATHER_INFO |
2012-04-23 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_7184f92e8bb811e18d7b003067b2972c.nasl - Type : ACT_GATHER_INFO |
2012-04-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2454.nasl - Type : ACT_GATHER_INFO |
2012-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-060.nasl - Type : ACT_GATHER_INFO |
2012-04-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1424-1.nasl - Type : ACT_GATHER_INFO |
2012-04-19 | Name : The remote host may be affected by a memory corruption vulnerability. File : openssl_1_0_0i.nasl - Type : ACT_GATHER_INFO |
2012-04-19 | Name : The remote host may be affected by a memory corruption vulnerability. File : openssl_1_0_1a.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-03-05 13:26:43 |
|
2014-11-27 13:28:44 |
|
2014-02-17 12:07:26 |
|
2013-11-11 12:41:42 |
|
2013-02-25 21:19:40 |
|
2013-02-23 00:21:26 |
|
2013-02-22 09:18:15 |
|