This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cacti First view 2007-11-20
Product Cacti Last view 2025-01-27
Version 0.8.1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:cacti:cacti

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.2 2025-01-27 CVE-2025-22604

Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes(), a part of each OID will be used as a key in an array that is used as part of a system command, causing a command execution vulnerability. This vulnerability is fixed in 1.2.29.

8.8 2025-01-27 CVE-2024-54146

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of host_templates.php using the graph_template parameter. This vulnerability is fixed in 1.2.29.

8.8 2025-01-27 CVE-2024-54145

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the get_discovery_results function of automation_devices.php using the network parameter. This vulnerability is fixed in 1.2.29.

4.9 2025-01-27 CVE-2024-45598

Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the `Poller Standard Error Log Path` parameter in either Installation Step 5 or in Configuration->Settings->Paths tab to a local file inside the server. Then simply going to Logs tab and selecting the name of the local file will show its content on the web UI. This vulnerability is fixed in 1.2.29.

8.2 2024-10-07 CVE-2024-43364

Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stored in the database and reflected back to user in index.php, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `title` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability.

7.2 2024-10-07 CVE-2024-43363

Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps before or after it) to use a php file as the cacti log file. After having the malicious hostname end up in the logs (log poisoning), one can simply go to the log file url to execute commands to achieve RCE. This issue has been addressed in version 1.2.28 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

5.4 2024-10-07 CVE-2024-43362

Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed in some html code which is passed to the `print` function in `link.php` and `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `fileurl` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this issue.

9.1 2024-05-14 CVE-2024-34340

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, Cacti calls `compat_password_hash` when users set their password. `compat_password_hash` use `password_hash` if there is it, else use `md5`. When verifying password, it calls `compat_password_verify`. In `compat_password_verify`, `password_verify` is called if there is it, else use `md5`. `password_verify` and `password_hash` are supported on PHP < 5.5.0, following PHP manual. The vulnerability is in `compat_password_verify`. Md5-hashed user input is compared with correct password in database by `$md5 == $hash`. It is a loose comparison, not `===`. It is a type juggling vulnerability. Version 1.2.27 contains a patch for the issue.

8.8 2024-05-14 CVE-2024-31460

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_nodes()` function from `lib/api_automation.php` , finally resulting in SQL injection. Using SQL based secondary injection technology, attackers can modify the contents of the Cacti database, and based on the modified content, it may be possible to achieve further impact, such as arbitrary file reading, and even remote code execution through arbitrary file writing. Version 1.2.27 contains a patch for the issue.

7.2 2024-05-14 CVE-2024-31459

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. There is a file inclusion issue with the `api_plugin_hook()` function in the `lib/plugin.php` file, which reads the plugin_hooks and plugin_config tables in database. The read data is directly used to concatenate the file path which is used for file inclusion. Version 1.2.27 contains a patch for the issue.

8 2024-05-14 CVE-2024-31458

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `form_save()` function in `graph_template_inputs.php` is not thoroughly checked and is used to concatenate the SQL statement in `draw_nontemplated_fields_graph_item()` function from `lib/html_form_templates.php` , finally resulting in SQL injection. Version 1.2.27 contains a patch for the issue.

8.8 2024-05-14 CVE-2024-31445

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. In `api_automation.php` line 856, the `get_request_var('filter')` is being concatenated into the SQL statement without any sanitization. In `api_automation.php` line 717, The filter of `'filter'` is `FILTER_DEFAULT`, which means there is no filter for it. Version 1.2.27 contains a patch for the issue.

5.4 2024-05-14 CVE-2024-31444

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in `form_confirm()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.

5.4 2024-05-14 CVE-2024-31443

Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.

4.7 2024-05-14 CVE-2024-29894

Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js to fix CVE-2023-50250 (among others). However, it still generates the code out of unescaped PHP variables `$title` and `$header`. If those variables contain single quotes, they can be used to inject JavaScript code. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. Version 1.2.27 fixes this issue.

5.4 2024-05-14 CVE-2024-27082

Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently stored on a target server and served to users who access a particular page. Version 1.2.27 contains a patch for the issue.

7.2 2024-05-14 CVE-2024-25641

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the `import_package()` function defined into the `/lib/import.php` script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue.

4.8 2023-12-22 CVE-2023-49088

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http:///cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.

8.8 2023-12-22 CVE-2023-49085

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist.

4.8 2023-09-06 CVE-2023-39511

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `reports_admin.php` displays reporting information about graphs, devices, data sources etc. _CENSUS_ found that an adversary that is able to configure a malicious device name, related to a graph attached to a report, can deploy a stored XSS attack against any super user who has privileges of viewing the `reports_admin.php` page, such as administrative accounts. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http:///cacti/host.php`, while the rendered malicious payload is exhibited at `http:///cacti/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually filter HTML output.

4.8 2023-09-05 CVE-2023-39516

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app. CENSUS found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the 'General Administration>Sites/Devices/Data' permissions can configure the data source path in Cacti. This configuration occurs through `http:///cacti/data_sources.php`. The same page can be used for previewing the data source path. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually escape HTML output.

4.8 2023-09-05 CVE-2023-39515

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_debug.php` displays data source related debugging information such as _data source paths, polling settings, meta-data on the data source_. _CENSUS_ found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user that has privileges related to viewing the `data_debug.php` information. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the data source path in _cacti_. This configuration occurs through `http:///cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.

5.4 2023-09-05 CVE-2023-39514

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `graphs.php` displays graph details such as data-source paths, data template information and graph related fields. _CENSUS_ found that an adversary that is able to configure either a data-source template with malicious code appended in the data-source name or a device with a malicious payload injected in the device name, may deploy a stored XSS attack against any user with _General Administration>Graphs_ privileges. A user that possesses the _Template Editor>Data Templates_ permissions can configure the data-source name in _cacti_. Please note that this may be a _low privileged_ user. This configuration occurs through `http:///cacti/data_templates.php` by editing an existing or adding a new data template. If a template is linked to a graph then the formatted template name will be rendered in the graph's management page. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device name in _cacti_. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should add manual HTML escaping.

5.4 2023-09-05 CVE-2023-39513

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `host.php` is used to monitor and manage hosts in the _cacti_ app, hence displays useful information such as data queries and verbose logs. _CENSUS_ found that an adversary that is able to configure a data-query template with malicious code appended in the template path, in order to deploy a stored XSS attack against any user with the _General Administration>Sites/Devices/Data_ privileges. A user that possesses the _Template Editor>Data Queries_ permissions can configure the data query template path in _cacti_. Please note that such a user may be a low privileged user. This configuration occurs through `http:///cacti/data_queries.php` by editing an existing or adding a new data query template. If a template is linked to a device then the formatted template path will be rendered in the device's management page, when a _verbose data query_ is requested. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.

4.8 2023-09-05 CVE-2023-39512

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration, device name related to the datasource etc.) for different data visualizations of the _cacti_ app. _CENSUS_ found that an adversary that is able to configure a malicious device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http:///cacti/host.php`, while the rendered malicious payload is exhibited at `http:///cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.

CWE : Common Weakness Enumeration

%idName
38% (29) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
33% (25) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...
6% (5) CWE-94 Failure to Control Generation of Code ('Code Injection')
4% (3) CWE-264 Permissions, Privileges, and Access Controls
2% (2) CWE-639 Access Control Bypass Through User-Controlled Key
2% (2) CWE-352 Cross-Site Request Forgery (CSRF)
2% (2) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
1% (1) CWE-787 Out-of-bounds Write
1% (1) CWE-697 Insufficient Comparison
1% (1) CWE-502 Deserialization of Untrusted Data
1% (1) CWE-281 Improper Preservation of Permissions
1% (1) CWE-200 Information Exposure
1% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
77097 Cacti auth_login.php login_username Parameter SQL Injection
67529 Cacti user_admin.php Unspecified Parameter XSS
67528 Cacti tree.php Unspecified Parameter XSS
67527 Cacti rra.php Unspecified Parameter XSS
67526 Cacti lib/rrd.php Unspecified Parameter XSS
67525 Cacti lib/html_tree.php Unspecified Parameter XSS
67524 Cacti lib/html.php Unspecified Parameter XSS
67523 Cacti lib/html_form_template.php Unspecified Parameter XSS
67522 Cacti lib/html_form.php Unspecified Parameter XSS
67521 Cacti lib/functions.php Unspecified Parameter XSS
67520 Cacti host_templates.php Unspecified Parameter XSS
67519 Cacti host.php Unspecified Parameter XSS
67518 Cacti graph_view.php Unspecified Parameter XSS
67517 Cacti graph_templates.php Unspecified Parameter XSS
67516 Cacti graph_templates_items.php Unspecified Parameter XSS
67515 Cacti graph_templates_inputs.php Unspecified Parameter XSS
67514 Cacti graphs.php Unspecified Parameter XSS
67513 Cacti graphs_new.php Unspecified Parameter XSS
67512 Cacti graph.php Unspecified Parameter XSS
67511 Cacti gprint_presets.php Unspecified Parameter XSS
67510 Cacti data_templates.php Unspecified Parameter XSS
67509 Cacti data_sources.php Unspecified Parameter XSS
67508 Cacti data_queries.php Unspecified Parameter XSS
67507 Cacti data_input.php Unspecified Parameter XSS
67506 Cacti cdef.php Unspecified Parameter XSS

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-02-12 Name : Debian Security Advisory DSA 2384-2 (cacti)
File : nvt/deb_2384_2.nasl
2012-02-11 Name : Debian Security Advisory DSA 2384-1 (cacti)
File : nvt/deb_2384_1.nasl
2012-01-23 Name : Mandriva Update for cacti MDVSA-2012:010 (cacti)
File : nvt/gb_mandriva_MDVSA_2012_010.nasl
2011-11-15 Name : Cacti Unspecified SQL Injection and Cross Site Scripting Vulnerabilities
File : nvt/gb_cacti_50671.nasl
2010-08-30 Name : Cacti Cross Site Scripting and HTML Injection Vulnerabilities
File : nvt/gb_cacti_42575.nasl
2010-08-30 Name : Mandriva Update for cacti MDVSA-2010:160 (cacti)
File : nvt/gb_mandriva_MDVSA_2010_160.nasl
2010-07-06 Name : Debian Security Advisory DSA 2060-1 (cacti)
File : nvt/deb_2060_1.nasl
2010-06-18 Name : Mandriva Update for cacti MDVSA-2010:117 (cacti)
File : nvt/gb_mandriva_MDVSA_2010_117.nasl
2010-05-25 Name : Cacti Multiple Cross Site Scripting Vulnerabilities
File : nvt/gb_cacti_40332.nasl
2010-05-14 Name : Cacti 'rra_id' Parameter SQL Injection Vulnerability
File : nvt/gb_cacti_40149.nasl
2010-05-13 Name : Cacti 'export_item_id' Parameter SQL Injection Vulnerability
File : nvt/gb_cacti_sql_inj_vuln.nasl
2010-05-07 Name : Mandriva Update for cacti MDVSA-2010:092 (cacti)
File : nvt/gb_mandriva_MDVSA_2010_092.nasl
2010-05-04 Name : Debian Security Advisory DSA 2039-1 (cacti)
File : nvt/deb_2039_1.nasl
2010-05-04 Name : FreeBSD Ports: cacti
File : nvt/freebsd_cacti7.nasl
2010-04-23 Name : Cacti Multiple Input Validation Security Vulnerabilities
File : nvt/gb_cacti_39639.nasl
2010-04-16 Name : Mandriva Update for flashplayer MDVA-2010:117 (flashplayer)
File : nvt/gb_mandriva_MDVA_2010_117.nasl
2010-03-12 Name : Mandriva Update for kvm MDVA-2010:092 (kvm)
File : nvt/gb_mandriva_MDVA_2010_092.nasl
2009-12-30 Name : Debian Security Advisory DSA 1954-1 (cacti)
File : nvt/deb_1954_1.nasl
2009-12-01 Name : Cacti 'Linux - Get Memory Usage' Remote Command Execution Vulnerability
File : nvt/cacti_37137.nasl
2009-05-28 Name : Cacti Multiple Input Validation Vulnerabilities
File : nvt/cacti_27749.nasl
2009-05-16 Name : Cacti 'data_input.php' Cross Site Scripting Vulnerability
File : nvt/cacti_34991.nasl
2009-02-27 Name : Fedora Update for cacti FEDORA-2007-3683
File : nvt/gb_fedora_2007_3683_cacti_fc7.nasl
2009-02-27 Name : Fedora Update for cacti FEDORA-2007-3667
File : nvt/gb_fedora_2007_3667_cacti_fc8.nasl
2009-02-16 Name : Fedora Update for cacti FEDORA-2008-1699
File : nvt/gb_fedora_2008_1699_cacti_fc8.nasl
2009-02-16 Name : Fedora Update for cacti FEDORA-2008-1737
File : nvt/gb_fedora_2008_1737_cacti_fc7.nasl

Snort® IPS/IDS

Date Description
2016-03-14 Cacti graphs_new.php SQL injection attempt
RuleID : 37321 - Type : SERVER-WEBAPP - Revision : 2
2015-08-27 Cacti graphs local_graph_id SQL injection attempt
RuleID : 35354 - Type : SERVER-WEBAPP - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-11-13 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201711-10.nasl - Type: ACT_GATHER_INFO
2017-10-03 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-904.nasl - Type: ACT_GATHER_INFO
2017-09-06 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-999.nasl - Type: ACT_GATHER_INFO
2017-09-01 Name: The remote Fedora host is missing a security update.
File: fedora_2017-c0cdc6ebdd.nasl - Type: ACT_GATHER_INFO
2017-09-01 Name: The remote Fedora host is missing a security update.
File: fedora_2017-2f1ca6beb7.nasl - Type: ACT_GATHER_INFO
2017-08-18 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-874.nasl - Type: ACT_GATHER_INFO
2017-08-10 Name: The remote Fedora host is missing a security update.
File: fedora_2017-127e76d78d.nasl - Type: ACT_GATHER_INFO
2017-08-08 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-889.nasl - Type: ACT_GATHER_INFO
2017-08-08 Name: The remote Fedora host is missing a security update.
File: fedora_2017-6833997d76.nasl - Type: ACT_GATHER_INFO
2017-04-21 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-817.nasl - Type: ACT_GATHER_INFO
2017-03-14 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-325.nasl - Type: ACT_GATHER_INFO
2017-03-09 Name: The remote Fedora host is missing a security update.
File: fedora_2017-a513be0939.nasl - Type: ACT_GATHER_INFO
2017-03-08 Name: The remote Fedora host is missing a security update.
File: fedora_2017-8b0737b093.nasl - Type: ACT_GATHER_INFO
2016-07-26 Name: The remote Debian host is missing a security update.
File: debian_DLA-560.nasl - Type: ACT_GATHER_INFO
2016-07-18 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201607-05.nasl - Type: ACT_GATHER_INFO
2016-07-14 Name: The remote Fedora host is missing a security update.
File: fedora_2016-e8652e3efb.nasl - Type: ACT_GATHER_INFO
2016-07-14 Name: The remote Fedora host is missing a security update.
File: fedora_2016-879977eea0.nasl - Type: ACT_GATHER_INFO
2016-07-14 Name: The remote Fedora host is missing a security update.
File: fedora_2016-01198b9f9d.nasl - Type: ACT_GATHER_INFO
2016-06-06 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2016-711.nasl - Type: ACT_GATHER_INFO
2016-05-31 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_6167b341250c11e6a6fb003048f2e514.nasl - Type: ACT_GATHER_INFO
2016-05-20 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-601.nasl - Type: ACT_GATHER_INFO
2016-05-09 Name: The remote Fedora host is missing a security update.
File: fedora_2016-852a39e085.nasl - Type: ACT_GATHER_INFO
2016-05-05 Name: The remote Fedora host is missing a security update.
File: fedora_2016-4a5ce6a6c0.nasl - Type: ACT_GATHER_INFO
2016-05-04 Name: The remote Fedora host is missing a security update.
File: fedora_2016-a8e2be0fe6.nasl - Type: ACT_GATHER_INFO
2016-03-25 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2016-673.nasl - Type: ACT_GATHER_INFO