This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Mageia First view 2014-08-06
Product Mageia Last view 2014-12-01
Version 3.0 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:mageia:mageia

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2014-12-01 CVE-2014-9087

Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.

3.4 2014-10-14 CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

5 2014-10-07 CVE-2014-7204

jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file.

5 2014-09-04 CVE-2014-5461

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.

3.3 2014-08-20 CVE-2014-2524

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.

6.8 2014-08-07 CVE-2014-3429

IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page.

7.5 2014-08-06 CVE-2013-4159

ctdb before 2.3 in OpenSUSE 12.3 and 13.1 does not create temporary files securely, which has unspecified impact related to "several temp file vulnerabilities" in (1) tcp/tcp_connect.c, (2) server/eventscript.c, (3) tools/ctdb_diagnostics, (4) config/gdb_backtrace, and (5) include/ctdb_private.h.

CWE : Common Weakness Enumeration

%idName
14% (1) CWE-399 Resource Management Errors
14% (1) CWE-310 Cryptographic Issues
14% (1) CWE-264 Permissions, Privileges, and Access Controls
14% (1) CWE-191 Integer Underflow (Wrap or Wraparound)
14% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
14% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
14% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')

OpenVAS Exploits

id Description
2014-10-16 Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability
File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0154 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0061081
2015-B-0014 Multiple Vulnerabilities in VMware ESXi 5.5
Severity: Category I - VMSKEY: V0058513
2015-B-0013 Multiple Vulnerabilities in VMware ESXi 5.1
Severity: Category I - VMSKEY: V0058515
2015-B-0012 Multiple Vulnerabilities in VMware ESXi 5.0
Severity: Category I - VMSKEY: V0058517

Snort® IPS/IDS

Date Description
2014-12-18 SSLv3 CBC client connection attempt
RuleID : 32566 - Type : POLICY-OTHER - Revision : 2
2014-11-19 SSLv3 POODLE CBC padding brute force attempt
RuleID : 32205 - Type : SERVER-OTHER - Revision : 5
2014-11-19 SSLv3 POODLE CBC padding brute force attempt
RuleID : 32204 - Type : SERVER-OTHER - Revision : 5

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-12-07 Name: The remote host is potentially affected by an SSL/TLS vulnerability.
File: check_point_gaia_sk103683.nasl - Type: ACT_GATHER_INFO
2017-07-20 Name: The remote database server is affected by multiple vulnerabilities.
File: oracle_rdbms_cpu_jul_2017.nasl - Type: ACT_GATHER_INFO
2017-04-12 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-459.nasl - Type: ACT_GATHER_INFO
2017-01-23 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201701-53.nasl - Type: ACT_GATHER_INFO
2017-01-10 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_03532a19d68e11e6917114dae9d210b8.nasl - Type: ACT_GATHER_INFO
2016-11-23 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-1339.nasl - Type: ACT_GATHER_INFO
2016-09-28 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-2396-1.nasl - Type: ACT_GATHER_INFO
2016-09-19 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-2329-1.nasl - Type: ACT_GATHER_INFO
2016-09-13 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-2285-1.nasl - Type: ACT_GATHER_INFO
2016-09-02 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-2097-1.nasl - Type: ACT_GATHER_INFO
2016-06-27 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201606-11.nasl - Type: ACT_GATHER_INFO
2016-06-17 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-1457-1.nasl - Type: ACT_GATHER_INFO
2016-05-13 Name: A web application running on the remote host is affected by multiple vulnerab...
File: solarwinds_srm_profiler_6_2_3.nasl - Type: ACT_GATHER_INFO
2016-04-14 Name: The application installed on the remote host is affected by an information di...
File: ibm_domino_swg21693142.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-294.nasl - Type: ACT_GATHER_INFO
2016-02-25 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3489.nasl - Type: ACT_GATHER_INFO
2016-01-25 Name: The remote Debian host is missing a security update.
File: debian_DLA-400.nasl - Type: ACT_GATHER_INFO
2015-12-11 Name: The remote multi-function device is affected by multiple vulnerabilities.
File: xerox_xrx15ad_colorqube.nasl - Type: ACT_GATHER_INFO
2015-12-11 Name: The remote multi-function device is affected by multiple vulnerabilities.
File: xerox_xrx15aj.nasl - Type: ACT_GATHER_INFO
2015-12-11 Name: The remote multi-function device is affected by multiple vulnerabilities.
File: xerox_xrx15am.nasl - Type: ACT_GATHER_INFO
2015-11-20 Name: The remote host is running a remote management application that is affected b...
File: solarwinds_dameware_mini_remote_control_v12_0_hotfix_2.nasl - Type: ACT_GATHER_INFO
2015-10-16 Name: The remote Fedora host is missing a security update.
File: fedora_2015-9090.nasl - Type: ACT_GATHER_INFO
2015-10-16 Name: The remote Fedora host is missing a security update.
File: fedora_2015-9110.nasl - Type: ACT_GATHER_INFO
2015-10-02 Name: The remote Mac OS X host has an application installed that is affected by mul...
File: macosx_xcode_7_0.nasl - Type: ACT_GATHER_INFO
2015-08-03 Name: The remote web server is affected by multiple vulnerabilities.
File: hpsmh_7_4_1.nasl - Type: ACT_GATHER_INFO