Summary
| Detail | |||
|---|---|---|---|
| Vendor | Apple | First view | 2002-11-04 |
| Product | Mac Os X Server | Last view | 2017-04-13 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2017-04-13 | CVE-2010-1821 | Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges. |
| 7.8 | 2017-04-13 | CVE-2010-1816 | Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image. |
| 5.3 | 2016-03-23 | CVE-2016-1787 | Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors. |
| 7.5 | 2016-03-23 | CVE-2016-1777 | Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. |
| 5.3 | 2016-03-23 | CVE-2016-1776 | Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DS_Store and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request. |
| 5.3 | 2016-03-23 | CVE-2016-1774 | The Time Machine server in Server App in Apple OS X Server before 5.1 does not notify the user about ignored permissions during a backup, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading backup data that lacks intended restrictions. |
| 5 | 2015-10-23 | CVE-2015-7031 | The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP header configuration, which allows remote attackers to bypass intended access restrictions via unknown vectors. |
| 10 | 2015-09-18 | CVE-2015-5911 | Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document. |
| 7.1 | 2015-09-04 | CVE-2015-5986 | openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response. |
| 7.8 | 2015-09-04 | CVE-2015-5722 | buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. |
| 4.3 | 2015-07-20 | CVE-2015-3185 | The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging the presence of a module that relies on the 2.2 API behavior. |
| 5 | 2015-07-20 | CVE-2015-0253 | The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI. |
| 4.3 | 2015-05-28 | CVE-2015-3165 | Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence. |
| 5 | 2015-03-07 | CVE-2015-0228 | The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. |
| 6.8 | 2014-09-19 | CVE-2014-4350 | Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIDI file. |
| 6.8 | 2014-09-19 | CVE-2014-1391 | QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding. |
| 7.5 | 2014-07-01 | CVE-2014-1371 | Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message. |
| 6.8 | 2014-07-01 | CVE-2014-1370 | The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archive. |
| 4.3 | 2014-04-23 | CVE-2014-1296 | CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction. |
| 5 | 2014-04-15 | CVE-2013-5704 | The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." |
| 4.6 | 2014-03-31 | CVE-2014-0067 | The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster. |
| 6.8 | 2014-02-26 | CVE-2014-1270 | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269. |
| 6.8 | 2014-02-26 | CVE-2014-1269 | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270. |
| 6.8 | 2014-02-26 | CVE-2014-1268 | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270. |
| 4.6 | 2014-02-26 | CVE-2014-1265 | The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 26% (118) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 13% (61) | CWE-264 | Permissions, Privileges, and Access Controls |
| 8% (38) | CWE-189 | Numeric Errors |
| 7% (32) | CWE-20 | Improper Input Validation |
| 6% (29) | CWE-399 | Resource Management Errors |
| 6% (28) | CWE-200 | Information Exposure |
| 3% (16) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 3% (14) | CWE-287 | Improper Authentication |
| 2% (12) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 2% (11) | CWE-310 | Cryptographic Issues |
| 2% (9) | CWE-362 | Race Condition |
| 2% (9) | CWE-255 | Credentials Management |
| 2% (9) | CWE-134 | Uncontrolled Format String |
| 1% (7) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 1% (7) | CWE-16 | Configuration |
| 0% (4) | CWE-416 | Use After Free |
| 0% (4) | CWE-190 | Integer Overflow or Wraparound |
| 0% (3) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 0% (2) | CWE-787 | Out-of-bounds Write |
| 0% (2) | CWE-476 | NULL Pointer Dereference |
| 0% (2) | CWE-415 | Double Free |
| 0% (2) | CWE-295 | Certificate Issues |
| 0% (2) | CWE-284 | Access Control (Authorization) Issues |
| 0% (2) | CWE-252 | Unchecked Return Value |
| 0% (2) | CWE-131 | Incorrect Calculation of Buffer Size |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
| CAPEC-2 | Inducing Account Lockout |
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-17 | Accessing, Modifying or Executing Executable Files |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-19 | Embedding Scripts within Scripts |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-26 | Leveraging Race Conditions |
| CAPEC-28 | Fuzzing |
| CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
| CAPEC-30 | Hijacking a Privileged Thread of Execution |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-37 | Lifting Data Embedded in Client Distributions |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-46 | Overflow Variables and Tags |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:2248 | Sun RPC No Timeout Denial of Service on TCP Ports |
| oval:org.mitre.oval:def:1970 | Off-by-one Error in fb_realpath() |
| oval:org.mitre.oval:def:595 | Potential BO in Ruleset Parsing for Sendmail |
| oval:org.mitre.oval:def:3606 | Sendmail Ruleset Parsing Buffer Overflow |
| oval:org.mitre.oval:def:603 | Sendmail BO in prescan Function |
| oval:org.mitre.oval:def:572 | Sendmail BO in Prescan Function |
| oval:org.mitre.oval:def:2975 | Sendmail prescan function Buffer Overflow |
| oval:org.mitre.oval:def:9779 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to... |
| oval:org.mitre.oval:def:975 | Red Hat OpenSSL do_change_cipher_spec Function Denial of Service |
| oval:org.mitre.oval:def:870 | Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service |
| oval:org.mitre.oval:def:5770 | Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability |
| oval:org.mitre.oval:def:2621 | OpenSSL Denial of Service Vulnerabilities |
| oval:org.mitre.oval:def:902 | Red Hat OpenSSL Improper Unknown Message Handling Vulnerability |
| oval:org.mitre.oval:def:871 | Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability |
| oval:org.mitre.oval:def:11755 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w... |
| oval:org.mitre.oval:def:9580 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin... |
| oval:org.mitre.oval:def:928 | Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability |
| oval:org.mitre.oval:def:1049 | Red Hat OpenSSL Kerberos Handshake Vulnerability |
| oval:org.mitre.oval:def:8896 | Multiple vulnerabilities in the RLE (run length encoding) decoders for libtif... |
| oval:org.mitre.oval:def:100114 | libtiff RLE Decoder Buffer Overflow Vulnerabilities |
| oval:org.mitre.oval:def:10703 | OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and po... |
| oval:org.mitre.oval:def:9907 | Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attacker... |
| oval:org.mitre.oval:def:100116 | libtiff Malloc Error Denial of Service |
| oval:org.mitre.oval:def:10710 | CUPS 1.1.20 and earlier records authentication information for a device URI i... |
| oval:org.mitre.oval:def:11175 | Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for lib... |
SAINT Exploits
| Description | Link |
|---|---|
| Safari archive metadata command execution | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 76391 | Apple Safari WebKit Private Browsing Mode Cookie Block Bypass |
| 76390 | Apple Safari SSL Certificate Handling Unitialized Memory Access Remote Code E... |
| 76389 | Apple Safari file:// URL Handling Remote Code Execution |
| 76380 | Apple Mac OS X QuickTime FLIC File Handling Overflow |
| 76379 | Apple Mac OS X QuickTime FlashPix File Handling Overflow |
| 76378 | Apple Mac OS X QuickTime Movie File Atom Hierarchy Handling Remote Code Execu... |
| 76377 | Apple Mac OS X QuickTime Movie File URL Data Handlers Handling Memory Disclosure |
| 76376 | Apple Mac OS X SMB File Server nobody Guest User Access Restriction Bypass |
| 76375 | Apple Mac OS X User Documentation App Store Help Content MitM Weakness Remote... |
| 76373 | Apple Mac OS X QuickTime Save for Web Export MitM Weakness XSS |
| 76372 | Apple Mac OS X Multiple QuickTime Movie File Handling Memory Corruption |
| 76371 | Apple Mac OS X Open Directory LDAPv3 rFC2307 Mapping Authentication Bypass |
| 76370 | Apple Mac OS X Open Directory Access Control Weakness Password Manipulation |
| 76369 | Apple Mac OS X Open Directory Access Control Weakness Local Password Disclosure |
| 76368 | Apple Mac OS X MediaKit Multiple Disk Image Handling Memory Corruption |
| 76367 | Apple Mac OS X libsecurity Nonstandard Certificate Revocation Website / Email... |
| 76366 | Apple Mac OS X Kernel Sticky Bit Directory Arbitrary File Deletion |
| 76365 | Apple Mac OS X Kernel Firewall DMA Protection Weakness Password Disclosure |
| 76364 | Apple Mac OS X IOGraphics Apple Cinema Displays Screen Lock Bypass |
| 76363 | Apple Mac OS X File Systems WebDAV Volume Handling HTTPS Server Certificate W... |
| 76362 | Apple Mac OS X CoreStorage FileVault Encryption Weakness |
| 76361 | Apple Mac OS X CoreProcesses System Window Partial Locked Screen Bypass |
| 76360 | Apple Mac OS X CoreMedia Multiple QuickTime Movie File Handling Memory Corrup... |
| 76359 | Apple Mac OS X CFNetwork Cookie Policy Synchronization Cookie Block Bypass |
| 76358 | Apple Mac OS X ATS ATSFontDeactivate API Overflow |
ExploitDB Exploits
| id | Description |
|---|---|
| 25974 | Mac OSX Server DirectoryService Buffer Overflow |
| 25256 | Apple Mac OS X 10.3.x Multiple Vulnerabilities |
| 17986 | Apple Safari file:// Arbitrary Code Execution |
| 17901 | Mac OS X < 10.6.7 Kernel Panic Exploit |
| 15491 | Apple Directory Services Memory Corruption |
| 15035 | MOAUB #18 - Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability |
| 14869 | MOAUB #2 - Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulne... |
| 14422 | libpng <= 1.4.2 Denial of Service Vulnerability |
| 4013 | Mac OS X < 2007-005 (vpnd) Local Privilege Escalation Exploit |
OpenVAS Exploits
| id | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2534-1 (postgresql-8.4 - several vulnerabilities) File : nvt/deb_2534_1.nasl |
| 2012-10-03 | Name : Gentoo Security Advisory GLSA 201209-24 (PostgreSQL) File : nvt/glsa_201209_24.nasl |
| 2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-02 (tiff) File : nvt/glsa_201209_02.nasl |
| 2012-09-25 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004) File : nvt/gb_macosx_su12-004.nasl |
| 2012-09-17 | Name : CentOS Update for postgresql84 CESA-2012:1263 centos5 File : nvt/gb_CESA-2012_1263_postgresql84_centos5.nasl |
| 2012-09-17 | Name : CentOS Update for postgresql CESA-2012:1263 centos6 File : nvt/gb_CESA-2012_1263_postgresql_centos6.nasl |
| 2012-09-17 | Name : RedHat Update for postgresql and postgresql84 RHSA-2012:1263-01 File : nvt/gb_RHSA-2012_1263-01_postgresql_and_postgresql84.nasl |
| 2012-08-30 | Name : FreeBSD Ports: postgresql-server File : nvt/freebsd_postgresql-server2.nasl |
| 2012-08-30 | Name : Fedora Update for postgresql FEDORA-2012-12156 File : nvt/gb_fedora_2012_12156_postgresql_fc16.nasl |
| 2012-08-30 | Name : Fedora Update for postgresql FEDORA-2012-12165 File : nvt/gb_fedora_2012_12165_postgresql_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-1794 File : nvt/gb_fedora_2012_1794_thunderbird_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for xulrunner FEDORA-2012-1800 File : nvt/gb_fedora_2012_1800_xulrunner_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libpng FEDORA-2012-1892 File : nvt/gb_fedora_2012_1892_libpng_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libpng10 FEDORA-2012-2003 File : nvt/gb_fedora_2012_2003_libpng10_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-4910 File : nvt/gb_fedora_2012_4910_thunderbird_fc17.nasl |
| 2012-08-21 | Name : Mandriva Update for postgresql MDVSA-2012:139 (postgresql) File : nvt/gb_mandriva_MDVSA_2012_139.nasl |
| 2012-08-21 | Name : Ubuntu Update for postgresql-9.1 USN-1542-1 File : nvt/gb_ubuntu_USN_1542_1.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-15 (libpng) File : nvt/glsa_201206_15.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201207-10 (cups) File : nvt/glsa_201207_10.nasl |
| 2012-08-03 | Name : Mandriva Update for mozilla MDVSA-2012:022 (mozilla) File : nvt/gb_mandriva_MDVSA_2012_022_firefox.nasl |
| 2012-08-02 | Name : SuSE Update for mozilla-xulrunner192 openSUSE-SU-2012:0297-1 (mozilla-xulrunn... File : nvt/gb_suse_2012_0297_1.nasl |
| 2012-08-02 | Name : SuSE Update for libpng12 openSUSE-SU-2012:0316-1 (libpng12) File : nvt/gb_suse_2012_0316_1.nasl |
| 2012-07-30 | Name : CentOS Update for irb CESA-2011:0908 centos4 x86_64 File : nvt/gb_CESA-2011_0908_irb_centos4_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for ruby CESA-2011:0909 centos5 x86_64 File : nvt/gb_CESA-2011_0909_ruby_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for squirrelmail CESA-2012:0103 centos4 File : nvt/gb_CESA-2012_0103_squirrelmail_centos4.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0208 | Multiple Vulnerabilities in ISC BIND Severity: Category I - VMSKEY: V0061377 |
| 2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
| 2015-A-0174 | Multiple Vulnerabilities in Apache HTTP Server Severity: Category I - VMSKEY: V0061135 |
| 2015-B-0068 | Multiple Vulnerabilities in PostgreSQL Severity: Category I - VMSKEY: V0060809 |
| 2014-A-0091 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0052905 |
| 2014-B-0048 | Multiple Security Vulnerabilities in Apple iOS Severity: Category I - VMSKEY: V0050015 |
| 2014-A-0059 | Apple Mac OS X Security Update 2014-002 Severity: Category I - VMSKEY: V0049741 |
| 2014-B-0024 | Multiple Security Vulnerabilities in Apple iOS Severity: Category I - VMSKEY: V0046157 |
| 2014-B-0022 | Multiple Vulnerabilities in PostgreSQL Severity: Category I - VMSKEY: V0044531 |
| 2014-A-0030 | Apple Mac OS X Security Update 2014-001 Severity: Category I - VMSKEY: V0044547 |
| 2012-A-0136 | Multiple Vulnerabilities in Juniper Network Management Products Severity: Category I - VMSKEY: V0033662 |
| 2009-T-0049 | Multiple Vulnerabilities in libxml2 Severity: Category I - VMSKEY: V0019911 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Office GIF image descriptor memory corruption attempt RuleID : 8414 - Type : FILE-OFFICE - Revision : 16 |
| 2014-01-10 | RCPT TO overflow RuleID : 654-community - Type : SERVER-MAIL - Revision : 28 |
| 2014-01-10 | RCPT TO overflow RuleID : 654 - Type : SERVER-MAIL - Revision : 28 |
| 2014-01-10 | Apple Safari x-unix-mode executable mail attachment RuleID : 5714 - Type : BROWSER-WEBKIT - Revision : 13 |
| 2021-01-12 | file URI redirect attempt RuleID : 56580 - Type : POLICY-OTHER - Revision : 1 |
| 2020-11-19 | Apple Safari Webkit attribute child removal code execution attempt RuleID : 56042 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-12-24 | Mutiple products libpng extra row heap overflow attempt RuleID : 52307 - Type : FILE-IMAGE - Revision : 1 |
| 2019-12-24 | Mutiple products libpng extra row heap overflow attempt RuleID : 52306 - Type : FILE-IMAGE - Revision : 1 |
| 2019-08-31 | Apple DMG ffs_mountfs integer overflow exploit attempt RuleID : 50853 - Type : FILE-OTHER - Revision : 1 |
| 2019-08-31 | Apple DMG ffs_mountfs integer overflow exploit attempt RuleID : 50852 - Type : FILE-OTHER - Revision : 1 |
| 2018-07-31 | Apple QuickTime MPEG stream padding buffer overflow attempt RuleID : 47033 - Type : FILE-MULTIMEDIA - Revision : 3 |
| 2018-07-31 | Apple QuickTime MPEG stream padding buffer overflow attempt RuleID : 47032 - Type : FILE-MULTIMEDIA - Revision : 3 |
| 2016-03-14 | ISC BIND zero length OPENPGPKEY rdata response attempt RuleID : 36130 - Type : PROTOCOL-DNS - Revision : 4 |
| 2015-10-20 | ISC BIND DNSSEC response unsupported cryptographic algorithm attempt RuleID : 36056 - Type : PROTOCOL-DNS - Revision : 2 |
| 2015-10-20 | ISC BIND DNSSEC response unsupported DNSKEY cryptographic algorithm attempt RuleID : 36055 - Type : PROTOCOL-DNS - Revision : 3 |
| 2014-03-08 | Apple Safari Webkit attribute child removal code execution attempt RuleID : 29623 - Type : BROWSER-WEBKIT - Revision : 3 |
| 2014-01-10 | CUPS IPP multi-valued attribute memory corruption attempt RuleID : 26972 - Type : SERVER-OTHER - Revision : 4 |
| 2014-01-10 | AFP FPLoginExt username buffer overflow attempt RuleID : 2545-community - Type : SERVER-OTHER - Revision : 7 |
| 2014-01-10 | AFP FPLoginExt username buffer overflow attempt RuleID : 2545 - Type : SERVER-OTHER - Revision : 7 |
| 2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 25066 - Type : FILE-IMAGE - Revision : 4 |
| 2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 25065 - Type : FILE-IMAGE - Revision : 5 |
| 2014-01-10 | RETR overflow attempt RuleID : 2392-community - Type : PROTOCOL-FTP - Revision : 22 |
| 2014-01-10 | RETR overflow attempt RuleID : 2392 - Type : PROTOCOL-FTP - Revision : 22 |
| 2014-01-10 | APPE overflow attempt RuleID : 2391-community - Type : PROTOCOL-FTP - Revision : 17 |
| 2014-01-10 | APPE overflow attempt RuleID : 2391 - Type : PROTOCOL-FTP - Revision : 17 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-10-18 | Name: The remote host is missing a macOS update that fixes multiple security vulner... File: macos_10_14.nasl - Type: ACT_GATHER_INFO |
| 2018-09-18 | Name: The remote Apple TV device is affected by multiple vulnerabilities. File: appletv_12.nasl - Type: ACT_GATHER_INFO |
| 2017-09-15 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-2709.nasl - Type: ACT_GATHER_INFO |
| 2017-09-15 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-2710.nasl - Type: ACT_GATHER_INFO |
| 2017-04-21 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2017-0066.nasl - Type: ACT_GATHER_INFO |
| 2017-03-01 | Name: The remote Debian host is missing a security update. File: debian_DLA-841.nasl - Type: ACT_GATHER_INFO |
| 2016-12-16 | Name: The remote host is missing a macOS update that fixes multiple security vulner... File: macos_10_12_2.nasl - Type: ACT_GATHER_INFO |
| 2016-06-22 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2016-0055.nasl - Type: ACT_GATHER_INFO |
| 2016-05-31 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL16863.nasl - Type: ACT_GATHER_INFO |
| 2016-03-08 | Name: The remote VMware ESX host is missing a security-related patch. File: vmware_VMSA-2010-0006_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-04 | Name: The remote VMware ESX host is missing a security-related patch. File: vmware_VMSA-2011-0001_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0016_remote.nasl - Type: ACT_GATHER_INFO |
| 2016-02-29 | Name: The remote AIX host is missing a vendor-supplied security patch. File: aix_U867672.nasl - Type: ACT_GATHER_INFO |
| 2016-02-18 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL17181.nasl - Type: ACT_GATHER_INFO |
| 2016-01-29 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2016-0078.nasl - Type: ACT_GATHER_INFO |
| 2016-01-29 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2016-0079.nasl - Type: ACT_GATHER_INFO |
| 2016-01-28 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL6736.nasl - Type: ACT_GATHER_INFO |
| 2016-01-26 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-0227-1.nasl - Type: ACT_GATHER_INFO |
| 2016-01-22 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2016-0061.nasl - Type: ACT_GATHER_INFO |
| 2015-12-17 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-2659.nasl - Type: ACT_GATHER_INFO |
| 2015-12-17 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-2660.nasl - Type: ACT_GATHER_INFO |
| 2015-12-04 | Name: The remote AIX host is missing a vendor-supplied security patch. File: aix_U861500.nasl - Type: ACT_GATHER_INFO |
| 2015-11-06 | Name: The remote AIX host is missing a security patch. File: aix_IV78091.nasl - Type: ACT_GATHER_INFO |
| 2015-11-06 | Name: The remote AIX host is missing a security patch. File: aix_IV78092.nasl - Type: ACT_GATHER_INFO |
| 2015-11-06 | Name: The remote AIX host is missing a security patch. File: aix_IV78094.nasl - Type: ACT_GATHER_INFO |
