2.6 - CVE-2014-0591

Executive Summary

Informations
Name	CVE-2014-0591	First vendor Publication	2014-01-13
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:N/I:N/A:P)
Cvss Base Score	2.6	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	High
Cvss Expoit Score	4.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:21748

Oval ID:	oval:org.mitre.oval:def:21748
Title:	RHSA-2014:0043: bind security update (Moderate)
Description:	The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0043-00 CESA-2014:0043 CVE-2014-0591	Version:	6
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	bind
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section bind-utils is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-devel is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-chroot is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-libs is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-sdb is earlier than 32:9.8.2-0.23.rc1.el6_5.1

Definition Id: oval:org.mitre.oval:def:21969

Oval ID:	oval:org.mitre.oval:def:21969
Title:	HP-UX Running BIND, Remote Denial of Service (DoS)
Description:	The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-0591	Version:	8
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
HP-UX B.11.31 AND filesets test NameService.BIND-AUX version is less than C.9.7.3.4.0 AND NameService.BIND-RUN version is less than C.9.7.3.4.0

Definition Id: oval:org.mitre.oval:def:22439

Oval ID:	oval:org.mitre.oval:def:22439
Title:	USN-2081-1 -- bind9 vulnerability
Description:	Bind could be made to crash if it received specially crafted network traffic.
Family:	unix	Class:	patch
Reference(s):	USN-2081-1 CVE-2014-0591	Version:	5
Platform(s):	Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	bind9
Definition Synopsis:
Ubuntu 13.10 release section Ubuntu 13.10 is installed AND bind9 DPKG is earlier than 1:9.9.3.dfsg.P2-4ubuntu1.1 AND Ubuntu 13.04 release section Ubuntu 13.04 is installed AND bind9 DPKG is earlier than 1:9.9.2.dfsg.P1-2ubuntu2.2 AND Ubuntu 12.10 release section Ubuntu 12.10 is installed AND bind9 DPKG is earlier than 1:9.8.1.dfsg.P1-4.2ubuntu3.4 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND bind9 DPKG is earlier than 1:9.8.1.dfsg.P1-4ubuntu0.8 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND bind9 DPKG is earlier than 1:9.7.0.dfsg.P1-1ubuntu0.11

Definition Id: oval:org.mitre.oval:def:24134

Oval ID:	oval:org.mitre.oval:def:24134
Title:	ELSA-2014:0043: bind security update (Moderate)
Description:	The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0043-00 CVE-2014-0591	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	bind
Definition Synopsis:
Oracle Linux 6.x rpm test bind-utils is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-devel is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-chroot is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-libs is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-sdb is earlier than 32:9.8.2-0.23.rc1.el6_5.1

Definition Id: oval:org.mitre.oval:def:25596

Oval ID:	oval:org.mitre.oval:def:25596
Title:	SUSE-SU-2014:0179-1 -- Security update for bind
Description:	This update fixes a DoS vulnerability in bind when handling malformed NSEC3-signed zones. CVE-2014-0591 has been assigned to this issue.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0179-1 CVE-2014-0591	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	bind
Definition Synopsis:
SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section bind RPM is earlier than 0:9.9.4P2-0.6.1 AND bind-chrootenv RPM is earlier than 0:9.9.4P2-0.6.1 AND bind-doc RPM is earlier than 0:9.9.4P2-0.6.1 AND SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section bind-libs RPM is earlier than 0:9.9.4P2-0.6.1 AND bind-utils RPM is earlier than 0:9.9.4P2-0.6.1 AND bind-libs-32bit RPM is earlier than 0:9.9.4P2-0.6.1

Definition Id: oval:org.mitre.oval:def:26030

Oval ID:	oval:org.mitre.oval:def:26030
Title:	RHSA-2014:1244: bind97 security and bug fix update (Moderate)
Description:	The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. It contains a DNS server (named), a resolver library with routines for applications to use when interfacing with DNS, and tools for verifying that the DNS server is operating correctly. These packages contain version 9.7 of the BIND suite. A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash. (CVE-2014-0591) Note: The CVE-2014-0591 issue does not directly affect the version of bind97 shipped in Red Hat Enterprise Linux 5. This issue is being addressed however to assure it is not introduced in future builds of bind97 (possibly built with a different compiler or C library optimization).
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1244-00 CVE-2014-0591 CESA-2014:1244	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	bind97
Definition Synopsis:
Red Hat Enterprise Linux 5 and CentOS Linux 5 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages match section bind97 is earlier than 32:9.7.0-21.P2.el5 AND bind97-chroot is earlier than 32:9.7.0-21.P2.el5 AND bind97-devel is earlier than 32:9.7.0-21.P2.el5 AND bind97-libs is earlier than 32:9.7.0-21.P2.el5 AND bind97-utils is earlier than 32:9.7.0-21.P2.el5 AND Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 AND bind97-debuginfo is earlier than 32:9.7.0-21.P2.el5

Definition Id: oval:org.mitre.oval:def:26656

Oval ID:	oval:org.mitre.oval:def:26656
Title:	DSA-3023-1 bind9 - security update
Description:	Jared Mauch reported a denial of service flaw in the way BIND, a DNS server, handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash.
Family:	unix	Class:	patch
Reference(s):	DSA-3023-1 CVE-2014-0591	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	bind9
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND bind9 DPKG is earlier than 1:9.8.4.dfsg.P1-6+nmu2+deb7u2

Definition Id: oval:org.mitre.oval:def:27131

Oval ID:	oval:org.mitre.oval:def:27131
Title:	DEPRECATED: ELSA-2014-0043 -- bind security update (moderate)
Description:	[32:9.8.2-0.23.rc1.1] - Fix CVE-2014-0591 [32:9.8.2-0.23.rc1] - Fix gssapictx memory leak (#911167) [32:9.8.2-0.22.rc1] - fix CVE-2013-4854 [32:9.8.2-0.21.rc1] - fix CVE-2013-2266 - ship dns/rrl.h in -devel subpkg [32:9.8.2-0.20.rc1] - remove one bogus file from /usr/share/doc, introduced by RRL patch [32:9.8.2-0.19.rc1] - fix CVE-2012-5689 [32:9.8.2-0.18.rc1] - add response rate limit patch (#873624)
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0043 CVE-2014-0591	Version:	5
Platform(s):	Oracle Linux 6	Product(s):	bind
Definition Synopsis:
Oracle Linux 6.x Packages match section bind is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-chroot is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-devel is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-libs is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-sdb is earlier than 32:9.8.2-0.23.rc1.el6_5.1 AND bind-utils is earlier than 32:9.8.2-0.23.rc1.el6_5.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Isc Bind cpe:2.3:a:isc:bind:9.9.4:::::::* cpe:2.3:a:isc:bind:9.9.4:p1:::::: cpe:2.3:a:isc:bind:9.9.4:rc1:::::: cpe:2.3:a:isc:bind:9.9.4:rc2:::::: cpe:2.3:a:isc:bind:9.8.6:p1:::-:::* cpe:2.3:a:isc:bind:9.8.6:rc2:::-:::* cpe:2.3:a:isc:bind:9.8.6:rc1:::-:::* cpe:2.3:a:isc:bind:9.8.6:::::::* cpe:2.3:a:isc:bind:9.8.6:b1:::-:::* cpe:2.3:a:isc:bind:9.8.5:p1:::-:::* cpe:2.3:a:isc:bind:9.8.5::::-::: cpe:2.3:a:isc:bind:9.8.5:b2:::-:::* cpe:2.3:a:isc:bind:9.8.5:rc1:::-:::* cpe:2.3:a:isc:bind:9.8.5:rc2:::-:::* cpe:2.3:a:isc:bind:9.8.5:p2:::-:::* cpe:2.3:a:isc:bind:9.8.5:b1:::-:::* cpe:2.3:a:isc:bind:9.8.4::::-::: cpe:2.3:a:isc:bind:9.8.3:p1:::-:::* cpe:2.3:a:isc:bind:9.8.3:p2:::-:::* cpe:2.3:a:isc:bind:9.8.3::::-::: cpe:2.3:a:isc:bind:9.8.2:rc1:::-:::* cpe:2.3:a:isc:bind:9.8.2:rc2:::-:::* cpe:2.3:a:isc:bind:9.8.2:b1:::-:::* cpe:2.3:a:isc:bind:9.8.1:b3:::-:::* cpe:2.3:a:isc:bind:9.8.1:b1:::-:::* cpe:2.3:a:isc:bind:9.8.1::::-::: cpe:2.3:a:isc:bind:9.8.1:rc1:::-:::* cpe:2.3:a:isc:bind:9.8.1:b2:::-:::* cpe:2.3:a:isc:bind:9.8.1:p1:::-:::* cpe:2.3:a:isc:bind:9.8.0:rc1:::-:::* cpe:2.3:a:isc:bind:9.8.0:p4:::-:::* cpe:2.3:a:isc:bind:9.8.0:a1:::-:::* cpe:2.3:a:isc:bind:9.8.0:b1:::-:::* cpe:2.3:a:isc:bind:9.8.0:p2:::-:::* cpe:2.3:a:isc:bind:9.8.0:p1:::-:::* cpe:2.3:a:isc:bind:9.8.0::::-::: cpe:2.3:a:isc:bind:9.7.7::::-::: cpe:2.3:a:isc:bind:9.7.6:p1:::-:::* cpe:2.3:a:isc:bind:9.7.6::::-::: cpe:2.3:a:isc:bind:9.7.6:p2:::-:::* cpe:2.3:a:isc:bind:9.7.5:b1:::-:::* cpe:2.3:a:isc:bind:9.7.5:rc1:::-:::* cpe:2.3:a:isc:bind:9.7.5:rc2:::-:::* cpe:2.3:a:isc:bind:9.7.5::::-::: cpe:2.3:a:isc:bind:9.7.4:b1:::-:::* cpe:2.3:a:isc:bind:9.7.4:p1:::-:::* cpe:2.3:a:isc:bind:9.7.4:rc1:::-:::* cpe:2.3:a:isc:bind:9.7.4::::-::: cpe:2.3:a:isc:bind:9.7.3::::-::: cpe:2.3:a:isc:bind:9.7.3:rc1:::-:::* cpe:2.3:a:isc:bind:9.7.3:p1:::-:::* cpe:2.3:a:isc:bind:9.7.3:b1:::-:::* cpe:2.3:a:isc:bind:9.7.2:p1:::-:::* cpe:2.3:a:isc:bind:9.7.2:p2:::-:::* cpe:2.3:a:isc:bind:9.7.2:p3:::-:::* cpe:2.3:a:isc:bind:9.7.2:rc1:::-:::* cpe:2.3:a:isc:bind:9.7.2::::-::: cpe:2.3:a:isc:bind:9.7.1::::-::: cpe:2.3:a:isc:bind:9.7.1:p2:::-:::* cpe:2.3:a:isc:bind:9.7.1:p1:::-:::* cpe:2.3:a:isc:bind:9.7.1:rc1:::-:::* cpe:2.3:a:isc:bind:9.7.0:p2:::-:::* cpe:2.3:a:isc:bind:9.7.0:b1:::-:::* cpe:2.3:a:isc:bind:9.7.0::::-::: cpe:2.3:a:isc:bind:9.7.0:p1:::-:::* cpe:2.3:a:isc:bind:9.7.0:rc1:::-:::* cpe:2.3:a:isc:bind:9.7.0:rc2:::-:::* cpe:2.3:a:isc:bind:9.6.3::::-::: cpe:2.3:a:isc:bind:9.6.3:rc1:::-:::* cpe:2.3:a:isc:bind:9.6.2:rc1:::-:::* cpe:2.3:a:isc:bind:9.6.2::::-::: cpe:2.3:a:isc:bind:9.6.1:p3:::-:::* cpe:2.3:a:isc:bind:9.6.1:rc1:::-:::* cpe:2.3:a:isc:bind:9.6.1:p2:::-:::* cpe:2.3:a:isc:bind:9.6.1:p1:::-:::* cpe:2.3:a:isc:bind:9.6.1::::-::: cpe:2.3:a:isc:bind:9.6.0:p1:::-:::* cpe:2.3:a:isc:bind:9.6.0:rc2:::-:::* cpe:2.3:a:isc:bind:9.6.0:rc1:::-:::* cpe:2.3:a:isc:bind:9.6.0::::-::: cpe:2.3:a:isc:bind:9.6:::::::* cpe:2.3:a:isc:bind:9.6:r5_p1:::::: cpe:2.3:a:isc:bind:9.6:r6_b1:::::: cpe:2.3:a:isc:bind:9.6:r6_rc1:::::: cpe:2.3:a:isc:bind:9.6:r6_rc2:::::: cpe:2.3:a:isc:bind:9.6:r7_p1:::::: cpe:2.3:a:isc:bind:9.6:r7_p2:::::: cpe:2.3:a:isc:bind:9.6:r9_p1::::::	88

Information Assurance Vulnerability Management (IAVM)

Date	Description
2014-06-19	IAVM : 2014-A-0086 - Multiple Vulnerabilities in ISC BIND Severity : Category I - VMSKEY : V0052635

Nessus® Vulnerability Scanner

Date	Description
2017-04-21	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-48.nasl - Type : ACT_GATHER_INFO
2014-12-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2014-0084.nasl - Type : ACT_GATHER_INFO
2014-10-21	Name : The remote host is missing a security update for OS X Server. File : macosx_server_4_0.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140916_bind97_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-10-01	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1244.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1244.nasl - Type : ACT_GATHER_INFO
2014-09-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1244.nasl - Type : ACT_GATHER_INFO
2014-09-12	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3023.nasl - Type : ACT_GATHER_INFO
2014-06-25	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-175-01.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-110.nasl - Type : ACT_GATHER_INFO
2014-02-05	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-287.nasl - Type : ACT_GATHER_INFO
2014-02-01	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_bind-140127.nasl - Type : ACT_GATHER_INFO
2014-01-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-34.nasl - Type : ACT_GATHER_INFO
2014-01-29	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-028-01.nasl - Type : ACT_GATHER_INFO
2014-01-22	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140120_bind_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-01-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0043.nasl - Type : ACT_GATHER_INFO
2014-01-21	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0043.nasl - Type : ACT_GATHER_INFO
2014-01-21	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0043.nasl - Type : ACT_GATHER_INFO
2014-01-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-002.nasl - Type : ACT_GATHER_INFO
2014-01-20	Name : The remote Fedora host is missing a security update. File : fedora_2014-0858.nasl - Type : ACT_GATHER_INFO
2014-01-20	Name : The remote Fedora host is missing a security update. File : fedora_2014-0811.nasl - Type : ACT_GATHER_INFO
2014-01-14	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2081-1.nasl - Type : ACT_GATHER_INFO
2014-01-14	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_cb252f017c4311e3b0a6005056a37f68.nasl - Type : ACT_GATHER_INFO
2014-01-14	Name : The remote name server may be affected by a denial of service vulnerability. File : bind9_994_p2.nasl - Type : ACT_GATHER_INFO
2007-06-18	Name : The remote host is missing Sun Security Patch number 119783-40 File : solaris10_119783.nasl - Type : ACT_GATHER_INFO
2007-06-18	Name : The remote host is missing Sun Security Patch number 119784-40 File : solaris10_x86_119784.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
http://linux.oracle.com/errata/ELSA-2014-1244
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126761...
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126772...
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html
http://lists.opensuse.org/opensuse-updates/2014-02/msg00016.html
http://lists.opensuse.org/opensuse-updates/2014-02/msg00019.html
http://marc.info/?l=bugtraq&m=138995561732658&w=2
http://marc.info/?l=bugtraq&m=138995561732658&w=2
http://osvdb.org/101973
http://rhn.redhat.com/errata/RHSA-2014-0043.html
http://secunia.com/advisories/56425
http://secunia.com/advisories/56427
http://secunia.com/advisories/56442
http://secunia.com/advisories/56493
http://secunia.com/advisories/56522
http://secunia.com/advisories/56574
http://secunia.com/advisories/56871
http://secunia.com/advisories/61117
http://secunia.com/advisories/61199
http://secunia.com/advisories/61343
http://www.debian.org/security/2014/dsa-3023
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:04.bind.asc
http://www.mandriva.com/security/advisories?name=MDVSA-2014:002
http://www.securityfocus.com/bid/64801
http://www.securitytracker.com/id/1029589
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&...
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&...
http://www.ubuntu.com/usn/USN-2081-1
https://bugzilla.redhat.com/show_bug.cgi?id=1051717
https://kb.isc.org/article/AA-01078
https://kb.isc.org/article/AA-01085
https://support.apple.com/kb/HT6536

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 12:38:47	Multiple Updates
2024-08-02 12:26:47	Multiple Updates
2024-08-02 01:08:01	Multiple Updates
2024-02-02 01:26:02	Multiple Updates
2024-02-01 12:07:43	Multiple Updates
2023-09-05 12:24:38	Multiple Updates
2023-09-05 01:07:37	Multiple Updates
2023-09-02 12:24:37	Multiple Updates
2023-09-02 01:07:43	Multiple Updates
2023-08-12 12:26:51	Multiple Updates
2023-08-12 01:07:14	Multiple Updates
2023-08-11 12:22:45	Multiple Updates
2023-08-11 01:07:24	Multiple Updates
2023-08-06 12:22:08	Multiple Updates
2023-08-06 01:07:12	Multiple Updates
2023-08-04 12:22:10	Multiple Updates
2023-08-04 01:07:16	Multiple Updates
2023-07-14 12:22:08	Multiple Updates
2023-07-14 01:07:15	Multiple Updates
2023-03-29 01:24:04	Multiple Updates
2023-03-28 12:07:36	Multiple Updates
2022-10-11 12:19:58	Multiple Updates
2022-10-11 01:07:24	Multiple Updates
2021-05-04 12:29:35	Multiple Updates
2021-04-22 01:35:54	Multiple Updates
2020-05-23 00:39:37	Multiple Updates
2018-10-31 00:20:36	Multiple Updates
2018-01-03 09:21:55	Multiple Updates
2017-04-22 13:25:52	Multiple Updates
2017-01-07 09:25:19	Multiple Updates
2016-06-28 22:32:19	Multiple Updates
2016-04-27 00:08:11	Multiple Updates
2015-03-27 13:28:05	Multiple Updates
2015-03-21 00:25:28	Multiple Updates
2015-03-20 00:25:20	Multiple Updates
2015-03-18 09:26:26	Multiple Updates
2014-12-27 13:25:02	Multiple Updates
2014-11-21 21:23:09	Multiple Updates
2014-11-19 21:24:12	Multiple Updates
2014-11-19 05:33:20	Multiple Updates
2014-11-14 13:27:28	Multiple Updates
2014-10-24 13:26:13	Multiple Updates
2014-10-22 13:25:43	Multiple Updates
2014-10-16 13:25:17	Multiple Updates
2014-10-02 13:27:13	Multiple Updates
2014-09-19 13:27:34	Multiple Updates
2014-09-17 13:25:45	Multiple Updates
2014-09-13 13:43:04	Multiple Updates
2014-07-17 09:22:27	Multiple Updates
2014-06-26 13:26:04	Multiple Updates
2014-06-20 17:23:23	Multiple Updates
2014-06-14 13:36:59	Multiple Updates
2014-02-21 13:23:27	Multiple Updates
2014-02-17 11:25:04	Multiple Updates
2014-02-12 13:23:27	Multiple Updates
2014-01-31 13:19:29	Multiple Updates
2014-01-30 13:20:59	Multiple Updates
2014-01-24 13:19:48	Multiple Updates
2014-01-23 21:21:42	Multiple Updates
2014-01-17 13:20:41	Multiple Updates
2014-01-15 21:22:44	Multiple Updates
2014-01-14 13:21:07	First insertion

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	8
CPE ID(s)	88
Sources(s)	33
IAVM(s)	1
Nessus® Exploit(s)	27

	Related
7.8	GLSA-201401-34
2.6	USN-2081-1
2.6	RHSA-2014:1244
2.6	RHSA-2014:0043
2.6	MDVSA-2014:002
2.6	HPSBUX02961 SSR...
2.6	DSA-3023
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 7 more Alert(s)

2.6 - CVE-2014-0591

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU