Executive Summary
Summary | |
---|---|
Title | Multiple packages, Multiple vulnerabilities fixed in 2011 |
Informations | |||
---|---|---|---|
Name | GLSA-201412-09 | First vendor Publication | 2014-12-11 |
Vendor | Gentoo | Last vendor Modification | 2014-12-11 |
Severity (Vendor) | High | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2012. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information. Background Description * FMOD Studio Impact Workaround Resolution All PEAR Mail users should upgrade to the latest version: All LVM2 users should upgrade to the latest version: All GnuCash users should upgrade to the latest version: All xine-lib users should upgrade to the latest version: All Last.fm Scrobbler users should upgrade to the latest version: All WebKitGTK+ users should upgrade to the latest version: All shadow tool suite users should upgrade to the latest version: All PEAR users should upgrade to the latest version: All unixODBC users should upgrade to the latest version: All Resource Agents users should upgrade to the latest version: All mrouted users should upgrade to the latest version: All rsync users should upgrade to the latest version: All XML Security Library users should upgrade to the latest version: All xrdb users should upgrade to the latest version: All Vino users should upgrade to the latest version: All OProfile users should upgrade to the latest version: All syslog-ng users should upgrade to the latest version: All sFlow Toolkit users should upgrade to the latest version: All GNOME Display Manager users should upgrade to the latest version: All libsoup users should upgrade to the latest version: All CA Certificates users should upgrade to the latest version: All Gitolite users should upgrade to the latest version: All QtCreator users should upgrade to the latest version: Gentoo has discontinued support for Racer. We recommend that users unmerge Racer: NOTE: This is a legacy GLSA. Updates for all affected architectures have been available since 2012. It is likely that your system is already no longer affected by these issues. References Availability http://security.gentoo.org/glsa/glsa-201412-09.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201412-09.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
25 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
15 % | CWE-20 | Improper Input Validation |
11 % | CWE-399 | Resource Management Errors |
9 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
8 % | CWE-416 | Use After Free |
6 % | CWE-264 | Permissions, Privileges, and Access Controls |
6 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
6 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
4 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
2 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
2 % | CWE-704 | Incorrect Type Conversion or Cast |
2 % | CWE-287 | Improper Authentication |
2 % | CWE-200 | Information Exposure |
2 % | CWE-125 | Out-of-bounds Read |
2 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10964 | |||
Oval ID: | oval:org.mitre.oval:def:10964 | ||
Title: | use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 | ||
Description: | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to element focus. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1780 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11221 | |||
Oval ID: | oval:org.mitre.oval:def:11221 | ||
Title: | Google Chrome Image Read Access Restriction Same Origin Policy Bypass Remote Information Disclosure | ||
Description: | WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3259 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11475 | |||
Oval ID: | oval:org.mitre.oval:def:11475 | ||
Title: | Use-after-free vulnerability in Google Chrome before 8.0.552.215 via vectors involving SVG animations | ||
Description: | Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4492 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11689 | |||
Oval ID: | oval:org.mitre.oval:def:11689 | ||
Title: | Integer overflow vulnerability in WebKit in Apple Safari before 5.0.3 versions | ||
Description: | Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3812 | Version: | 10 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11736 | |||
Oval ID: | oval:org.mitre.oval:def:11736 | ||
Title: | Google Chrome Counter Node Handling Unspecified Memory Corruption | ||
Description: | Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3255 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11766 | |||
Oval ID: | oval:org.mitre.oval:def:11766 | ||
Title: | The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 | ||
Description: | The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1784 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11777 | |||
Oval ID: | oval:org.mitre.oval:def:11777 | ||
Title: | WebKit in Apple Safari before 5.0.1 related to reentrancy issue. | ||
Description: | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle just-in-time (JIT) compiled JavaScript stubs, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to a "reentrancy issue." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1790 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11802 | |||
Oval ID: | oval:org.mitre.oval:def:11802 | ||
Title: | Integer signedness error in WebKit in Apple Safari before 5.0.1 related to vectors involving a JavaScript array index. | ||
Description: | Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1791 | Version: | 11 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11820 | |||
Oval ID: | oval:org.mitre.oval:def:11820 | ||
Title: | WebKit in Apple Safari before 5.0.1 Denial of Service vulnerability | ||
Description: | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1783 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11837 | |||
Oval ID: | oval:org.mitre.oval:def:11837 | ||
Title: | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 related to foreignObject element in an SVG document. | ||
Description: | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a foreignObject element in an SVG document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1786 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11877 | |||
Oval ID: | oval:org.mitre.oval:def:11877 | ||
Title: | WebKit in Apple Safari before 5.0.1 related to a floating element in an SVG document. | ||
Description: | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a floating element in an SVG document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1787 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11898 | |||
Oval ID: | oval:org.mitre.oval:def:11898 | ||
Title: | WebKit in Apple Safari before 5.0.1 related to crafted regular expression. | ||
Description: | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1792 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11923 | |||
Oval ID: | oval:org.mitre.oval:def:11923 | ||
Title: | Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 related to font-face or use element in an SVG document. | ||
Description: | Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a (1) font-face or (2) use element in an SVG document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1793 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11935 | |||
Oval ID: | oval:org.mitre.oval:def:11935 | ||
Title: | WebKit in Apple Safari before 5.0.1 denial of service vulnerability related to the rendering of an inline element | ||
Description: | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to the rendering of an inline element. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1782 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11941 | |||
Oval ID: | oval:org.mitre.oval:def:11941 | ||
Title: | WebKit in Apple Safari before 5.0.1 memory accesses vulnerability | ||
Description: | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; accesses uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements in an SVG text element, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1785 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11949 | |||
Oval ID: | oval:org.mitre.oval:def:11949 | ||
Title: | Denial of Service vulnerability in Google Chrome before 7.0.517.44 via unknown vectors | ||
Description: | Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SVG document, related to effects in the application of filters. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4206 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11962 | |||
Oval ID: | oval:org.mitre.oval:def:11962 | ||
Title: | WebKit in Apple Safari before 5.0.1 related to a use element in an SVG document. | ||
Description: | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a use element in an SVG document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1788 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11964 | |||
Oval ID: | oval:org.mitre.oval:def:11964 | ||
Title: | Webkit Floating Point Datatype Remote Code Execution Vulnerability | ||
Description: | WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1807 | Version: | 8 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11997 | |||
Oval ID: | oval:org.mitre.oval:def:11997 | ||
Title: | Vulnerability in rendering implementation in Google Chrome before 5.0.375.125 | ||
Description: | The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2901 | Version: | 13 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12129 | |||
Oval ID: | oval:org.mitre.oval:def:12129 | ||
Title: | Use-after-free vulnerability in Google Chrome before 8.0.552.215 | ||
Description: | Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging events. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4493 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12138 | |||
Oval ID: | oval:org.mitre.oval:def:12138 | ||
Title: | Google Chrome Focus Handling Stale Pointer Remote DoS | ||
Description: | Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3257 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12157 | |||
Oval ID: | oval:org.mitre.oval:def:12157 | ||
Title: | Vulnerability in Google Chrome before 7.0.517.44 via a crafted HTML document | ||
Description: | WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted HTML document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4198 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12174 | |||
Oval ID: | oval:org.mitre.oval:def:12174 | ||
Title: | Denial of Service vulnerability in Google Chrome before 7.0.517.44 via unknown vectors | ||
Description: | WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4204 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12266 | |||
Oval ID: | oval:org.mitre.oval:def:12266 | ||
Title: | Use-after-free vulnerability in Google Chrome before 7.0.517.44 via vectors involving text editing | ||
Description: | Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4197 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12293 | |||
Oval ID: | oval:org.mitre.oval:def:12293 | ||
Title: | Vulnerability in WebKit in Apple Safari before 5.0.3 versions | ||
Description: | The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS prefetching is enabled when processing an HTML LINK element, which allows remote attackers to bypass intended access restrictions, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3813 | Version: | 10 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Apple Safari |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12539 | |||
Oval ID: | oval:org.mitre.oval:def:12539 | ||
Title: | DSA-2095-1 lvm2 -- insecure communication protocol | ||
Description: | Alasdair Kergon discovered that the cluster logical volume manager daemon in lvm2, The Linux Logical Volume Manager, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service. For the stable distribution, this problem has been fixed in version 2.02.39-8 For the testing distribution, and the unstable distribution, this problem has been fixed in version 2.02.66-3 We recommend that you upgrade your lvm2 package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2095-1 CVE-2010-2526 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | lvm2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12752 | |||
Oval ID: | oval:org.mitre.oval:def:12752 | ||
Title: | DSA-2219-1 xmlsec1 -- arbitrary file overwrite | ||
Description: | Nicolas Gregoire discovered that the XML Security Library xmlsec allowed remote attackers to create or overwrite arbitrary files through specially crafted XML files using the libxslt output extension and a ds:Transform element during signature verification. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2219-1 CVE-2011-1425 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | xmlsec1 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12826 | |||
Oval ID: | oval:org.mitre.oval:def:12826 | ||
Title: | DSA-2205-1 gdm3 -- privilege escalation | ||
Description: | Sebastian Krahmer discovered that the gdm3, the GNOME Desktop Manager, does not properly drop privileges when manipulating files related to the logged-in user. As a result, local users can gain root privileges. The oldstable distribution does not contain a gdm3 package. The gdm package is not affected by this issue. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2205-1 CVE-2011-0727 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | gdm3 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12839 | |||
Oval ID: | oval:org.mitre.oval:def:12839 | ||
Title: | DSA-2254-2 oprofile -- command injection | ||
Description: | Jamie Strandboge noticed that the patch propoused to fix CVE-2011-1760 in OProfile has been incomplete. For reference, the description of the original DSA, is: OProfile is a performance profiling tool which is configurable by opcontrol, its control utility. Stephane Chauveau reported several ways to inject arbitrary commands in the arguments of this utility. If a local unprivileged user is authorised by sudoers file to run opcontrol as root, this user could use the flaw to escalate his privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2254-2 CVE-2011-1760 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | oprofile |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12855 | |||
Oval ID: | oval:org.mitre.oval:def:12855 | ||
Title: | DSA-2164-1 shadow -- insufficient input sanitisation | ||
Description: | Kees Cook discovered that the chfn and chsh utilities do not properly sanitise user input that includes newlines. An attacker could use this to to corrupt passwd entries and may create users or groups in NIS environments. Packages in the oldstable distribution are not affected by this problem. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2164-1 CVE-2011-0721 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | shadow |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12908 | |||
Oval ID: | oval:org.mitre.oval:def:12908 | ||
Title: | DSA-2147-1 pimd -- insecure temporary files | ||
Description: | Vincent Bernat discovered that pimd, a multicast routing daemon, creates files with predictable names upon the receipt of particular signals. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2147-1 CVE-2011-0007 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | pimd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12949 | |||
Oval ID: | oval:org.mitre.oval:def:12949 | ||
Title: | DSA-2213-1 x11-xserver-utils -- missing input sanitisation | ||
Description: | Sebastian Krahmer discovered that the xrdb utility of x11-xserver-utils, a X server resource database utility, is not properly filtering crafted hostnames. This allows a remote attacker to execute arbitrary code with root privileges given that either remote logins via xdmcp are allowed or the attacker is able to place a rogue DHCP server into the victims network. The oldstable distribution, this problem has been fixed in version 7.3+6. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2213-1 CVE-2011-0465 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | x11-xserver-utils |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12993 | |||
Oval ID: | oval:org.mitre.oval:def:12993 | ||
Title: | DSA-2238-1 vino -- several | ||
Description: | Kevin Chen discovered that incorrect processing of framebuffer requests in the Vino VNC server could lead to denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2238-1 CVE-2011-0904 CVE-2011-0905 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | vino |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13066 | |||
Oval ID: | oval:org.mitre.oval:def:13066 | ||
Title: | DSA-2254-1 oprofile -- command injection | ||
Description: | OProfile is a performance profiling tool which is configurable by opcontrol, its control utility. Stephane Chauveau reported several ways to inject arbitrary commands in the arguments of this utility. If a local unprivileged user is authorised by sudoers file to run opcontrol as root, this user could use the flaw to escalate his privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2254-1 CVE-2011-1760 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | oprofile |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13165 | |||
Oval ID: | oval:org.mitre.oval:def:13165 | ||
Title: | USN-1065-1 -- shadow vulnerability | ||
Description: | Kees Cook discovered that some shadow utilities did not correctly validate user input. A local attacker could exploit this flaw to inject newlines into the /etc/passwd file. If the system was configured to use NIS, this could lead to existing NIS groups or users gaining or losing access to the system, resulting in a denial of service or unauthorized access. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1065-1 CVE-2011-0721 | Version: | 5 |
Platform(s): | Ubuntu 10.10 Ubuntu 9.10 Ubuntu 10.04 | Product(s): | shadow |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13264 | |||
Oval ID: | oval:org.mitre.oval:def:13264 | ||
Title: | USN-1001-1 -- lvm2 vulnerability | ||
Description: | The cluster logical volume manager daemon in LVM2 did not correctly validate credentials. A local user could use this flaw to manipulate logical volumes without root privileges and cause a denial of service in the cluster. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1001-1 CVE-2010-2526 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 10.04 Ubuntu 9.10 Ubuntu 6.06 Ubuntu 9.04 | Product(s): | lvm2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13531 | |||
Oval ID: | oval:org.mitre.oval:def:13531 | ||
Title: | USN-1107-1 -- x11-xserver-utils vulnerability | ||
Description: | Sebastian Krahmer discovered that the xrdb utility incorrectly filtered crafted hostnames. An attacker could use this flaw with a malicious DHCP server or with a remote xdmcp login and execute arbitrary code, resulting in root privilege escalation. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1107-1 CVE-2011-0465 | Version: | 7 |
Platform(s): | Ubuntu 8.04 Ubuntu 10.10 Ubuntu 9.10 Ubuntu 10.04 | Product(s): | x11-xserver-utils |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13756 | |||
Oval ID: | oval:org.mitre.oval:def:13756 | ||
Title: | USN-1181-1 -- libsoup2.4 vulnerability | ||
Description: | libsoup2.4: HTTP client/server library for GNOME An attacker could send crafted URLs to a SoupServer application and obtain unintended access to files. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1181-1 CVE-2011-2524 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | libsoup2.4 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13786 | |||
Oval ID: | oval:org.mitre.oval:def:13786 | ||
Title: | USN-1099-1 -- gdm vulnerability | ||
Description: | Sebastian Krahmer discovered that GDM did not properly drop privileges when handling the cache directories used to store users" dmrc and face icon files. This could allow a local attacker to change the ownership of arbitrary files, thereby gaining root privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1099-1 CVE-2011-0727 | Version: | 5 |
Platform(s): | Ubuntu 10.10 Ubuntu 9.10 Ubuntu 10.04 | Product(s): | gdm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13865 | |||
Oval ID: | oval:org.mitre.oval:def:13865 | ||
Title: | USN-1128-1 -- vino vulnerabilities | ||
Description: | vino: VNC server for GNOME An attacker could send crafted input to Vino and cause it to crash. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1128-1 CVE-2011-0904 CVE-2011-0905 | Version: | 5 |
Platform(s): | Ubuntu 10.10 Ubuntu 8.04 Ubuntu 10.04 | Product(s): | vino |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13953 | |||
Oval ID: | oval:org.mitre.oval:def:13953 | ||
Title: | The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion." | ||
Description: | The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4577 | Version: | 15 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14049 | |||
Oval ID: | oval:org.mitre.oval:def:14049 | ||
Title: | USN-1124-1 -- rsync vulnerability | ||
Description: | rsync: fast remote file copy program rsync could be made to crash or run programs as your login if it connected to a malicious server. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1124-1 CVE-2011-1097 | Version: | 5 |
Platform(s): | Ubuntu 10.10 Ubuntu 9.10 Ubuntu 10.04 | Product(s): | rsync |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14110 | |||
Oval ID: | oval:org.mitre.oval:def:14110 | ||
Title: | USN-1166-1 -- oprofile vulnerabilities | ||
Description: | oprofile: System-wide profiler for Linux systems OProfile could be made to run programs as an administrator. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1166-1 CVE-2011-1760 CVE-2011-2471 CVE-2011-2472 | Version: | 5 |
Platform(s): | Ubuntu 10.04 | Product(s): | oprofile |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14323 | |||
Oval ID: | oval:org.mitre.oval:def:14323 | ||
Title: | Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | ||
Description: | Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4578 | Version: | 15 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14662 | |||
Oval ID: | oval:org.mitre.oval:def:14662 | ||
Title: | Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. | ||
Description: | Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0482 | Version: | 15 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14946 | |||
Oval ID: | oval:org.mitre.oval:def:14946 | ||
Title: | DSA-2369-1 libsoup2.4 -- insufficient input sanitisation | ||
Description: | It was discovered that libsoup2.4, a HTTP library implementation in C, is not properly validating input when processing requests made to SoupServer. A remote attacker can exploit this flaw to access system files via a directory traversal attack. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2369-1 CVE-2011-2524 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | libsoup2.4 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17794 | |||
Oval ID: | oval:org.mitre.oval:def:17794 | ||
Title: | USN-1248-1 -- kde4libs vulnerability | ||
Description: | KDE-Libs could improperly display fraudulent security certificates. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1248-1 CVE-2011-3365 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 10.10 Ubuntu 10.04 | Product(s): | kde4libs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21165 | |||
Oval ID: | oval:org.mitre.oval:def:21165 | ||
Title: | RHSA-2011:0433: xorg-x11-server-utils security update (Moderate) | ||
Description: | xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0433-01 CVE-2011-0465 CESA-2011:0433-CentOS 5 | Version: | 6 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | xorg-x11-server-utils |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21433 | |||
Oval ID: | oval:org.mitre.oval:def:21433 | ||
Title: | RHSA-2011:0177: webkitgtk security update (Moderate) | ||
Description: | The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion." | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0177-01 CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 CVE-2010-1807 CVE-2010-1812 CVE-2010-1814 CVE-2010-1815 CVE-2010-3113 CVE-2010-3114 CVE-2010-3115 CVE-2010-3116 CVE-2010-3119 CVE-2010-3255 CVE-2010-3257 CVE-2010-3259 CVE-2010-3812 CVE-2010-3813 CVE-2010-4197 CVE-2010-4198 CVE-2010-4204 CVE-2010-4206 CVE-2010-4577 | Version: | 393 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | webkitgtk |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21529 | |||
Oval ID: | oval:org.mitre.oval:def:21529 | ||
Title: | RHSA-2011:0486: xmlsec1 security and bug fix update (Moderate) | ||
Description: | xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0486-01 CESA-2011:0486 CVE-2011-1425 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | xmlsec1 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21732 | |||
Oval ID: | oval:org.mitre.oval:def:21732 | ||
Title: | RHSA-2011:1000: rgmanager security, bug fix, and enhancement update (Low) | ||
Description: | The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1000-01 CESA-2011:1000 CVE-2010-3389 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | rgmanager |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21776 | |||
Oval ID: | oval:org.mitre.oval:def:21776 | ||
Title: | RHSA-2011:1385: kdelibs and kdelibs3 security update (Moderate) | ||
Description: | The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1385-01 CESA-2011:1385 CVE-2011-3365 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | kdelibs kdelibs3 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21910 | |||
Oval ID: | oval:org.mitre.oval:def:21910 | ||
Title: | RHSA-2011:0390: rsync security update (Moderate) | ||
Description: | rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0390-01 CVE-2011-1097 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | rsync |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21930 | |||
Oval ID: | oval:org.mitre.oval:def:21930 | ||
Title: | RHSA-2011:0395: gdm security update (Moderate) | ||
Description: | GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0395-01 CVE-2011-0727 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | gdm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21933 | |||
Oval ID: | oval:org.mitre.oval:def:21933 | ||
Title: | RHSA-2011:1102: libsoup security update (Moderate) | ||
Description: | Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1102-01 CVE-2011-2524 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | libsoup |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22225 | |||
Oval ID: | oval:org.mitre.oval:def:22225 | ||
Title: | RHSA-2010:0567: lvm2-cluster security update (Moderate) | ||
Description: | The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0567-01 CESA-2010:0567 CVE-2010-2526 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | lvm2-cluster |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22792 | |||
Oval ID: | oval:org.mitre.oval:def:22792 | ||
Title: | ELSA-2010:0567: lvm2-cluster security update (Moderate) | ||
Description: | The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0567-01 CVE-2010-2526 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | lvm2-cluster |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23103 | |||
Oval ID: | oval:org.mitre.oval:def:23103 | ||
Title: | ELSA-2011:0486: xmlsec1 security and bug fix update (Moderate) | ||
Description: | xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0486-01 CVE-2011-1425 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | xmlsec1 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23200 | |||
Oval ID: | oval:org.mitre.oval:def:23200 | ||
Title: | ELSA-2011:1000: rgmanager security, bug fix, and enhancement update (Low) | ||
Description: | The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1000-01 CVE-2010-3389 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | rgmanager |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23285 | |||
Oval ID: | oval:org.mitre.oval:def:23285 | ||
Title: | ELSA-2011:0177: webkitgtk security update (Moderate) | ||
Description: | The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0177-01 CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 CVE-2010-1807 CVE-2010-1812 CVE-2010-1814 CVE-2010-1815 CVE-2010-3113 CVE-2010-3114 CVE-2010-3115 CVE-2010-3116 CVE-2010-3119 CVE-2010-3255 CVE-2010-3257 CVE-2010-3259 CVE-2010-3812 CVE-2010-3813 CVE-2010-4197 CVE-2010-4198 CVE-2010-4204 CVE-2010-4206 CVE-2010-4577 | Version: | 125 |
Platform(s): | Oracle Linux 6 | Product(s): | webkitgtk |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23311 | |||
Oval ID: | oval:org.mitre.oval:def:23311 | ||
Title: | DEPRECATED: ELSA-2011:1385: kdelibs and kdelibs3 security update (Moderate) | ||
Description: | The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1385-01 CVE-2011-3365 | Version: | 7 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | kdelibs kdelibs3 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23356 | |||
Oval ID: | oval:org.mitre.oval:def:23356 | ||
Title: | ELSA-2011:0390: rsync security update (Moderate) | ||
Description: | rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0390-01 CVE-2011-1097 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | rsync |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23626 | |||
Oval ID: | oval:org.mitre.oval:def:23626 | ||
Title: | ELSA-2011:1385: kdelibs and kdelibs3 security update (Moderate) | ||
Description: | The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1385-01 CVE-2011-3365 | Version: | 6 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | kdelibs kdelibs3 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23644 | |||
Oval ID: | oval:org.mitre.oval:def:23644 | ||
Title: | ELSA-2011:1102: libsoup security update (Moderate) | ||
Description: | Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1102-01 CVE-2011-2524 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | libsoup |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23685 | |||
Oval ID: | oval:org.mitre.oval:def:23685 | ||
Title: | ELSA-2011:0395: gdm security update (Moderate) | ||
Description: | GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0395-01 CVE-2011-0727 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | gdm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23703 | |||
Oval ID: | oval:org.mitre.oval:def:23703 | ||
Title: | ELSA-2011:0433: xorg-x11-server-utils security update (Moderate) | ||
Description: | xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0433-01 CVE-2011-0465 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | xorg-x11-server-utils |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26934 | |||
Oval ID: | oval:org.mitre.oval:def:26934 | ||
Title: | RHSA-2011:1741 -- php-pear security and bug fix update (Low) | ||
Description: | The php-pear package contains the PHP Extension and Application Repository (PEAR), a framework and distribution system for reusable PHP components. It was found that the "pear" command created temporary files in an insecure way when installing packages. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files accessible to the victim running the "pear install" command. (CVE-2011-1072) This update also fixes the following bugs: * The php-pear package has been upgraded to version 1.9.4, which provides a number of bug fixes over the previous version. (BZ#651897) * Prior to this update, php-pear created a cache in the "/var/cache/php-pear/" directory when attempting to list all packages. As a consequence, php-pear failed to create or update the cache file as a regular user without sufficient file permissions and could not list all packages. With this update, php-pear no longer fails if writing to the cache directory is not permitted. Now, all packages are listed as expected. (BZ#747361) All users of php-pear are advised to upgrade to this updated package, which corrects these issues. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1741 CVE-2011-1072 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | php-pear |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27107 | |||
Oval ID: | oval:org.mitre.oval:def:27107 | ||
Title: | RHSA-2011:1364 -- kdelibs security and enhancement update (Moderate) | ||
Description: | The kdelibs packages provide libraries for the K Desktop Environment (KDE). An input sanitization flaw was found in the KSSL (KDE SSL Wrapper) API. An attacker could supply a specially-crafted SSL certificate (for example, via a web page) to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid. (CVE-2011-3365) This update also adds the following enhancement: * kdelibs provided its own set of trusted Certificate Authority (CA) certificates. This update makes kdelibs use the system set from the ca-certificates package, instead of its own copy. (BZ#743951) Users should upgrade to these updated packages, which contain backported patches to correct this issue and add this enhancement. The desktop must be restarted (log out, then log back in) for this update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1364 CVE-2011-3365 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | kdelibs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27397 | |||
Oval ID: | oval:org.mitre.oval:def:27397 | ||
Title: | DEPRECATED: ELSA-2011-0395 -- gdm security update (moderate) | ||
Description: | [2.30.4-21.0.2.el6_0.1] - Added oracle-enterprise.patch to show oracle-release contents. [2.30.4-21.1] - Fix CVE-2011-0727 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0395 CVE-2011-0727 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | gdm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27542 | |||
Oval ID: | oval:org.mitre.oval:def:27542 | ||
Title: | DEPRECATED: ELSA-2011-1000 -- rgmanager security, bug fix, and enhancement update (low) | ||
Description: | [2.0.52-21] - rgmanager: Fix bad passing of SFL_FAILURE up (fix_bad_passing_of_sfl_failure_up.patch) Resolves: rhbz#711521 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1000 CVE-2010-3389 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | rgmanager |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27685 | |||
Oval ID: | oval:org.mitre.oval:def:27685 | ||
Title: | DEPRECATED: ELSA-2010-0567 -- lvm2-cluster security update (moderate) | ||
Description: | [2.02.56-el5_5.4] - CVE-2010-2526: Fix insecurity when communicating between lvm2 and clvmd. Resolves: #616044 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0567 CVE-2010-2526 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | lvm2-cluster |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27757 | |||
Oval ID: | oval:org.mitre.oval:def:27757 | ||
Title: | DEPRECATED: ELSA-2011-0177 -- webkitgtk security update (moderate) | ||
Description: | [1.2.6-2] - Added fix for js regression [1.2.6-1] - Update to 1.2.6 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0177 CVE-2010-3255 CVE-2010-3257 CVE-2010-3259 CVE-2010-3812 CVE-2010-3813 CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 CVE-2010-1807 CVE-2010-1812 CVE-2010-1814 CVE-2010-1815 CVE-2010-3113 CVE-2010-3114 CVE-2010-3115 CVE-2010-3116 CVE-2010-3119 CVE-2010-4197 CVE-2010-4198 CVE-2010-4204 CVE-2010-4206 CVE-2010-4577 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | webkitgtk |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27880 | |||
Oval ID: | oval:org.mitre.oval:def:27880 | ||
Title: | ELSA-2011-1741 -- php-pear security and bug fix update (low) | ||
Description: | [1.9.4-4] - fix patch application for #747361 [1.9.4-3] - ignore REST cache creation failures as non-root user (#747361) [1.9.4-2] - fix XML-Util provides [1.9.4-1] - update to 1.9.4 (#651897) - update XML_RPC to 1.5.4, Structures_Graph to 1.0.4, Archive_Tar to 1.3.7 [1.9.1-1] - update to 1.9.1 (#651897) - fix installation of XML_RPC license file | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1741 CVE-2011-1072 | Version: | 3 |
Platform(s): | Oracle Linux 6 | Product(s): | php-pear |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27919 | |||
Oval ID: | oval:org.mitre.oval:def:27919 | ||
Title: | DEPRECATED: ELSA-2011-0390 -- rsync security update (moderate) | ||
Description: | [3.0.6-5.1] - Add upstream patch to fix CVE-2011-1097 - Incremental file-list corruption due to temporary file_extra_cnt increments Resolves: #684932 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0390 CVE-2011-1097 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | rsync |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27947 | |||
Oval ID: | oval:org.mitre.oval:def:27947 | ||
Title: | ELSA-2011-1364 -- kdelibs security and enhancement update (moderate) | ||
Description: | [6:4.3.4-11.4] - Resolves: bz#743951, use ca-certificates' ca-bundle.crt [6:4.3.4-11.3] - Resolves: bz#743515, CVE-2011-3365 - input validation failure | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1364 CVE-2011-3365 | Version: | 3 |
Platform(s): | Oracle Linux 6 | Product(s): | kdelibs |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28013 | |||
Oval ID: | oval:org.mitre.oval:def:28013 | ||
Title: | DEPRECATED: ELSA-2011-0433 -- xorg-x11-server-utils security update (moderate) | ||
Description: | [7.4-15.el6_0.1] - cve-2011-0465: Sanitize cpp macro expansion. (CVE 2011-0465) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0433 CVE-2011-0465 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | xorg-x11-server-utils |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28119 | |||
Oval ID: | oval:org.mitre.oval:def:28119 | ||
Title: | DEPRECATED: ELSA-2011-1102 -- libsoup security update (moderate) | ||
Description: | [2.28.2-1.1] - Patch for CVE-2011-2524 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1102 CVE-2011-2524 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | libsoup |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6654 | |||
Oval ID: | oval:org.mitre.oval:def:6654 | ||
Title: | Denial of service vulnerability in Google Chrome before 7.0.517.41 | ||
Description: | Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4042 | Version: | 13 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Google Chrome |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2012-11-01 | Konqueror 4.7.3 Memory Corruption |
2010-11-15 | Android 2.0/2.1 Use-After-Free Remote Code Execution on Webkit |
2010-11-05 | Android 2.0-2.1 Reverse Shell Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-03 | Name : Mandriva Update for libsoup MDVSA-2012:036 (libsoup) File : nvt/gb_mandriva_MDVSA_2012_036.nasl |
2012-07-30 | Name : CentOS Update for xorg-x11-server-utils CESA-2011:0433 centos5 x86_64 File : nvt/gb_CESA-2011_0433_xorg-x11-server-utils_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for xmlsec1 CESA-2011:0486 centos4 x86_64 File : nvt/gb_CESA-2011_0486_xmlsec1_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for xmlsec1 CESA-2011:0486 centos5 x86_64 File : nvt/gb_CESA-2011_0486_xmlsec1_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for rgmanager CESA-2011:1000 centos5 x86_64 File : nvt/gb_CESA-2011_1000_rgmanager_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kdelibs CESA-2011:1385 centos4 x86_64 File : nvt/gb_CESA-2011_1385_kdelibs_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kdelibs CESA-2011:1385 centos5 x86_64 File : nvt/gb_CESA-2011_1385_kdelibs_centos5_x86_64.nasl |
2012-07-09 | Name : RedHat Update for libsoup RHSA-2011:1102-01 File : nvt/gb_RHSA-2011_1102-01_libsoup.nasl |
2012-07-09 | Name : RedHat Update for kdelibs RHSA-2011:1364-01 File : nvt/gb_RHSA-2011_1364-01_kdelibs.nasl |
2012-07-09 | Name : RedHat Update for php-pear RHSA-2011:1741-03 File : nvt/gb_RHSA-2011_1741-03_php-pear.nasl |
2012-06-06 | Name : RedHat Update for rsync RHSA-2011:0390-01 File : nvt/gb_RHSA-2011_0390-01_rsync.nasl |
2012-06-06 | Name : RedHat Update for gdm RHSA-2011:0395-01 File : nvt/gb_RHSA-2011_0395-01_gdm.nasl |
2012-06-05 | Name : RedHat Update for webkitgtk RHSA-2011:0177-01 File : nvt/gb_RHSA-2011_0177-01_webkitgtk.nasl |
2012-04-02 | Name : Fedora Update for PyKDE4 FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_PyKDE4_fc16.nasl |
2012-04-02 | Name : Fedora Update for akonadi FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_akonadi_fc16.nasl |
2012-04-02 | Name : Fedora Update for cantor FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_cantor_fc16.nasl |
2012-04-02 | Name : Fedora Update for gwenview FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_gwenview_fc16.nasl |
2012-04-02 | Name : Fedora Update for kalgebra FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kalgebra_fc16.nasl |
2012-04-02 | Name : Fedora Update for kalzium FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kalzium_fc16.nasl |
2012-04-02 | Name : Fedora Update for kate FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kate_fc16.nasl |
2012-04-02 | Name : Fedora Update for kbruch FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kbruch_fc16.nasl |
2012-04-02 | Name : Fedora Update for kcolorchooser FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kcolorchooser_fc16.nasl |
2012-04-02 | Name : Fedora Update for kde-settings FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kde-settings_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdeaccessibility FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdeaccessibility_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdeadmin FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdeadmin_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdeartwork FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdeartwork_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdebase-runtime FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdebase-runtime_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdebase-workspace FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdebase-workspace_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdeedu FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdeedu_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdegames FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdegames_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdegraphics-strigi-analyzer FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdegraphics-strigi-analyzer_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdegraphics-thumbnailers FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdegraphics-thumbnailers_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdegraphics FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdegraphics_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdemultimedia FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdemultimedia_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdenetwork FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdenetwork_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdepim-runtime FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdepim-runtime_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdepim FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdepim_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdeplasma-addons FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdeplasma-addons_fc16.nasl |
2012-04-02 | Name : Fedora Update for kdesdk FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdesdk_fc16.nasl |
2012-04-02 | Name : Fedora Update for kgamma FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kgamma_fc16.nasl |
2012-04-02 | Name : Fedora Update for kgeography FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kgeography_fc16.nasl |
2012-04-02 | Name : Fedora Update for khangman FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_khangman_fc16.nasl |
2012-04-02 | Name : Fedora Update for kiten FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kiten_fc16.nasl |
2012-04-02 | Name : Fedora Update for klettres FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_klettres_fc16.nasl |
2012-04-02 | Name : Fedora Update for kmplot FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kmplot_fc16.nasl |
2012-04-02 | Name : Fedora Update for konsole FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_konsole_fc16.nasl |
2012-04-02 | Name : Fedora Update for kruler FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kruler_fc16.nasl |
2012-04-02 | Name : Fedora Update for ksaneplugin FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_ksaneplugin_fc16.nasl |
2012-04-02 | Name : Fedora Update for ksnapshot FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_ksnapshot_fc16.nasl |
2012-04-02 | Name : Fedora Update for kturtle FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kturtle_fc16.nasl |
2012-04-02 | Name : Fedora Update for kwordquiz FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kwordquiz_fc16.nasl |
2012-04-02 | Name : Fedora Update for libkdcraw FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_libkdcraw_fc16.nasl |
2012-04-02 | Name : Fedora Update for libkdeedu FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_libkdeedu_fc16.nasl |
2012-04-02 | Name : Fedora Update for libkexiv2 FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_libkexiv2_fc16.nasl |
2012-04-02 | Name : Fedora Update for libkipi FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_libkipi_fc16.nasl |
2012-04-02 | Name : Fedora Update for libksane FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_libksane_fc16.nasl |
2012-04-02 | Name : Fedora Update for okular FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_okular_fc16.nasl |
2012-04-02 | Name : Fedora Update for oxygen-icon-theme FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_oxygen-icon-theme_fc16.nasl |
2012-04-02 | Name : Fedora Update for rocs FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_rocs_fc16.nasl |
2012-04-02 | Name : Fedora Update for shared-desktop-ontologies FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_shared-desktop-ontologies_fc16.nasl |
2012-04-02 | Name : Fedora Update for smokegen FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_smokegen_fc16.nasl |
2012-04-02 | Name : Fedora Update for smokekde FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_smokekde_fc16.nasl |
2012-04-02 | Name : Fedora Update for smokeqt FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_smokeqt_fc16.nasl |
2012-04-02 | Name : Fedora Update for step FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_step_fc16.nasl |
2012-03-29 | Name : Fedora Update for kdelibs FEDORA-2012-3483 File : nvt/gb_fedora_2012_3483_kdelibs_fc15.nasl |
2012-03-19 | Name : Fedora Update for blinken FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_blinken_fc16.nasl |
2012-03-19 | Name : Fedora Update for kamera FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kamera_fc16.nasl |
2012-03-19 | Name : Fedora Update for kanagram FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kanagram_fc16.nasl |
2012-03-19 | Name : Fedora Update for kde-l10n FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kde-l10n_fc16.nasl |
2012-03-19 | Name : Fedora Update for kdebase FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdebase_fc16.nasl |
2012-03-19 | Name : Fedora Update for kdelibs FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdelibs_fc16.nasl |
2012-03-19 | Name : Fedora Update for kdepimlibs FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdepimlibs_fc16.nasl |
2012-03-19 | Name : Fedora Update for kdetoys FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdetoys_fc16.nasl |
2012-03-19 | Name : Fedora Update for kdeutils FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kdeutils_fc16.nasl |
2012-03-19 | Name : Fedora Update for kig FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kig_fc16.nasl |
2012-03-19 | Name : Fedora Update for kolourpaint FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kolourpaint_fc16.nasl |
2012-03-19 | Name : Fedora Update for kross-interpreters FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kross-interpreters_fc16.nasl |
2012-03-19 | Name : Fedora Update for kstars FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_kstars_fc16.nasl |
2012-03-19 | Name : Fedora Update for ktouch FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_ktouch_fc16.nasl |
2012-03-19 | Name : Fedora Update for marble FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_marble_fc16.nasl |
2012-03-19 | Name : Fedora Update for parley FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_parley_fc16.nasl |
2012-03-19 | Name : Fedora Update for svgpart FEDORA-2011-13417 File : nvt/gb_fedora_2011_13417_svgpart_fc16.nasl |
2012-03-19 | Name : Fedora Update for arora FEDORA-2011-14719 File : nvt/gb_fedora_2011_14719_arora_fc16.nasl |
2012-03-12 | Name : Debian Security Advisory DSA 2408-1 (php5) File : nvt/deb_2408_1.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-18 (rgmanager) File : nvt/glsa_201110_18.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2369-1 (libsoup2.4) File : nvt/deb_2369_1.nasl |
2011-12-16 | Name : Fedora Update for arora FEDORA-2011-14756 File : nvt/gb_fedora_2011_14756_arora_fc15.nasl |
2011-12-16 | Name : Mandriva Update for php-pear MDVSA-2011:187 (php-pear) File : nvt/gb_mandriva_MDVSA_2011_187.nasl |
2011-12-15 | Name : Arora Common Name SSL Certificate Spoofing Vulnerability (Linux) File : nvt/secpod_arora_cn_ssl_cert_spoofing_vuln_lin.nasl |
2011-11-11 | Name : CentOS Update for kdelibs CESA-2011:1385 centos4 i386 File : nvt/gb_CESA-2011_1385_kdelibs_centos4_i386.nasl |
2011-11-03 | Name : Mandriva Update for kdelibs4 MDVSA-2011:162 (kdelibs4) File : nvt/gb_mandriva_MDVSA_2011_162.nasl |
2011-10-31 | Name : Ubuntu Update for kde4libs USN-1248-1 File : nvt/gb_ubuntu_USN_1248_1.nasl |
2011-10-21 | Name : CentOS Update for kdelibs CESA-2011:1385 centos5 i386 File : nvt/gb_CESA-2011_1385_kdelibs_centos5_i386.nasl |
2011-10-21 | Name : RedHat Update for kdelibs and kdelibs3 RHSA-2011:1385-01 File : nvt/gb_RHSA-2011_1385-01_kdelibs_and_kdelibs3.nasl |
2011-09-27 | Name : Fedora Update for libsoup FEDORA-2011-9820 File : nvt/gb_fedora_2011_9820_libsoup_fc14.nasl |
2011-09-23 | Name : CentOS Update for rgmanager CESA-2011:1000 centos5 i386 File : nvt/gb_CESA-2011_1000_rgmanager_centos5_i386.nasl |
2011-08-27 | Name : Ubuntu Update for webkit USN-1195-1 File : nvt/gb_ubuntu_USN_1195_1.nasl |
2011-08-12 | Name : Fedora Update for libsoup FEDORA-2011-9763 File : nvt/gb_fedora_2011_9763_libsoup_fc15.nasl |
2011-08-09 | Name : CentOS Update for lvm2-cluster CESA-2010:0567 centos5 i386 File : nvt/gb_CESA-2010_0567_lvm2-cluster_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for xorg-x11-server-utils CESA-2011:0433 centos5 i386 File : nvt/gb_CESA-2011_0433_xorg-x11-server-utils_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for xmlsec1 CESA-2011:0486 centos4 i386 File : nvt/gb_CESA-2011_0486_xmlsec1_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for xmlsec1 CESA-2011:0486 centos5 i386 File : nvt/gb_CESA-2011_0486_xmlsec1_centos5_i386.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2238-1 (vino) File : nvt/deb_2238_1.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2254-1 (oprofile) File : nvt/deb_2254_1.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2254-2 (oprofile) File : nvt/deb_2254_2.nasl |
2011-08-03 | Name : FreeBSD Ports: rsync File : nvt/freebsd_rsync4.nasl |
2011-08-02 | Name : Ubuntu Update for libsoup2.4 USN-1181-1 File : nvt/gb_ubuntu_USN_1181_1.nasl |
2011-07-27 | Name : Fedora Update for oprofile FEDORA-2011-8076 File : nvt/gb_fedora_2011_8076_oprofile_fc15.nasl |
2011-07-27 | Name : Fedora Update for oprofile FEDORA-2011-8087 File : nvt/gb_fedora_2011_8087_oprofile_fc14.nasl |
2011-07-18 | Name : Ubuntu Update for oprofile USN-1166-1 File : nvt/gb_ubuntu_USN_1166_1.nasl |
2011-07-08 | Name : Fedora Update for syslog-ng FEDORA-2011-8405 File : nvt/gb_fedora_2011_8405_syslog-ng_fc14.nasl |
2011-06-20 | Name : Fedora Update for xorg-x11-server-utils FEDORA-2011-4879 File : nvt/gb_fedora_2011_4879_xorg-x11-server-utils_fc13.nasl |
2011-06-20 | Name : OProfile Multiple Vulnerabilities File : nvt/gb_oprofile_mult_vuln.nasl |
2011-05-23 | Name : Fedora Update for vino FEDORA-2011-6773 File : nvt/gb_fedora_2011_6773_vino_fc14.nasl |
2011-05-23 | Name : Fedora Update for vino FEDORA-2011-6778 File : nvt/gb_fedora_2011_6778_vino_fc13.nasl |
2011-05-17 | Name : Mandriva Update for vino MDVSA-2011:087 (vino) File : nvt/gb_mandriva_MDVSA_2011_087.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2188-1 (webkit) File : nvt/deb_2188_1.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2205-1 (gdm3) File : nvt/deb_2205_1.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2213-1 (x11-xserver-utils) File : nvt/deb_2213_1.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2215-1 (gitolite) File : nvt/deb_2215_1.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2219-1 (xmlsec1) File : nvt/deb_2219_1.nasl |
2011-05-12 | Name : FreeBSD Ports: gdm File : nvt/freebsd_gdm.nasl |
2011-05-12 | Name : FreeBSD Ports: xrdb File : nvt/freebsd_xrdb.nasl |
2011-05-10 | Name : Ubuntu Update for rsync USN-1124-1 File : nvt/gb_ubuntu_USN_1124_1.nasl |
2011-05-10 | Name : Ubuntu Update for php5 USN-1126-1 File : nvt/gb_ubuntu_USN_1126_1.nasl |
2011-05-10 | Name : Ubuntu Update for php5 USN-1126-2 File : nvt/gb_ubuntu_USN_1126_2.nasl |
2011-05-10 | Name : Ubuntu Update for vino USN-1128-1 File : nvt/gb_ubuntu_USN_1128_1.nasl |
2011-05-06 | Name : RedHat Update for xmlsec1 RHSA-2011:0486-01 File : nvt/gb_RHSA-2011_0486-01_xmlsec1.nasl |
2011-04-22 | Name : Mandriva Update for xrdb MDVSA-2011:076 (xrdb) File : nvt/gb_mandriva_MDVSA_2011_076.nasl |
2011-04-22 | Name : Rsync Multiple Denial of Service Vulnerabilities (Windows) File : nvt/gb_rsync_mult_dos_vuln.nasl |
2011-04-22 | Name : SuSE Update for xorg-x11 SUSE-SA:2011:016 File : nvt/gb_suse_2011_016.nasl |
2011-04-19 | Name : RedHat Update for xorg-x11 RHSA-2011:0432-01 File : nvt/gb_RHSA-2011_0432-01_xorg-x11.nasl |
2011-04-19 | Name : RedHat Update for xorg-x11-server-utils RHSA-2011:0433-01 File : nvt/gb_RHSA-2011_0433-01_xorg-x11-server-utils.nasl |
2011-04-19 | Name : Fedora Update for gdm FEDORA-2011-4351 File : nvt/gb_fedora_2011_4351_gdm_fc13.nasl |
2011-04-19 | Name : Fedora Update for xorg-x11-server-utils FEDORA-2011-4871 File : nvt/gb_fedora_2011_4871_xorg-x11-server-utils_fc14.nasl |
2011-04-11 | Name : Fedora Update for rsync FEDORA-2011-4413 File : nvt/gb_fedora_2011_4413_rsync_fc14.nasl |
2011-04-11 | Name : Fedora Update for rsync FEDORA-2011-4427 File : nvt/gb_fedora_2011_4427_rsync_fc13.nasl |
2011-04-11 | Name : Mandriva Update for rsync MDVSA-2011:066 (rsync) File : nvt/gb_mandriva_MDVSA_2011_066.nasl |
2011-04-11 | Name : Mandriva Update for gdm MDVSA-2011:070 (gdm) File : nvt/gb_mandriva_MDVSA_2011_070.nasl |
2011-04-11 | Name : Ubuntu Update for x11-xserver-utils vulnerability USN-1107-1 File : nvt/gb_ubuntu_USN_1107_1.nasl |
2011-04-06 | Name : Fedora Update for gdm FEDORA-2011-4335 File : nvt/gb_fedora_2011_4335_gdm_fc14.nasl |
2011-04-06 | Name : Mandriva Update for xmlsec1 MDVSA-2011:063 (xmlsec1) File : nvt/gb_mandriva_MDVSA_2011_063.nasl |
2011-04-01 | Name : Ubuntu Update for gdm vulnerability USN-1099-1 File : nvt/gb_ubuntu_USN_1099_1.nasl |
2011-03-09 | Name : Gentoo Security Advisory GLSA 201012-01 (chromium) File : nvt/glsa_201012_01.nasl |
2011-03-07 | Name : Debian Security Advisory DSA 2147-1 (pimd) File : nvt/deb_2147_1.nasl |
2011-03-07 | Name : Debian Security Advisory DSA 2164-1 (shadow) File : nvt/deb_2164_1.nasl |
2011-03-07 | Name : Mandriva Update for webkit MDVSA-2011:039 (webkit) File : nvt/gb_mandriva_MDVSA_2011_039.nasl |
2011-03-05 | Name : FreeBSD Ports: webkit-gtk2 File : nvt/freebsd_webkit-gtk23.nasl |
2011-02-18 | Name : Fedora Update for webkitgtk FEDORA-2011-1224 File : nvt/gb_fedora_2011_1224_webkitgtk_fc13.nasl |
2011-02-18 | Name : Ubuntu Update for shadow vulnerability USN-1065-1 File : nvt/gb_ubuntu_USN_1065_1.nasl |
2011-01-27 | Name : Google Chrome multiple vulnerabilities - Jan11 (Linux) File : nvt/gb_google_chrome_mult_vuln_jan11_lin.nasl |
2011-01-27 | Name : Google Chrome multiple vulnerabilities - Jan11 (Windows) File : nvt/gb_google_chrome_mult_vuln_jan11_win.nasl |
2011-01-24 | Name : FreeBSD Ports: webkit-gtk2 File : nvt/freebsd_webkit-gtk22.nasl |
2011-01-11 | Name : Fedora Update for webkitgtk FEDORA-2011-0121 File : nvt/gb_fedora_2011_0121_webkitgtk_fc13.nasl |
2010-12-29 | Name : Google Chrome multiple vulnerabilities - Dec10 (Linux) File : nvt/gb_google_chrome_mult_vuln_dec10_lin01.nasl |
2010-12-29 | Name : Google Chrome multiple vulnerabilities - Dec10 (Windows) File : nvt/gb_google_chrome_mult_vuln_dec10_win01.nasl |
2010-12-27 | Name : Google Chrome multiple vulnerabilities - Dec 10(Linux) File : nvt/gb_google_chrome_mult_vuln_dec10_lin.nasl |
2010-12-27 | Name : Google Chrome multiple vulnerabilities - Dec 10(Windows) File : nvt/gb_google_chrome_mult_vuln_dec10_win.nasl |
2010-12-02 | Name : Fedora Update for lvm2 FEDORA-2010-13239 File : nvt/gb_fedora_2010_13239_lvm2_fc14.nasl |
2010-12-02 | Name : Fedora Update for gnucash FEDORA-2010-16762 File : nvt/gb_fedora_2010_16762_gnucash_fc14.nasl |
2010-12-02 | Name : Mandriva Update for gnucash MDVSA-2010:241 (gnucash) File : nvt/gb_mandriva_MDVSA_2010_241.nasl |
2010-11-23 | Name : Apple Safari Webkit Multiple Vulnerabilities - Nov10 File : nvt/gb_apple_safari_webkit_mult_vuln_nov10.nasl |
2010-11-18 | Name : Google Chrome multiple vulnerabilities - November 10(Linux) File : nvt/gb_google_chrome_mult_vuln_nov10_lin.nasl |
2010-11-18 | Name : Google Chrome multiple vulnerabilities - November 10(Windows) File : nvt/gb_google_chrome_mult_vuln_nov10_win.nasl |
2010-11-17 | Name : FreeBSD Ports: webkit-gtk2 File : nvt/freebsd_webkit-gtk21.nasl |
2010-11-16 | Name : Fedora Update for gnucash FEDORA-2010-16605 File : nvt/gb_fedora_2010_16605_gnucash_fc13.nasl |
2010-11-16 | Name : Fedora Update for gnucash FEDORA-2010-16622 File : nvt/gb_fedora_2010_16622_gnucash_fc12.nasl |
2010-10-28 | Name : Google Chrome multiple vulnerabilities - October 10(Linux) File : nvt/gb_google_chrome_mult_vuln_oct10_lin.nasl |
2010-10-28 | Name : Google Chrome multiple vulnerabilities - October 10(Windows) File : nvt/gb_google_chrome_mult_vuln_oct10_win.nasl |
2010-10-22 | Name : Fedora Update for webkitgtk FEDORA-2010-15957 File : nvt/gb_fedora_2010_15957_webkitgtk_fc13.nasl |
2010-10-22 | Name : Fedora Update for webkitgtk FEDORA-2010-15982 File : nvt/gb_fedora_2010_15982_webkitgtk_fc12.nasl |
2010-10-22 | Name : Ubuntu Update for webkit vulnerabilities USN-1006-1 File : nvt/gb_ubuntu_USN_1006_1.nasl |
2010-10-19 | Name : Ubuntu Update for lvm2 vulnerability USN-1001-1 File : nvt/gb_ubuntu_USN_1001_1.nasl |
2010-10-10 | Name : Debian Security Advisory DSA 2095-1 (lvm2) File : nvt/deb_2095_1.nasl |
2010-10-10 | Name : FreeBSD Ports: webkit-gtk2 File : nvt/freebsd_webkit-gtk20.nasl |
2010-10-04 | Name : Mandriva Update for qt-creator MDVSA-2010:193 (qt-creator) File : nvt/gb_mandriva_MDVSA_2010_193.nasl |
2010-10-01 | Name : Fedora Update for lvm2 FEDORA-2010-12250 File : nvt/gb_fedora_2010_12250_lvm2_fc12.nasl |
2010-09-22 | Name : Fedora Update for webkitgtk FEDORA-2010-14409 File : nvt/gb_fedora_2010_14409_webkitgtk_fc13.nasl |
2010-09-22 | Name : Fedora Update for webkitgtk FEDORA-2010-14419 File : nvt/gb_fedora_2010_14419_webkitgtk_fc12.nasl |
2010-09-21 | Name : Google Chrome multiple vulnerabilities (Linux) File : nvt/gb_google_chrome_mult_vuln_sep10_lin.nasl |
2010-09-21 | Name : Google Chrome multiple vulnerabilities (Windows) Sep10 File : nvt/gb_google_chrome_mult_vuln_sep10_win.nasl |
2010-09-15 | Name : Apple Safari Multiple Vulnerabilities - Sep10 File : nvt/gb_apple_safari_mult_vuln_sep10.nasl |
2010-09-14 | Name : Fedora Update for lvm2 FEDORA-2010-13708 File : nvt/gb_fedora_2010_13708_lvm2_fc13.nasl |
2010-09-14 | Name : Fedora Update for udisks FEDORA-2010-13708 File : nvt/gb_fedora_2010_13708_udisks_fc13.nasl |
2010-09-07 | Name : Mandriva Update for lvm2 MDVSA-2010:171 (lvm2) File : nvt/gb_mandriva_MDVSA_2010_171.nasl |
2010-08-02 | Name : Apple Safari Multiple Vulnerabilities - July 10 File : nvt/secpod_apple_safari_mult_vuln_jul10.nasl |
2010-08-02 | Name : Google Chrome Multiple Unspecified Vulnerabilities - July 10 File : nvt/secpod_google_chrome_mult_unspecified_vuln_jul10.nasl |
2010-07-02 | Name : IBM WebSphere Application Server (WAS) Cross-site Scripting Vulnerability File : nvt/secpod_ibm_was_xss_vuln.nasl |
2010-01-29 | Name : Mandriva Update for php-pear-Mail MDVSA-2010:025 (php-pear-Mail) File : nvt/gb_mandriva_MDVSA_2010_025.nasl |
2009-12-10 | Name : Fedora Core 11 FEDORA-2009-12348 (php-pear-Mail) File : nvt/fcore_2009_12348.nasl |
2009-12-10 | Name : Fedora Core 12 FEDORA-2009-12395 (php-pear-Mail) File : nvt/fcore_2009_12395.nasl |
2009-12-10 | Name : Fedora Core 10 FEDORA-2009-12439 (php-pear-Mail) File : nvt/fcore_2009_12439.nasl |
2009-11-23 | Name : Debian Security Advisory DSA 1938-1 (php-mail) File : nvt/deb_1938_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2011-086-03 shadow File : nvt/esoft_slk_ssa_2011_086_03.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2011-096-01 xrdb File : nvt/esoft_slk_ssa_2011_096_01.nasl |
0000-00-00 | Name : FreeBSD Ports: kdelibs File : nvt/freebsd_kdelibs5.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
76136 | Arora Certificate Text Format CN Field RTF Data Parsing Certificate Spoofing ... |
76021 | rekonq Certificate Text Format CN Field RTF Data Parsing Certificate Spoofing... |
76016 | KDE KSSL Certificate Text Format CN Field RTF Data Parsing Certificate Spoofi... |
75083 | PEAR Installer Multiple Directory Temporary File Symlink Arbitrary File Overw... |
75045 | X.Org xrdb xrdb.c Hostname Shell Metacharacter Arbitrary Local Command Injection |
74996 | rsync Incremental Recursion Remote Memory Corruption DoS |
74333 | Vino server/libvncserver/rfbserver.c rfbSendFramebufferUpdate() Function Tigh... Vino contains a flaw that may allow a remote denial of service. The issue is triggered when the rfbSendFramebufferUpdate() function in server/libvncserver/rfbserver.c fails to properly handle client framebuffer update requests, and will result in loss of availability for the program. |
74332 | Vino server/libvncserver/rfbserver.c rfbSendFramebufferUpdate() Function Raw ... Vino contains a flaw that may allow a remote denial of service. The issue is triggered when the rfbSendFramebufferUpdate() function in server/libvncserver/rfbserver.c fails to properly handle client framebuffer update requests, and will result in loss of availability for the program. |
74135 | libsoup SoupServer soup-uri.c HTTP Request Parsing Traversal Arbitrary File A... libsoup contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to soup-uri.c in the SoupServer feature not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via HTTP Requests. This directory traversal attack would allow the attacker to access arbitrary files. |
73736 | syslog-ng lib/logmatcher.c PCRE Global Flag Remote DoS |
73719 | OProfile utils/opcontrol do_dump_data Function --session-dir Argument opd_pip... |
73717 | OProfile utils/opcontrol --save Argument Traversal Arbitrary File Overwrite |
73716 | OProfile utils/opcontrol daemonrc Multiple Argument Shell Metacharacter Local... |
72792 | OProfile utils/opcontrol Shell Metacharacter Eval Injection Local Privilege E... |
72551 | GNOME Display Manager (gdm) /var/cache/gdm/ Multiple File Symlink Local Privi... |
72538 | gitolite Admin-Defined Commands (ADC) Traversal Arbitrary Command Execution |
72303 | XML Security Library XSLT output Extension Arbitrary File Manipulation XML Security Library contains a flaw that may allow a remote attacker to modify arbitrary files. The issue is due to XSLT not properly sanitizing user-supplied input to the 'output' extension. This flaw can potentially be used to manipulate the contents of any file on the system accessible by the web server. |
70895 | shadow chfn/chsh Utility GECOS Field CRLF Injection shadow contains multiple CRLF injection vulnerabilities related to the 'chfn' and 'chsh' utilities failing to handle newlines characters properly. This may allow a local attacker to add new groups or users to the 'etc/passwd' file via the GECOS field. |
70465 | Google Chrome HTML Document Anchor Unspecified Variable Casting Remote DoS Google Chrome contains a flaw that may allow a denial of service. The issue is triggered when the program fails to properly perform a cast of an unspecified variable during handling of anchors, allowing a context-dependent attacker to use a crafted HTML document to cause a denial of servce or possibly have other unspecified impact. |
70305 | pimd Multiple Temporary File Symlink Arbitrary File Overwrite pimd contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the '/var/tmp/pimd.dump' and '/var/tmp/pimd.cache' files creating temporary files insecurely. It is possible for a local attacker to use a symlink attack to cause the program to unexpectedly write to, or overwrite an attacker specified file. |
70106 | Google Chrome Cursor Handling Stale Pointer Remote DoS Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program fails to properly perform cursor handling, allowing a remote attacker to cause a denial of service via unknown vectors leading to 'stale pointers'. |
70105 | Google Chrome CSS Token Sequence Out-of-bounds Read Remote DoS Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program fails to properly parse CSS token sequences, allowing a remote attacker to cause an out-of-bounds read denial of service via unspecified vectors. |
69672 | Google Chrome Mouse Drag Event Use-after-free Remote DoS Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when a use-after-free error in the handling of mouse dragging events is exploited to cause a loss of availability. |
69671 | Google Chrome SVG Animation Use-after-free Remote DoS Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when a use-after-free vulnerability is exploited to cause a loss of availability for the program via vectors involving SVG animations. |
69434 | Apple Safari WebKit HTML Link Element DNS Prefetch Setting Bypass Apple Safari contains a flaw related to the WebKit's HTML Link Element. The issue is triggered when WebKit encounters an HTML Link Element that requests DNS prefetching. This will bypass any prefetching preference that has been set, and may result in undesired requests to remote servers. |
69433 | Apple Safari WebKit wholeText Method Size Calculation Overflow Apple WebKit in Apple Safari before 5.0.3 on Windows 7, Windows Vista, Windows XP SP2 or later, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4 or later, and Apple WebKit in Apple Safari before 4.1.3 on Mac OS X v10.4.11 and Mac OS X Server v10.4.11 is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in an integer overflow while handling Text objects. Visiting a specially crafted website a remote attacker can potentially cause an unexpected application termination or arbitrary code execution. |
69298 | GnuCash gnc-test-env LD_LIBRARY_PATH Zero-length Directory Name Path Subversi... GnuCash contains a path subversion flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the 'src/gnc-test-env' script incorrectly sets the environment variable 'LD_LIBRARY_PATH', allowing a context-dependent attacker to gain elevated privileges by tricking a user into running the script in a directory containing a malicious library. |
69172 | Google Chrome SVG Document Out-of-bounds Array Index Memory Access DoS Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program accesses memory in an out-of-bounds array index while processing an SVG document, allowing a context-dependent attacker to cause a denial of service or possibly have other unspecified impact. |
69170 | Google Chrome Destroyed Frame Object Access Remote DoS Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program accesses a frame object after it has been destroyed, allowing a context-dependent attacker to cause a denial of service or possibly have other unspecified impact. |
69164 | Google Chrome Crafted HTML Document Text Area Handling Memory Corruption A memory corruption flaw exists in Google Chrome. The program fails to sanitize user-supplied input when processing large text areas, resulting in memory corruption. With a specially crafted HTML document, a context-dependent attacker can cause a denial of service, or possibly have other unspecified impact. |
69163 | Google Chrome Text Editing Use-after-free Remote DoS Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when a use-after-free error related to text editing is exploited to cause a denial of service. |
68843 | Google Chrome Stale Element Map Handling DoS Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program fails to properly handle stale elements in element maps, allowing a remote attacker to cause a denial of service. |
68808 | OCF Resource Agents Multiple Scripts LD_LIBRARY_PATH Zero-length Directory Na... |
68789 | lastfm LD_LIBRARY_PATH Zero-length Directory Name Path Subversion Local Privi... |
68366 | Qt Creator LD_LIBRARY_PATH Zero-length Directory Name Path Subversion Local P... Qt Creator contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the program places a zero-length directory name in the LD_LIBRARY_PATH, allowing a local attacker to gain elevated privileges via a path subversion vulnerability. |
67962 | Apple Safari WebKit Floating Point Data Crafted HTML Document Handling Arbitr... Apple Safari WebKit contains an input validation flaw related to WebKit's handling of floating point data types. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code via a crafted HTML document. |
67933 | Apple iOS WebKit on iPhone / iPod Scrollbar Use-after-free Arbitrary Code Exe... |
67932 | Apple iOS WebKit on iPhone / iPod Menu Arbitrary Code Execution |
67930 | Apple iOS WebKit on iPhone / iPod Selections Use-after-free Arbitrary Code Ex... |
67867 | Google Chrome Image Read Access Restriction Same Origin Policy Bypass Remote ... |
67865 | Google Chrome Focus Handling Stale Pointer Memory Corruption |
67863 | Google Chrome Counter Node Handling Unspecified Memory Corruption |
66857 | Apple Safari WebKit SVG Document Multiple Element Use-after-free Arbitrary Co... Apple Safari WebKit contains a use-after-free flaw related to WebKit's handling of "font-face" and "use" elements in SVG documents. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code. |
66856 | Apple Safari WebKit Crafted Regular Expression Arbitrary Code Execution Apple Safari WebKit contains a memory corruption flaw related to WebKit's handling of regular expressions. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code. |
66855 | Apple Safari Webkit JavaScript Array Index Integer Signedness Arbitrary Code ... Apple Safari Webkit contains an integer signedness flaw related to WebKit's handling of JavaScript arrays. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code. |
66854 | Apple Safari WebKit JIT Compiled JavaScript Stub Reentrancy Issue Arbitrary C... Apple Safari WebKit contains a reentrancy issue related to the WebKit's handling of just-in-time compiled JavaScript stubs. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code. |
66852 | Apple Safari Webkit SVG Document Use Element Arbitrary Code Execution Apple Safari Webkit contains a memory corruption flaw related to WebKit's handling of 'use' elements in SVG documents. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code. |
66851 | Apple Safari WebKit SVG Document Floating Element Arbitrary Code Execution Apple Safari WebKit contains a memory corruption flaw related to WebKit's handling of floating elements in SVG documents. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code. |
66850 | Apple Safari WebKit SVG Document foreignObject Element Use-after-free Arbitra... Apple Safari WebKit contains a use-after-free flaw related to WebKit's handling of foreignObject elements in SVG documents. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code. |
66849 | Apple Safari WebKit SVG Text Multiple Pseudo-elements Crafted Document Arbitr... Apple Safari WebKit contains an uninitialized memory access flaw related to WebKit's handling of the :first-letter and :first-line pseudo-elements in SVG text elements. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code. |
66848 | Apple Safari WebKit CSS Implementation Counters Functionality Crafted HTML Do... Apple Safari WebKit contains a memory corruption flaw related to WebKit's handling of CSS counters. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code via a crafted HTML document. |
66847 | Apple Safari WebKit Text Node Dynamic Modification Arbitrary Code Execution Apple Safari WebKit contains a memory corruption flaw related to WebKit's handling of dynamic modifications to text nodes. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code via a crafted HTML document. |
66846 | Apple Safari WebKit Inline Element Rendering Arbitrary Code Execution Apple Safari WebKit contains a memory corruption flaw related to WebKit's rendering of inline elements. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code. |
66845 | Apple Safari WebKit Element Focus Use-after-free Arbitrary Code Execution Apple Safari WebKit contains a use-after-free flaw related to WebKit's handling of element focus. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code. |
66753 | LVM2 clvmd Abstract Socket Credential Check Weakness Local Privilege Escalation |
66748 | Google Chrome Rendering Implementation Unspecified Remote DoS |
65798 | IBM WebSphere Application Server (WAS) Administration Console Unspecified XSS... |
60563 | PEAR Mail Mail/sendmail.php $recipients Parameter Arbitrary File Write |
60322 | PEAR Mail Sendmail Mail::Send() Function from Parameter Arbitrary Argument Co... |
39601 | Racer Client/Server UDP Packet Handling Remote Overflow A remote overflow exists in Racer v0.5.3beta5. The game fails to verify buffer lengths resulting in a stack overflow. With a specially crafted request, a remote attacker can execute arbitrary code resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Google Chrome Uninitialized bug_report Pointer Code Execution RuleID : 19217 - Revision : 14 - Type : BROWSER-CHROME |
2014-01-10 | Google Chrome Uninitialized bug_report Pointer Code Execution RuleID : 19216 - Revision : 14 - Type : BROWSER-CHROME |
2014-01-10 | Apple Safari WebKit menu onchange memory corruption attempt RuleID : 19010 - Revision : 10 - Type : BROWSER-WEBKIT |
2014-01-10 | Apple Safari WebKit menu onchange memory corruption attempt RuleID : 19009 - Revision : 8 - Type : BROWSER-WEBKIT |
2014-01-10 | Apple Safari Webkit floating point conversion memory corruption attempt RuleID : 19008 - Revision : 10 - Type : BROWSER-WEBKIT |
2014-01-10 | Apple Safari Webkit removeAllRanges use-after-free attempt RuleID : 18995 - Revision : 8 - Type : BROWSER-WEBKIT |
2014-01-10 | Apple Safari WebKit Rendering Counter Code Execution RuleID : 18903 - Revision : 10 - Type : BROWSER-WEBKIT |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_libsoup_20120918.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-09.nasl - Type : ACT_GATHER_INFO |
2014-06-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-34.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-182.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_gdm-110330.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libsoup-2_4-1-110729.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libwebkit-100920.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libwebkit-110104.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libwebkit-110223.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_rsync-110404.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_vino-110509.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_xorg-x11-110405.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_gdm-110330.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kdelibs4-111010.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libsoup-2_4-1-110729.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_rsync-110404.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_vino-110509.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_xorg-x11-110405.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0567.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0177.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2011-0390.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0395.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0432.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2011-0433.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0486.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1102.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1364.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1385.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-0169.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-0169.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0567.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1000.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1580.nasl - Type : ACT_GATHER_INFO |
2013-01-23 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130121_vino_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-01-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0169.nasl - Type : ACT_GATHER_INFO |
2012-08-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_07234e78e89911e1b38d0023ae8e59f0.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100728_lvm2_cluster_lvm2_for_SL5.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110125_webkitgtk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110216_rgmanager_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110329_gdm_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110329_rsync_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110411_xorg_x11_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110411_xorg_x11_server_utils_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110504_xmlsec1_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110721_rgmanager_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110728_libsoup_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111011_kdelibs_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111019_kdelibs_and_kdelibs3_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20111206_php_pear_on_SL6.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111206_resource_agents_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-04-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-120309.nasl - Type : ACT_GATHER_INFO |
2012-03-26 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-036.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2408.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2369.nasl - Type : ACT_GATHER_INFO |
2011-12-16 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-187.nasl - Type : ACT_GATHER_INFO |
2011-12-15 | Name : The remote Fedora host is missing a security update. File : fedora_2011-14756.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote Fedora host is missing a security update. File : fedora_2011-14719.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_vino-7531.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xorg-x11-7416.nasl - Type : ACT_GATHER_INFO |
2011-12-06 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1741.nasl - Type : ACT_GATHER_INFO |
2011-11-02 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-162.nasl - Type : ACT_GATHER_INFO |
2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1248-1.nasl - Type : ACT_GATHER_INFO |
2011-10-24 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_6d21a287fce011e0a82800235a5f2c9a.nasl - Type : ACT_GATHER_INFO |
2011-10-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-18.nasl - Type : ACT_GATHER_INFO |
2011-10-20 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1385.nasl - Type : ACT_GATHER_INFO |
2011-10-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1385.nasl - Type : ACT_GATHER_INFO |
2011-10-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1364.nasl - Type : ACT_GATHER_INFO |
2011-10-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-13417.nasl - Type : ACT_GATHER_INFO |
2011-09-26 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9820.nasl - Type : ACT_GATHER_INFO |
2011-09-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2011-1000.nasl - Type : ACT_GATHER_INFO |
2011-08-24 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1195-1.nasl - Type : ACT_GATHER_INFO |
2011-08-08 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9763.nasl - Type : ACT_GATHER_INFO |
2011-08-08 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libsoup-110731.nasl - Type : ACT_GATHER_INFO |
2011-07-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1102.nasl - Type : ACT_GATHER_INFO |
2011-07-29 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1181-1.nasl - Type : ACT_GATHER_INFO |
2011-07-26 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8076.nasl - Type : ACT_GATHER_INFO |
2011-07-26 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8087.nasl - Type : ACT_GATHER_INFO |
2011-07-21 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_9a777c23b31011e0832d00215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2011-07-12 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1166-1.nasl - Type : ACT_GATHER_INFO |
2011-06-30 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8405.nasl - Type : ACT_GATHER_INFO |
2011-06-29 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_webkit-1_2_7-update-110622.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1124-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1126-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1126-2.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1128-1.nasl - Type : ACT_GATHER_INFO |
2011-06-12 | Name : The remote Fedora host is missing a security update. File : fedora_2011-4879.nasl - Type : ACT_GATHER_INFO |
2011-06-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2254.nasl - Type : ACT_GATHER_INFO |
2011-06-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_vino-110518.nasl - Type : ACT_GATHER_INFO |
2011-06-09 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_vino-7532.nasl - Type : ACT_GATHER_INFO |
2011-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2011-086-03.nasl - Type : ACT_GATHER_INFO |
2011-05-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2238.nasl - Type : ACT_GATHER_INFO |
2011-05-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6773.nasl - Type : ACT_GATHER_INFO |
2011-05-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6778.nasl - Type : ACT_GATHER_INFO |
2011-05-17 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-087.nasl - Type : ACT_GATHER_INFO |
2011-05-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libwebkit-110223.nasl - Type : ACT_GATHER_INFO |
2011-05-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_vino-110509.nasl - Type : ACT_GATHER_INFO |
2011-05-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0486.nasl - Type : ACT_GATHER_INFO |
2011-05-06 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_rsync-110404.nasl - Type : ACT_GATHER_INFO |
2011-05-06 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_rsync-110404.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0486.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libwebkit-110111.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_xorg-x11-110405.nasl - Type : ACT_GATHER_INFO |
2011-04-22 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-076.nasl - Type : ACT_GATHER_INFO |
2011-04-20 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0432.nasl - Type : ACT_GATHER_INFO |
2011-04-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2219.nasl - Type : ACT_GATHER_INFO |
2011-04-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-4984.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2011-0433.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote Fedora host is missing a security update. File : fedora_2011-4351.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote Fedora host is missing a security update. File : fedora_2011-4871.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_2eccb24f61c011e0b1990015f2db7bde.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12700.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xorg-x11-7417.nasl - Type : ACT_GATHER_INFO |
2011-04-12 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2011-096-01.nasl - Type : ACT_GATHER_INFO |
2011-04-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0432.nasl - Type : ACT_GATHER_INFO |
2011-04-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0433.nasl - Type : ACT_GATHER_INFO |
2011-04-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2213.nasl - Type : ACT_GATHER_INFO |
2011-04-11 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-070.nasl - Type : ACT_GATHER_INFO |
2011-04-08 | Name : The remote Fedora host is missing a security update. File : fedora_2011-4413.nasl - Type : ACT_GATHER_INFO |
2011-04-08 | Name : The remote Fedora host is missing a security update. File : fedora_2011-4427.nasl - Type : ACT_GATHER_INFO |
2011-04-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-110323.nasl - Type : ACT_GATHER_INFO |
2011-04-07 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1107-1.nasl - Type : ACT_GATHER_INFO |
2011-04-06 | Name : The remote Fedora host is missing a security update. File : fedora_2011-4389.nasl - Type : ACT_GATHER_INFO |
2011-04-06 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-066.nasl - Type : ACT_GATHER_INFO |
2011-04-05 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-063.nasl - Type : ACT_GATHER_INFO |
2011-04-04 | Name : The remote Fedora host is missing a security update. File : fedora_2011-4335.nasl - Type : ACT_GATHER_INFO |
2011-03-31 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1099-1.nasl - Type : ACT_GATHER_INFO |
2011-03-30 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_c6fbd44759ed11e08d040015f2db7bde.nasl - Type : ACT_GATHER_INFO |
2011-03-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2205.nasl - Type : ACT_GATHER_INFO |
2011-03-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0390.nasl - Type : ACT_GATHER_INFO |
2011-03-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0395.nasl - Type : ACT_GATHER_INFO |
2011-03-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2188.nasl - Type : ACT_GATHER_INFO |
2011-03-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-039.nasl - Type : ACT_GATHER_INFO |
2011-02-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2164.nasl - Type : ACT_GATHER_INFO |
2011-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1224.nasl - Type : ACT_GATHER_INFO |
2011-02-16 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1065-1.nasl - Type : ACT_GATHER_INFO |
2011-02-11 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_35ecdcbe350111e0afcd0015f2db7bde.nasl - Type : ACT_GATHER_INFO |
2011-01-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0177.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_lvm2-clvm2-100820.nasl - Type : ACT_GATHER_INFO |
2011-01-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2147.nasl - Type : ACT_GATHER_INFO |
2011-01-13 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_8_0_552_237.nasl - Type : ACT_GATHER_INFO |
2011-01-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0121.nasl - Type : ACT_GATHER_INFO |
2011-01-03 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_06a12e26142e11e0bea20015f2db7bde.nasl - Type : ACT_GATHER_INFO |
2010-12-14 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_8_0_552_224.nasl - Type : ACT_GATHER_INFO |
2010-12-03 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_8_0_552_215.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_lvm2-100730.nasl - Type : ACT_GATHER_INFO |
2010-11-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-241.nasl - Type : ACT_GATHER_INFO |
2010-11-18 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari5_0_3.nasl - Type : ACT_GATHER_INFO |
2010-11-18 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_5_0_3.nasl - Type : ACT_GATHER_INFO |
2010-11-05 | Name : The remote Fedora host is missing a security update. File : fedora_2010-16762.nasl - Type : ACT_GATHER_INFO |
2010-11-04 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_7_0_517_44.nasl - Type : ACT_GATHER_INFO |
2010-11-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-16605.nasl - Type : ACT_GATHER_INFO |
2010-11-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-16622.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_php5-pear-mail-101022.nasl - Type : ACT_GATHER_INFO |
2010-10-21 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_e5090d2adbbe11df82f80015f2db7bde.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15957.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15982.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_7_0_517_41.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1006-1.nasl - Type : ACT_GATHER_INFO |
2010-10-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1001-1.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-193.nasl - Type : ACT_GATHER_INFO |
2010-09-28 | Name : The remote application server is affected by multiple vulnerabilities. File : websphere_6_1_0_33.nasl - Type : ACT_GATHER_INFO |
2010-09-27 | Name : The remote Fedora host is missing a security update. File : fedora_2010-12250.nasl - Type : ACT_GATHER_INFO |
2010-09-21 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14419.nasl - Type : ACT_GATHER_INFO |
2010-09-16 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14409.nasl - Type : ACT_GATHER_INFO |
2010-09-16 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_lvm2-100812.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-13708.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_9bcfd7b6bcda11df9a6a0015f2db7bde.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari5_0_2.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_5_0_2.nasl - Type : ACT_GATHER_INFO |
2010-09-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-171.nasl - Type : ACT_GATHER_INFO |
2010-09-02 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13239.nasl - Type : ACT_GATHER_INFO |
2010-09-02 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_6_0_472_53.nasl - Type : ACT_GATHER_INFO |
2010-09-02 | Name : The remote host contains an application that has multiple vulnerabilities. File : itunes_10_0.nasl - Type : ACT_GATHER_INFO |
2010-09-02 | Name : The remote host contains a multimedia application that has multiple vulnerabi... File : itunes_10_0_banner.nasl - Type : ACT_GATHER_INFO |
2010-08-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2095.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0567.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari5_0_1.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_5_0_1.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_5_0_375_125.nasl - Type : ACT_GATHER_INFO |
2010-06-22 | Name : The remote application server is affected by multiple vulnerabilities. File : websphere_7_0_0_11.nasl - Type : ACT_GATHER_INFO |
2010-01-26 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-025.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote Fedora host is missing a security update. File : fedora_2009-12348.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote Fedora host is missing a security update. File : fedora_2009-12395.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote Fedora host is missing a security update. File : fedora_2009-12439.nasl - Type : ACT_GATHER_INFO |
1999-11-05 | Name : The remote web server is affected by a directory traversal vulnerability. File : web_traversal.nasl - Type : ACT_ATTACK |
Alert History
Date | Informations |
---|---|
2014-12-16 13:25:43 |
|
2014-12-12 05:26:35 |
|