Executive Summary
Summary | |
---|---|
Title | HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access |
Informations | |||
---|---|---|---|
Name | HPSBMA02492 SSRT100079 | First vendor Publication | 2010-04-20 |
Vendor | HP | Last vendor Modification | 2010-04-20 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) for Linux and Windows. These vulnerabilities could be exploited remotely to allow cross site scripting (XSS), Denial of Service (DoS), execution of arbitrary code, and unauthorized access. |
Original Source
Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
22 % | CWE-476 | NULL Pointer Dereference |
22 % | CWE-399 | Resource Management Errors |
22 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
22 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
11 % | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory Leak') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10740 | |||
Oval ID: | oval:org.mitre.oval:def:10740 | ||
Title: | The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug." | ||
Description: | The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1387 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11179 | |||
Oval ID: | oval:org.mitre.oval:def:11179 | ||
Title: | ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello. | ||
Description: | ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1386 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11309 | |||
Oval ID: | oval:org.mitre.oval:def:11309 | ||
Title: | Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak." | ||
Description: | Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1378 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13721 | |||
Oval ID: | oval:org.mitre.oval:def:13721 | ||
Title: | DSA-1888-1 openssl, openssl097 -- cryptographic weakness | ||
Description: | Certificates with MD2 hash signatures are no longer accepted by OpenSSL, since they’re no longer considered cryptographically secure. For the stable distribution, this problem has been fixed in version 0.9.8g-15+lenny5. For the old stable distribution, this problem has been fixed in version 0.9.8c-4etch9 for openssl and version 0.9.7k-3.1etch5 for openssl097. The OpenSSL 0.9.8 update for oldstable also provides updated packages for multiple denial of service vulnerabilities in the Datagram Transport Layer Security implementation. These fixes were already provided for Debian stable in a previous point update. The OpenSSL 0.9.7 package from oldstable is not affected. For the unstable distribution, this problem has been fixed in version 0.9.8k-5. We recommend that you upgrade your openssl packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1888-1 CVE-2009-2409 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | openssl openssl097 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13891 | |||
Oval ID: | oval:org.mitre.oval:def:13891 | ||
Title: | USN-792-1 -- openssl vulnerabilities | ||
Description: | It was discovered that OpenSSL did not limit the number of DTLS records it would buffer when they arrived with a future epoch. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. It was discovered that OpenSSL did not properly free memory when processing DTLS fragments. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. It was discovered that OpenSSL did not properly handle certain server certificates when processing DTLS packets. A remote DTLS server could cause a denial of service by sending a message containing a specially crafted server certificate. It was discovered that OpenSSL did not properly handle a DTLS ChangeCipherSpec packet when it occured before ClientHello. A remote attacker could cause a denial of service by sending a specially crafted request. It was discovered that OpenSSL did not properly handle out of sequence DTLS handshake messages. A remote attacker could cause a denial of service by sending a specially crafted request | ||
Family: | unix | Class: | patch |
Reference(s): | USN-792-1 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 9.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17828 | |||
Oval ID: | oval:org.mitre.oval:def:17828 | ||
Title: | USN-673-1 -- libxml2 vulnerabilities | ||
Description: | Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-673-1 CVE-2008-4225 CVE-2008-4226 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 Ubuntu 8.10 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18412 | |||
Oval ID: | oval:org.mitre.oval:def:18412 | ||
Title: | DSA-1666-1 libxml2 - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the GNOME XML library. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1666-1 CVE-2008-4225 CVE-2008-4226 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libxml2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22735 | |||
Oval ID: | oval:org.mitre.oval:def:22735 | ||
Title: | ELSA-2008:0988: libxml2 security update (Important) | ||
Description: | Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0988-01 CVE-2008-4225 CVE-2008-4226 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | libxml2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22755 | |||
Oval ID: | oval:org.mitre.oval:def:22755 | ||
Title: | ELSA-2009:1335: openssl security, bug fix, and enhancement update (Moderate) | ||
Description: | The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1335-02 CVE-2006-7250 CVE-2009-0590 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 | Version: | 33 |
Platform(s): | Oracle Linux 5 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24227 | |||
Oval ID: | oval:org.mitre.oval:def:24227 | ||
Title: | Vulnerability in OpenSSL 0.9.8k and earlier 0.9.8 versions, allows remote attackers to cause a denial of service (memory consumption) | ||
Description: | The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1377 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24700 | |||
Oval ID: | oval:org.mitre.oval:def:24700 | ||
Title: | Vulnerability in OpenSSL before 1.0.0 Beta 2, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) | ||
Description: | The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1387 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25108 | |||
Oval ID: | oval:org.mitre.oval:def:25108 | ||
Title: | Vulnerability in OpenSSL before 0.9.8i, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) | ||
Description: | ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1386 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25119 | |||
Oval ID: | oval:org.mitre.oval:def:25119 | ||
Title: | Vulnerability in OpenSSL 1.0.0 Beta 2, allows remote attackers to cause a denial of service (openssl s_client crash) | ||
Description: | Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1379 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28749 | |||
Oval ID: | oval:org.mitre.oval:def:28749 | ||
Title: | RHSA-2009:1335 -- openssl security, bug fix, and enhancement update (Moderate) | ||
Description: | Updated openssl packages that fix several security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength general purpose cryptography library. Datagram TLS (DTLS) is a protocol based on TLS that is capable of securing datagram transport (for example, UDP). | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1335 CESA-2009:1335-CentOS 5 CVE-2006-7250 CVE-2009-0590 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29306 | |||
Oval ID: | oval:org.mitre.oval:def:29306 | ||
Title: | RHSA-2008:0988 -- libxml2 security update (Important) | ||
Description: | Updated libxml2 packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libxml2 is a library for parsing and manipulating XML files. It includes support for reading, modifying, and writing XML and HTML files. An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-4226) A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. (CVE-2008-4225) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0988 CESA-2008:0988-CentOS 5 CESA-2008:0988-CentOS 3 CESA-2008:0988-CentOS 2 CVE-2008-4225 CVE-2008-4226 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 5 CentOS Linux 3 CentOS Linux 2 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6219 | |||
Oval ID: | oval:org.mitre.oval:def:6219 | ||
Title: | Security Vulnerabilities in the libxml2 Library Routines xmlSAX2Characters() May Lead to Arbitrary Code Execution or Denial of Service (DoS) | ||
Description: | Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4226 | Version: | 1 |
Platform(s): | Sun Solaris 9 Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6360 | |||
Oval ID: | oval:org.mitre.oval:def:6360 | ||
Title: | Libxml2 Integer Overflow in xmlSAX2Characters() May Let Remote Users Execute Arbitrary Code | ||
Description: | Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4226 | Version: | 3 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6683 | |||
Oval ID: | oval:org.mitre.oval:def:6683 | ||
Title: | OpenSSL DTLS Packets Multiple Denial of Service Vulnerabilities | ||
Description: | The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1377 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6848 | |||
Oval ID: | oval:org.mitre.oval:def:6848 | ||
Title: | OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Packet Denial of Service Vulnerability | ||
Description: | Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1379 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7229 | |||
Oval ID: | oval:org.mitre.oval:def:7229 | ||
Title: | OpenSSL DTLS Packets Multiple Denial of Service Vulnerabilities | ||
Description: | Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1378 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7469 | |||
Oval ID: | oval:org.mitre.oval:def:7469 | ||
Title: | OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability | ||
Description: | ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1386 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7592 | |||
Oval ID: | oval:org.mitre.oval:def:7592 | ||
Title: | OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Remote Denial of Service Vulnerability | ||
Description: | The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1387 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7803 | |||
Oval ID: | oval:org.mitre.oval:def:7803 | ||
Title: | DSA-1666 libxml2 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the GNOME XML library. The Common Vulnerabilities and Exposures project identifies the following problems: Drew Yao discovered that missing input sanitising in the xmlBufferResize() function may lead to an infinite loop, resulting in denial of service. Drew Yao discovered that an integer overflow in the xmlSAX2Characters() function may lead to denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1666 CVE-2008-4225 CVE-2008-4226 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9663 | |||
Oval ID: | oval:org.mitre.oval:def:9663 | ||
Title: | The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug." | ||
Description: | The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1377 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9744 | |||
Oval ID: | oval:org.mitre.oval:def:9744 | ||
Title: | Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. | ||
Description: | Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1379 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9888 | |||
Oval ID: | oval:org.mitre.oval:def:9888 | ||
Title: | Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||
Description: | Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4226 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2009-06-04 | OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit |
2009-05-18 | OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS |
OpenVAS Exploits
Date | Description |
---|---|
2012-06-21 | Name : PHP version smaller than 5.2.7 File : nvt/nopsec_php_5_2_7.nasl |
2012-06-21 | Name : PHP version smaller than 5.2.8 File : nvt/nopsec_php_5_2_8.nasl |
2012-04-16 | Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates File : nvt/gb_VMSA-2010-0009.nasl |
2011-08-09 | Name : CentOS Update for openssl CESA-2009:1335 centos5 i386 File : nvt/gb_CESA-2009_1335_openssl_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for php CESA-2009:0338 centos5 i386 File : nvt/gb_CESA-2009_0338_php_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for php CESA-2009:0337 centos4 i386 File : nvt/gb_CESA-2009_0337_php_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for php CESA-2009:0337 centos3 i386 File : nvt/gb_CESA-2009_0337_php_centos3_i386.nasl |
2010-06-25 | Name : Fedora Update for openssl FEDORA-2010-9421 File : nvt/gb_fedora_2010_9421_openssl_fc11.nasl |
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2010-05-05 | Name : HP System Management Homepage Unspecified Vulnerability (Windows) File : nvt/gb_hp_smh_unspecified_vuln_win.nasl |
2010-05-05 | Name : HP System Management Homepage Unspecified Vulnerability (Linux) File : nvt/gb_hp_smh_unspecified_vuln_lin.nasl |
2010-04-19 | Name : Fedora Update for openssl FEDORA-2010-5357 File : nvt/gb_fedora_2010_5357_openssl_fc11.nasl |
2010-01-07 | Name : Gentoo Security Advisory GLSA 201001-03 (php) File : nvt/glsa_201001_03.nasl |
2009-12-14 | Name : Gentoo Security Advisory GLSA 200912-01 (openssl) File : nvt/glsa_200912_01.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:310 (openssl) File : nvt/mdksa_2009_310.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-22 | Name : HP-UX Update for Apache-based Web Server HPSBUX02465 File : nvt/gb_hp_ux_HPSBUX02465.nasl |
2009-10-13 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114014-24 File : nvt/gb_solaris_114014_24.nasl |
2009-10-13 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114015-24 File : nvt/gb_solaris_114015_24.nasl |
2009-10-13 | Name : Solaris Update for XML and XSLT libraries 125731-05 File : nvt/gb_solaris_125731_05.nasl |
2009-10-13 | Name : Solaris Update for XML and XSLT libraries 125732-05 File : nvt/gb_solaris_125732_05.nasl |
2009-10-13 | Name : SLES10: Security update for OpenSSL File : nvt/sles10_openssl2.nasl |
2009-10-13 | Name : SLES10: Security update for OpenSSL File : nvt/sles10_openssl0.nasl |
2009-10-13 | Name : SLES10: Security update for libxml2 File : nvt/sles10_libxml23.nasl |
2009-10-13 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php0.nasl |
2009-10-11 | Name : SLES11: Security update for OpenSSL File : nvt/sles11_libopenssl0_9_80.nasl |
2009-10-11 | Name : SLES11: Security update for OpenSSL File : nvt/sles11_libopenssl0_9_81.nasl |
2009-10-10 | Name : SLES9: Security update for libxml2 File : nvt/sles9p5038083.nasl |
2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5046240.nasl |
2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:237 (openssl) File : nvt/mdksa_2009_237.nasl |
2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:238 (openssl) File : nvt/mdksa_2009_238.nasl |
2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:239 (openssl) File : nvt/mdksa_2009_239.nasl |
2009-09-21 | Name : CentOS Security Advisory CESA-2009:1335 (openssl) File : nvt/ovcesa2009_1335.nasl |
2009-09-21 | Name : Debian Security Advisory DSA 1888-1 (openssl, openssl097) File : nvt/deb_1888_1.nasl |
2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1335 File : nvt/RHSA_2009_1335.nasl |
2009-08-17 | Name : Fedora Core 10 FEDORA-2009-8491 (libxml2) File : nvt/fcore_2009_8491.nasl |
2009-07-17 | Name : HP-UX Update for Apache Web Server Suite HPSBUX02431 File : nvt/gb_hp_ux_HPSBUX02431.nasl |
2009-07-06 | Name : SuSE Security Summary SUSE-SR:2009:012 File : nvt/suse_sr_2009_012.nasl |
2009-06-30 | Name : Ubuntu USN-792-1 (openssl) File : nvt/ubuntu_792_1.nasl |
2009-06-23 | Name : Fedora Core 9 FEDORA-2009-5423 (openssl) File : nvt/fcore_2009_5423.nasl |
2009-06-23 | Name : Fedora Core 10 FEDORA-2009-5412 (openssl) File : nvt/fcore_2009_5412.nasl |
2009-06-23 | Name : Fedora Core 11 FEDORA-2009-5452 (openssl) File : nvt/fcore_2009_5452.nasl |
2009-06-15 | Name : SuSE Security Summary SUSE-SR:2009:011 File : nvt/suse_sr_2009_011.nasl |
2009-06-12 | Name : Denial Of Service Vulnerability in OpenSSL June-09 (Linux) File : nvt/gb_openssl_dos_vuln_lin_jun09.nasl |
2009-06-05 | Name : Ubuntu USN-719-1 (libpam-krb5) File : nvt/ubuntu_719_1.nasl |
2009-06-05 | Name : FreeBSD Ports: opensll File : nvt/freebsd_opensll.nasl |
2009-06-05 | Name : Mandrake Security Advisory MDVSA-2009:120 (openssl) File : nvt/mdksa_2009_120.nasl |
2009-06-05 | Name : Fedora Core 9 FEDORA-2009-3848 (maniadrive) File : nvt/fcore_2009_3848.nasl |
2009-06-05 | Name : Fedora Core 10 FEDORA-2009-3768 (maniadrive) File : nvt/fcore_2009_3768.nasl |
2009-06-05 | Name : Ubuntu USN-720-1 (php5) File : nvt/ubuntu_720_1.nasl |
2009-06-05 | Name : Ubuntu USN-723-1 (git-core) File : nvt/ubuntu_723_1.nasl |
2009-06-05 | Name : Ubuntu USN-761-2 (php5) File : nvt/ubuntu_761_2.nasl |
2009-06-05 | Name : Ubuntu USN-767-1 (freetype) File : nvt/ubuntu_767_1.nasl |
2009-06-05 | Name : Ubuntu USN-769-1 (libwmf) File : nvt/ubuntu_769_1.nasl |
2009-06-05 | Name : Ubuntu USN-776-2 (kvm) File : nvt/ubuntu_776_2.nasl |
2009-06-03 | Name : Solaris Update for XML and XSLT libraries 125732-04 File : nvt/gb_solaris_125732_04.nasl |
2009-06-03 | Name : Solaris Update for XML and XSLT libraries 125731-04 File : nvt/gb_solaris_125731_04.nasl |
2009-06-03 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114015-22 File : nvt/gb_solaris_114015_22.nasl |
2009-06-03 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114014-22 File : nvt/gb_solaris_114014_22.nasl |
2009-05-28 | Name : OpenSSL DTLS Packets Multiple DOS Vulnerabilities (win) File : nvt/secpod_openssl_mult_dos_vuln_win.nasl |
2009-05-28 | Name : OpenSSL DTLS Packets Multiple Denial of Service Vulnerabilities (Linux) File : nvt/secpod_openssl_mult_dos_vuln_lin.nasl |
2009-05-11 | Name : Debian Security Advisory DSA 1789-1 (php5) File : nvt/deb_1789_1.nasl |
2009-04-28 | Name : Ubuntu USN-761-1 (php5) File : nvt/ubuntu_761_1.nasl |
2009-04-15 | Name : CentOS Security Advisory CESA-2009:0338 (php) File : nvt/ovcesa2009_0338.nasl |
2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0337 File : nvt/RHSA_2009_0337.nasl |
2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0350 File : nvt/RHSA_2009_0350.nasl |
2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0338 File : nvt/RHSA_2009_0338.nasl |
2009-04-15 | Name : CentOS Security Advisory CESA-2009:0337 (php) File : nvt/ovcesa2009_0337.nasl |
2009-04-09 | Name : Mandriva Update for libxml2 MDVSA-2008:231 (libxml2) File : nvt/gb_mandriva_MDVSA_2008_231.nasl |
2009-04-06 | Name : SuSE Security Summary SUSE-SR:2009:008 File : nvt/suse_sr_2009_008.nasl |
2009-03-23 | Name : Ubuntu Update for libxml2 vulnerabilities USN-673-1 File : nvt/gb_ubuntu_USN_673_1.nasl |
2009-03-20 | Name : FreeBSD Ports: php4-mbstring File : nvt/freebsd_php4-mbstring.nasl |
2009-03-07 | Name : Ubuntu USN-726-1 (curl) File : nvt/ubuntu_726_1.nasl |
2009-03-07 | Name : Ubuntu USN-726-2 (curl) File : nvt/ubuntu_726_2.nasl |
2009-03-07 | Name : Ubuntu USN-727-1 (network-manager-applet) File : nvt/ubuntu_727_1.nasl |
2009-03-07 | Name : Ubuntu USN-727-2 (network-manager) File : nvt/ubuntu_727_2.nasl |
2009-03-07 | Name : Mandrake Security Advisory MDVSA-2009:065 (php4) File : nvt/mdksa_2009_065.nasl |
2009-03-06 | Name : RedHat Update for libxml2 RHSA-2008:0988-01 File : nvt/gb_RHSA-2008_0988-01_libxml2.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0988 centos3 x86_64 File : nvt/gb_CESA-2008_0988_libxml2_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0988 centos4 i386 File : nvt/gb_CESA-2008_0988_libxml2_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0988 centos4 x86_64 File : nvt/gb_CESA-2008_0988_libxml2_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0988 centos3 i386 File : nvt/gb_CESA-2008_0988_libxml2_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0988-01 centos2 i386 File : nvt/gb_CESA-2008_0988-01_libxml2_centos2_i386.nasl |
2009-02-23 | Name : Mandrake Security Advisory MDVSA-2009:045 (php) File : nvt/mdksa_2009_045.nasl |
2009-02-18 | Name : SuSE Security Summary SUSE-SR:2009:004 File : nvt/suse_sr_2009_004.nasl |
2009-02-17 | Name : Fedora Update for libxml2 FEDORA-2008-9729 File : nvt/gb_fedora_2008_9729_libxml2_fc8.nasl |
2009-02-17 | Name : Fedora Update for libxml2 FEDORA-2008-9773 File : nvt/gb_fedora_2008_9773_libxml2_fc9.nasl |
2009-02-16 | Name : Fedora Update for libxml2 FEDORA-2008-10000 File : nvt/gb_fedora_2008_10000_libxml2_fc10.nasl |
2009-02-16 | Name : Fedora Update for namazu FEDORA-2008-2678 File : nvt/gb_fedora_2008_2678_namazu_fc7.nasl |
2009-02-16 | Name : Fedora Update for namazu FEDORA-2008-2767 File : nvt/gb_fedora_2008_2767_namazu_fc8.nasl |
2009-01-08 | Name : PHP display_errors Cross-Site Scripting Vulnerability File : nvt/gb_php_display_errors_xss_vuln.nasl |
2008-12-31 | Name : Heap-based buffer overflow in 'mbstring' extension for PHP File : nvt/secpod_php_mbstring_ext_bof_vuln.nasl |
2008-12-03 | Name : Gentoo Security Advisory GLSA 200812-06 (libxml2) File : nvt/glsa_200812_06.nasl |
2008-11-24 | Name : Debian Security Advisory DSA 1666-1 (libxml2) File : nvt/deb_1666_1.nasl |
2008-11-24 | Name : FreeBSD Ports: libxml2 File : nvt/freebsd_libxml21.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-324-01 libxml2 File : nvt/esoft_slk_ssa_2008_324_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-060-02 openssl File : nvt/esoft_slk_ssa_2010_060_02.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
64089 | HP System Management Homepage (SMH) Unspecified Data Modification |
55073 | OpenSSL ssl/s3_pkt.c DTLS ChangeCipherSpec Packet Handling Remote DoS |
55072 | OpenSSL ssl/d1_both.cdtls1_retrieve_buffered_fragment Function DTLS Handshake... |
54614 | OpenSSL ssl/d1_both.c dtls1_retrieve_buffered_fragment Function DTLS Packet H... |
54613 | OpenSSL ssl/d1_both.c dtls1_process_out_of_seq_message Function DTLS Record H... |
54612 | OpenSSL ssl/d1_pkt.c dtls1_buffer_record Function Buffered DTLS Record Handli... |
53532 | PHP Unspecified XSS |
51477 | PHP mbstring Extension ext/mbstring/libmbfl/filters/mbfilter_htmlent.c Multip... |
49993 | libxml2 xmlSAX2Characters() Function XML File Parsing Overflow |
43409 | Namazu namazu.cgi UTF-7 XSS |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-02-05 | IAVM : 2009-B-0006 - Multiple Vulnerabilities in VMware Severity : Category I - VMSKEY : V0018295 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-08 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2009-0018.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15348.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL9761.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0988.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0337.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0338.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 123924-11 File : solaris10_x86_123924.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 127680-07 File : solaris8_127680.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 127681-07 File : solaris9_127681.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 123922-11 File : solaris9_x86_123922.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 127682-07 File : solaris9_x86_127682.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1335.nasl - Type : ACT_GATHER_INFO |
2012-09-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-10038.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081117_libxml2_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090406_php_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090902_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-01-04 | Name : The remote server is affected by a denial of service vulnerability. File : openssl_0_9_8i.nasl - Type : ACT_GATHER_INFO |
2012-01-04 | Name : The remote server is affected by multiple vulnerabilities. File : openssl_0_9_8l.nasl - Type : ACT_GATHER_INFO |
2012-01-04 | Name : The remote server is affected by a denial of service vulnerability. File : openssl_1_0_0.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6847.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-239.nasl - Type : ACT_GATHER_INFO |
2010-06-01 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO |
2010-04-27 | Name : The remote web server has multiple vulnerabilities. File : hpsmh_6_0_0_95.nasl - Type : ACT_GATHER_INFO |
2010-03-05 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO |
2010-03-02 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-060-02.nasl - Type : ACT_GATHER_INFO |
2010-02-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201001-03.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1888.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-100215.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6846.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0338.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1335.nasl - Type : ACT_GATHER_INFO |
2009-12-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-310.nasl - Type : ACT_GATHER_INFO |
2009-12-02 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200912-01.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12286.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12382.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-090522.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_openssl-090610.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-5909.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libxml2-5755.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-6267.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-6296.nasl - Type : ACT_GATHER_INFO |
2009-09-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-238.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2009-0001.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-090114.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libopenssl-devel-090522.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libopenssl-devel-090609.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-090119.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libopenssl-devel-090522.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libopenssl-devel-090609.nasl - Type : ACT_GATHER_INFO |
2009-06-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-792-1.nasl - Type : ACT_GATHER_INFO |
2009-06-21 | Name : The remote Fedora host is missing a security update. File : fedora_2009-5412.nasl - Type : ACT_GATHER_INFO |
2009-06-21 | Name : The remote Fedora host is missing a security update. File : fedora_2009-5423.nasl - Type : ACT_GATHER_INFO |
2009-06-21 | Name : The remote Fedora host is missing a security update. File : fedora_2009-5452.nasl - Type : ACT_GATHER_INFO |
2009-06-18 | Name : The remote openSUSE host is missing a security update. File : suse_libopenssl-devel-6291.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari4_0.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_4.0.nasl - Type : ACT_GATHER_INFO |
2009-06-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-3768.nasl - Type : ACT_GATHER_INFO |
2009-06-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-3848.nasl - Type : ACT_GATHER_INFO |
2009-06-01 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_82b55df84d5a11de88110030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-05-27 | Name : The remote openSUSE host is missing a security update. File : suse_libopenssl-devel-6268.nasl - Type : ACT_GATHER_INFO |
2009-05-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-120.nasl - Type : ACT_GATHER_INFO |
2009-05-20 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_3_0_1_73.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-05-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1789.nasl - Type : ACT_GATHER_INFO |
2009-04-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-761-2.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0988.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-231.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-045.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris10_120954.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 123923-12 File : solaris10_123923.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120955-12 File : solaris10_x86_120955.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris8_120954.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 123920-12 File : solaris8_123920.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris9_120954.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 123921-12 File : solaris9_123921.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120955-12 File : solaris9_x86_120955.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-673-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-720-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-761-1.nasl - Type : ACT_GATHER_INFO |
2009-04-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0337.nasl - Type : ACT_GATHER_INFO |
2009-04-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0337.nasl - Type : ACT_GATHER_INFO |
2009-04-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0338.nasl - Type : ACT_GATHER_INFO |
2009-03-17 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a2074ac6124c11dea9640030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-02-06 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-5934.nasl - Type : ACT_GATHER_INFO |
2008-12-09 | Name : The remote web server uses a version of PHP that may be affected by multiple ... File : php_5_2_8.nasl - Type : ACT_GATHER_INFO |
2008-12-05 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_2_7.nasl - Type : ACT_GATHER_INFO |
2008-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200812-06.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-324-01.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9729.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9773.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_f1e0164eb67b11dda55e00163e000016.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote openSUSE host is missing a security update. File : suse_libxml2-5754.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libxml2-5756.nasl - Type : ACT_GATHER_INFO |
2008-11-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1666.nasl - Type : ACT_GATHER_INFO |
2008-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0988.nasl - Type : ACT_GATHER_INFO |
2008-08-22 | Name : The remote openSUSE host is missing a security update. File : suse_namazu-5523.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2678.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2767.nasl - Type : ACT_GATHER_INFO |
2007-06-04 | Name : The remote host is missing Sun Security Patch number 119467-17 File : solaris10_x86_119467.nasl - Type : ACT_GATHER_INFO |
2006-11-20 | Name : The remote host is missing Sun Security Patch number 123919-12 File : solaris7_123919.nasl - Type : ACT_GATHER_INFO |
2006-11-06 | Name : The remote host is missing Sun Security Patch number 119467-17 File : solaris9_x86_119467.nasl - Type : ACT_GATHER_INFO |