Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | HP System Management Homepage (SMH) Running on Linux, Windows, and VMware ESX, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code |
| Informations | |||
|---|---|---|---|
| Name | HPSBMU02786 SSRT100877 | First vendor Publication | 2012-06-26 |
| Vendor | HP | Last vendor Modification | 2013-05-08 |
| Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux, Windows, and VMware ESX. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. |
Original Source
| Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 29 % | CWE-399 | Resource Management Errors |
| 29 % | CWE-20 | Improper Input Validation |
| 10 % | CWE-415 | Double Free |
| 10 % | CWE-310 | Cryptographic Issues |
| 10 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
| 5 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 5 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 5 % | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:13526 | |||
| Oval ID: | oval:org.mitre.oval:def:13526 | ||
| Title: | USN-1153-1 -- libxml2 vulnerability | ||
| Description: | libxml2: GNOME XML library libxml2 could be made to crash or run programs as your login if it opened a specially crafted file. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1153-1 CVE-2011-1944 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | libxml2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13840 | |||
| Oval ID: | oval:org.mitre.oval:def:13840 | ||
| Title: | Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. | ||
| Description: | Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-2821 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:14410 | |||
| Oval ID: | oval:org.mitre.oval:def:14410 | ||
| Title: | Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | ||
| Description: | Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-2834 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:14797 | |||
| Oval ID: | oval:org.mitre.oval:def:14797 | ||
| Title: | DSA-2399-2 php5 -- several | ||
| Description: | A regression was found in the fix for PHP's XSLT transformations. Updated packages are now available to address this regression. For reference, the original advisory text follows. Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1938 The UNIX socket handling allowed attackers to trigger a buffer overflow via a long path name. CVE-2011-2483 The crypt_blowfish function did not properly handle 8-bit characters, which made it easier for attackers to determine a cleartext password by using knowledge of a password hash. CVE-2011-4566 When used on 32 bit platforms, the exif extension could be used to trigger an integer overflow in the exif_process_IFD_TAG function when processing a JPEG file. CVE-2011-4885 It was possible to trigger hash collisions predictably when parsing form parameters, which allows remote attackers to cause a denial of service by sending many crafted parameters. CVE-2012-0057 When applying a crafted XSLT transform, an attacker could write files to arbitrary places in the filesystem. NOTE: the fix for CVE-2011-2483 required changing the behaviour of this function: it is now incompatible with some old generated hashes for passwords containing 8-bit characters. See the package NEWS entry for details. This change has not been applied to the Lenny version of PHP. NOTE: at the time of release packages for some architectures are still being built. They will be installed into the archive as soon as they arrive. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2399-2 CVE-2011-1938 CVE-2011-2483 CVE-2011-4566 CVE-2011-4885 CVE-2012-0057 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | php5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15001 | |||
| Oval ID: | oval:org.mitre.oval:def:15001 | ||
| Title: | USN-1346-1 -- curl vulnerability | ||
| Description: | curl: HTTP, HTTPS, and FTP client and client libraries curl could be tricked into injecting arbitrary data if it handled a malicious URL. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1346-1 CVE-2012-0036 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.10 | Product(s): | curl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15005 | |||
| Oval ID: | oval:org.mitre.oval:def:15005 | ||
| Title: | DSA-2398-1 curl -- several | ||
| Description: | Several vulnerabilities have been discovered in Curl, an URL transfer library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-3389 This update enables OpenSSL workarounds against the "BEAST" attack | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2398-1 CVE-2011-3389 CVE-2012-0036 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | curl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15282 | |||
| Oval ID: | oval:org.mitre.oval:def:15282 | ||
| Title: | USN-1368-1 -- Apache HTTP Server vulnerabilities | ||
| Description: | apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1368-1 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | Apache |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15286 | |||
| Oval ID: | oval:org.mitre.oval:def:15286 | ||
| Title: | DSA-2390-1 openssl -- several | ||
| Description: | Several vulnerabilities were discovered in OpenSSL, an implementation of TLS and related protocols. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2011-4108 The DTLS implementation performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. CVE-2011-4109 A double free vulnerability when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to cause applications crashes and potentially allow execution of arbitrary code by triggering failure of a policy check. CVE-2011-4354 On 32-bit systems, the operations on NIST elliptic curves P-256 and P-384 are not correctly implemented, potentially leaking the private ECC key of a TLS server. CVE-2011-4576 The SSL 3.0 implementation does not properly initialise data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. CVE-2011-4619 The Server Gated Cryptography implementation in OpenSSL does not properly handle handshake restarts, unnecessarily simplifying CPU exhaustion attacks. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2390-1 CVE-2011-4108 CVE-2011-4109 CVE-2011-4354 CVE-2011-4576 CVE-2011-4619 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15306 | |||
| Oval ID: | oval:org.mitre.oval:def:15306 | ||
| Title: | DSA-2403-1 php5 -- code injection | ||
| Description: | Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2403-1 CVE-2012-0830 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | php5 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15373 | |||
| Oval ID: | oval:org.mitre.oval:def:15373 | ||
| Title: | DSA-2405-1 apache2 -- multiple issues | ||
| Description: | Several vulnerabilities have been found in the Apache HTTPD Server: CVE-2011-3607: An integer overflow in ap_pregsub could allow local attackers to execute arbitrary code at elevated privileges via crafted .htaccess files. CVE-2011-3368 CVE-2011-3639 CVE-2011-4317: The Apache HTTP Server did not properly validate the request URI for proxied requests. In certain reverse proxy configurations using the ProxyPassMatch directive or using the RewriteRule directive with the [P] flag, a remote attacker could make the proxy connect to an arbitrary server. The could allow the attacker to access internal servers that are not otherwise accessible from the outside. The three CVE ids denote slightly different variants of the same issue. Note that, even with this issue fixed, it is the responsibility of the administrator to ensure that the regular expression replacement pattern for the target URI does not allow a client to append arbitrary strings to the host or port parts of the target URI. This is a violation of the privilege separation between the apache2 processes and could potentially be used to worsen the impact of other vulnerabilities. CVE-2012-0053: The response message for error code 400 could be used to expose "httpOnly" cookies. This could allow a remote attacker using cross site scripting to steal authentication cookies. For the oldstable distribution, these problems have been fixed in version apache2 2.2.9-10+lenny12. For the stable distribution, these problems have been fixed in version apache2 2.2.16-6+squeeze6 For the testing distribution, these problems will be fixed in version 2.2.22-1. For the unstable distribution, these problems have been fixed in version 2.2.22-1. We recommend that you upgrade your apache2 packages. This update also contains updated apache2-mpm-itk packages which have been recompiled against the updated apache2 packages. The new version number | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2405-1 CVE-2011-3607 CVE-2011-3368 CVE-2011-3639 CVE-2011-4317 CVE-2012-0031 CVE-2012-0053 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | apache2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15401 | |||
| Oval ID: | oval:org.mitre.oval:def:15401 | ||
| Title: | DSA-2399-1 php5 -- several | ||
| Description: | Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1938 The UNIX socket handling allowed attackers to trigger a buffer overflow via a long path name. CVE-2011-2483 The crypt_blowfish function did not properly handle 8-bit characters, which made it easier for attackers to determine a cleartext password by using knowledge of a password hash. CVE-2011-4566 When used on 32 bit platforms, the exif extension could be used to trigger an integer overflow in the exif_process_IFD_TAG function when processing a JPEG file. CVE-2011-4885 It was possible to trigger hash collisions predictably when parsing form parameters, which allows remote attackers to cause a denial of service by sending many crafted parameters. CVE-2012-0057 When applying a crafted XSLT transform, an attacker could write files to arbitrary places in the filesystem. NOTE: the fix for CVE-2011-2483 required changing the behaviour of this function: it is now incompatible with some old generated hashes for passwords containing 8-bit characters. See the package NEWS entry for details. This change has not been applied to the Lenny version of PHP. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2399-1 CVE-2011-1938 CVE-2011-2483 CVE-2011-4566 CVE-2011-4885 CVE-2012-0057 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | php5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15412 | |||
| Oval ID: | oval:org.mitre.oval:def:15412 | ||
| Title: | DSA-2403-2 php5 -- code injection | ||
| Description: | Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code. This update adds packages | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2403-2 CVE-2012-0830 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | php5 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15500 | |||
| Oval ID: | oval:org.mitre.oval:def:15500 | ||
| Title: | USN-1357-1 -- OpenSSL vulnerabilities | ||
| Description: | openssl: Secure Socket Layer binary and related cryptographic tools Multiple vulnerabilities exist in OpenSSL that could expose sensitive information or cause applications to crash. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1357-1 CVE-2011-1945 CVE-2011-3210 CVE-2011-4108 CVE-2012-0050 CVE-2011-4109 CVE-2011-4354 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17864 | |||
| Oval ID: | oval:org.mitre.oval:def:17864 | ||
| Title: | USN-1437-1 -- php5 vulnerability | ||
| Description: | Standalone PHP CGI scripts could be made to execute arbitrary code with the privilege of the web server. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1437-1 CVE-2012-2311 CVE-2012-1823 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 Ubuntu 8.04 | Product(s): | php5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18001 | |||
| Oval ID: | oval:org.mitre.oval:def:18001 | ||
| Title: | DSA-2454-1 openssl - multiple | ||
| Description: | Multiple vulnerabilities have been found in OpenSSL. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2454-1 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2131 CVE-2011-4619 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19936 | |||
| Oval ID: | oval:org.mitre.oval:def:19936 | ||
| Title: | DSA-2454-2 openssl - incomplete fix | ||
| Description: | Multiple vulnerabilities have been found in OpenSSL. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2454-2 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2131 CVE-2011-4619 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20227 | |||
| Oval ID: | oval:org.mitre.oval:def:20227 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4619 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20262 | |||
| Oval ID: | oval:org.mitre.oval:def:20262 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-1165 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20390 | |||
| Oval ID: | oval:org.mitre.oval:def:20390 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4576 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20409 | |||
| Oval ID: | oval:org.mitre.oval:def:20409 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4108 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20495 | |||
| Oval ID: | oval:org.mitre.oval:def:20495 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4108 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20667 | |||
| Oval ID: | oval:org.mitre.oval:def:20667 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4577 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20756 | |||
| Oval ID: | oval:org.mitre.oval:def:20756 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4619 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20843 | |||
| Oval ID: | oval:org.mitre.oval:def:20843 | ||
| Title: | RHSA-2012:0128: httpd security update (Moderate) | ||
| Description: | protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0128-01 CESA-2012:0128 CVE-2011-3607 CVE-2011-3639 CVE-2011-4317 CVE-2012-0031 CVE-2012-0053 | Version: | 68 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | httpd |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20887 | |||
| Oval ID: | oval:org.mitre.oval:def:20887 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-4576 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:21189 | |||
| Oval ID: | oval:org.mitre.oval:def:21189 | ||
| Title: | RHSA-2012:0323: httpd security update (Moderate) | ||
| Description: | protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0323-01 CVE-2011-3607 CVE-2011-3639 CVE-2012-0031 CVE-2012-0053 | Version: | 55 |
| Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | httpd |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:21192 | |||
| Oval ID: | oval:org.mitre.oval:def:21192 | ||
| Title: | RHSA-2012:0059: openssl security update (Moderate) | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0059-01 CESA-2012:0059 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 | Version: | 55 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21279 | |||
| Oval ID: | oval:org.mitre.oval:def:21279 | ||
| Title: | RHSA-2012:0426: openssl security and bug fix update (Moderate) | ||
| Description: | The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0426-02 CESA-2012:0426 CVE-2012-0884 CVE-2012-1165 | Version: | 29 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21363 | |||
| Oval ID: | oval:org.mitre.oval:def:21363 | ||
| Title: | RHSA-2012:0060: openssl security update (Moderate) | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0060-01 CESA-2012:0060 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4619 | Version: | 55 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22943 | |||
| Oval ID: | oval:org.mitre.oval:def:22943 | ||
| Title: | DEPRECATED: ELSA-2012:0426: openssl security and bug fix update (Moderate) | ||
| Description: | The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0426-02 CVE-2012-0884 CVE-2012-1165 | Version: | 14 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22998 | |||
| Oval ID: | oval:org.mitre.oval:def:22998 | ||
| Title: | ELSA-2012:0323: httpd security update (Moderate) | ||
| Description: | protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0323-01 CVE-2011-3607 CVE-2011-3639 CVE-2012-0031 CVE-2012-0053 | Version: | 21 |
| Platform(s): | Oracle Linux 5 | Product(s): | httpd |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23401 | |||
| Oval ID: | oval:org.mitre.oval:def:23401 | ||
| Title: | ELSA-2012:0060: openssl security update (Moderate) | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0060-01 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4619 | Version: | 21 |
| Platform(s): | Oracle Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23729 | |||
| Oval ID: | oval:org.mitre.oval:def:23729 | ||
| Title: | ELSA-2012:0426: openssl security and bug fix update (Moderate) | ||
| Description: | The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0426-02 CVE-2012-0884 CVE-2012-1165 | Version: | 13 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23836 | |||
| Oval ID: | oval:org.mitre.oval:def:23836 | ||
| Title: | ELSA-2012:0128: httpd security update (Moderate) | ||
| Description: | protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0128-01 CVE-2011-3607 CVE-2011-3639 CVE-2011-4317 CVE-2012-0031 CVE-2012-0053 | Version: | 25 |
| Platform(s): | Oracle Linux 6 | Product(s): | httpd |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23859 | |||
| Oval ID: | oval:org.mitre.oval:def:23859 | ||
| Title: | ELSA-2012:0059: openssl security update (Moderate) | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0059-01 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 | Version: | 21 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24640 | |||
| Oval ID: | oval:org.mitre.oval:def:24640 | ||
| Title: | Vulnerability in OpenSSL before 0.9.8s and 1.x before 1.0.0f, might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer | ||
| Description: | The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-4576 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24730 | |||
| Oval ID: | oval:org.mitre.oval:def:24730 | ||
| Title: | Vulnerability in OpenSSL before 0.9.8s and 1.x before 1.0.0f, allows remote attackers to cause a denial of service (assertion failure) | ||
| Description: | OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-4577 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24765 | |||
| Oval ID: | oval:org.mitre.oval:def:24765 | ||
| Title: | Vulnerability in OpenSSL before 0.9.8s and 1.x before 1.0.0f, allows remote attackers to cause a denial of service (CPU consumption) | ||
| Description: | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-4619 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24768 | |||
| Oval ID: | oval:org.mitre.oval:def:24768 | ||
| Title: | OpenSSL vulnerability in before 0.9.8u and 1.x before 1.0.0h, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) | ||
| Description: | The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-1165 | Version: | 4 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24824 | |||
| Oval ID: | oval:org.mitre.oval:def:24824 | ||
| Title: | OpenSSL vulnerability in versions before 1.0.0f, allows remote attackers to cause a denial of service (daemon crash) | ||
| Description: | The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0027 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24936 | |||
| Oval ID: | oval:org.mitre.oval:def:24936 | ||
| Title: | Vulnerability in OpenSSL before 0.9.8s and 1.x before 1.0.0f, performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext | ||
| Description: | The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-4108 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25330 | |||
| Oval ID: | oval:org.mitre.oval:def:25330 | ||
| Title: | SUSE-SU-2014:0320-1 -- Security update for gnutls | ||
| Description: | The GnuTLS library received a critical security fix and other updates. | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:0320-1 CVE-2014-0092 CVE-2009-5138 CVE-2013-2116 CVE-2013-1619 CVE-2013-0169 CVE-2012-1569 CVE-2012-1573 CVE-2012-0390 CVE-2011-4108 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | gnutls |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25484 | |||
| Oval ID: | oval:org.mitre.oval:def:25484 | ||
| Title: | SUSE-SU-2013:0830-1 -- Security update for Apache | ||
| Description: | Apache2 has been updated to fix multiple security issues. | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2013:0830-1 CVE-2012-4557 CVE-2012-0883 CVE-2012-2687 CVE-2012-4558 CVE-2012-3499 CVE-2011-3368 CVE-2011-4317 CVE-2012-0021 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | Apache |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25561 | |||
| Oval ID: | oval:org.mitre.oval:def:25561 | ||
| Title: | SUSE-SU-2013:0389-1 -- Security update for Apache | ||
| Description: | This update fixes the following issues: * CVE-2012-4557: Denial of Service via special requests in mod_proxy_ajp * CVE-2012-0883: improper LD_LIBRARY_PATH handling * CVE-2012-2687: filename escaping problem | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2013:0389-1 CVE-2012-4557 CVE-2012-0883 CVE-2012-2687 CVE-2011-3368 CVE-2011-4317 CVE-2012-0021 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | Apache |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26047 | |||
| Oval ID: | oval:org.mitre.oval:def:26047 | ||
| Title: | SUSE-SU-2013:0469-1 -- Security update for apache2 | ||
| Description: | This Apache2 LTSS roll-up update for SUSE Linux Enterprise 10 SP3 LTSS fixes some security issues and bugs. | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2013:0469-1 CVE-2012-4557 CVE-2012-0883 CVE-2012-2687 CVE-2012-0031 CVE-2012-0053 CVE-2007-6750 CVE-2011-3639 CVE-2011-3368 CVE-2011-4317 CVE-2011-1473 CVE-2011-3607 CVE-2012-0021 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | apache2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27073 | |||
| Oval ID: | oval:org.mitre.oval:def:27073 | ||
| Title: | DEPRECATED: ELSA-2012-0059 -- openssl security update (moderate) | ||
| Description: | [1.0.0-20.1] - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0059 CVE-2011-4577 CVE-2011-4108 CVE-2011-4576 CVE-2011-4619 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27147 | |||
| Oval ID: | oval:org.mitre.oval:def:27147 | ||
| Title: | RHSA-2011:1749 -- libxml2 security and bug fix update (Low) | ||
| Description: | The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language (XPath), which is a language for addressing parts of an XML document. An off-by-one error, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XML files. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially-crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) Multiple flaws were found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially-crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Note: Red Hat does not ship any applications that use libxml2 in a way that would allow the CVE-2011-1944, CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, and CVE-2011-2834 flaws to be exploited; however, third-party applications may allow XPath expressions to be passed which could trigger these flaws. Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. This update also fixes the following bugs: * A number of patches have been applied to harden the XPath processing code in libxml2, such as fixing memory leaks, rounding errors, XPath numbers evaluations, and a potential error in encoding conversion. (BZ#732335) All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:1749 CVE-2010-4008 CVE-2010-4494 CVE-2011-0216 CVE-2011-1944 CVE-2011-2821 CVE-2011-2834 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | libxml2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27320 | |||
| Oval ID: | oval:org.mitre.oval:def:27320 | ||
| Title: | DEPRECATED: ELSA-2012-0323 -- httpd security update (moderate) | ||
| Description: | [2.2.3-63.0.1.el5_8.1] - Fix mod_ssl always performing full renegotiation (orabug 12423387) - replace index.html with Oracle's index page oracle_index.html - update vstring and distro in specfile [2.2.3-63.1] - add security fixes for CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 (#787596) - remove patch for CVE-2011-3638, obviated by fix for CVE-2011-3639 | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0323 CVE-2011-3607 CVE-2011-3639 CVE-2012-0031 CVE-2012-0053 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | httpd |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27726 | |||
| Oval ID: | oval:org.mitre.oval:def:27726 | ||
| Title: | DEPRECATED: ELSA-2012-0060 -- openssl security update (moderate) | ||
| Description: | [0.9.8e-20.1] - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4109 - double free in policy checks (#771771) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0060 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4619 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27745 | |||
| Oval ID: | oval:org.mitre.oval:def:27745 | ||
| Title: | DEPRECATED: ELSA-2012-0426 -- openssl security and bug fix update (moderate) | ||
| Description: | [1.0.0-20.3] - fix problem with the SGC restart patch that might terminate handshake incorrectly - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725) - fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0426 CVE-2012-0884 CVE-2012-1165 | Version: | 4 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27894 | |||
| Oval ID: | oval:org.mitre.oval:def:27894 | ||
| Title: | DEPRECATED: ELSA-2012-0128 -- httpd security update (moderate) | ||
| Description: | [2.2.15-15.0.1.el6_2.1] - replace index.html with Oracle's index page oracle_index.html update vstring in specfile [2.2.15-15.1] - add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 (#787598) - obviates fix for CVE-2011-3638, patch removed | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0128 CVE-2011-3607 CVE-2011-3639 CVE-2011-4317 CVE-2012-0031 CVE-2012-0053 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | httpd |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27925 | |||
| Oval ID: | oval:org.mitre.oval:def:27925 | ||
| Title: | DEPRECATED: ELSA-2012-0017 -- libxml2 security update (important) | ||
| Description: | [2.6.26-2.1.12.0.1.el5_7.2] - Add libxml2-enterprise.patch - Replaced docs/redhat.gif in tarball with updated image [2.6.26-2.1.12.el5_7.2] - Fix the semantic of XPath axis for namespace/attribute nodes CVE-2010-4008 - Fix an off by one error in encoding CVE-2011-0216 - Fix some potential problems on reallocation failures CVE-2011-1944 - Fix missing error status in XPath evaluation CVE-2011-2834 - Make sure the parser returns when getting a Stop order CVE-2011-3905 - Fix an allocation error when copying entities CVE-2011-3919.patch - Resolves: rhbz#771906 | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0017 CVE-2011-3905 CVE-2011-3919 CVE-2010-4008 CVE-2011-0216 CVE-2011-1944 CVE-2011-2834 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | libxml2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27942 | |||
| Oval ID: | oval:org.mitre.oval:def:27942 | ||
| Title: | ELSA-2011-1749 -- libxml2 security and bug fix update (low) | ||
| Description: | [2.7.6-4.0.1.el6] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.7.6-4] - Fixes another XPath problem CVE-2011-2834 - Resolves: rhbz#732335 [2.7.6-3] - Fixes various other issues in 2.7.6 XPath evaluation - Resolves: rhbz#732335 [2.7.6-2] - Fix a potential crasher in XPath or XSLT, CVE-2011-1944 - Resolves: rhbz#710397 | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-1749 CVE-2010-4008 CVE-2010-4494 CVE-2011-0216 CVE-2011-1944 CVE-2011-2821 CVE-2011-2834 | Version: | 3 |
| Platform(s): | Oracle Linux 6 | Product(s): | libxml2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:29070 | |||
| Oval ID: | oval:org.mitre.oval:def:29070 | ||
| Title: | DSA-2398-2 -- curl -- several vulnerabilities | ||
| Description: | Several vulnerabilities have been discovered in cURL, an URL transfer library. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2398-2 CVE-2011-3389 CVE-2012-0036 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | curl |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
SAINT Exploits
| Description | Link |
|---|---|
| PHP CGI Query String Parameters Command Execution | More info here |
ExploitDB Exploits
| id | Description |
|---|---|
| 2013-10-29 | Apache / PHP 5.x Remote Code Execution Exploit |
| 2013-06-05 | Plesk Apache Zeroday Remote Exploit |
| 2012-05-05 | PHP CGI Argument Injection Exploit |
| 2012-05-04 | PHP CGI Argument Injection |
| 2012-01-14 | PHP 5.3.8 Multiple Vulnerabilities |
| 2012-01-03 | PHP Hash Table Collision Proof Of Concept |
| 2012-01-01 | PHP Hashtables Denial of Service |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0426-1 (update) File : nvt/gb_suse_2012_0426_1.nasl |
| 2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0590-1 (update) File : nvt/gb_suse_2012_0590_1.nasl |
| 2012-10-03 | Name : Fedora Update for libxml2 FEDORA-2012-13824 File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl |
| 2012-09-27 | Name : Fedora Update for libxml2 FEDORA-2012-13820 File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl |
| 2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-03 (php) File : nvt/glsa_201209_03.nasl |
| 2012-09-25 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004) File : nvt/gb_macosx_su12-004.nasl |
| 2012-09-10 | Name : Slackware Advisory SSA:2012-041-01 httpd File : nvt/esoft_slk_ssa_2012_041_01.nasl |
| 2012-09-10 | Name : Slackware Advisory SSA:2012-041-02 php File : nvt/esoft_slk_ssa_2012_041_02.nasl |
| 2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
| 2012-08-30 | Name : Fedora Update for php FEDORA-2012-10936 File : nvt/gb_fedora_2012_10936_php_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for openssl FEDORA-2012-4630 File : nvt/gb_fedora_2012_4630_openssl_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for maniadrive FEDORA-2012-7628 File : nvt/gb_fedora_2012_7628_maniadrive_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for php FEDORA-2012-7628 File : nvt/gb_fedora_2012_7628_php_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for php FEDORA-2012-9490 File : nvt/gb_fedora_2012_9490_php_fc17.nasl |
| 2012-08-10 | Name : FreeBSD Ports: FreeBSD File : nvt/freebsd_FreeBSD19.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-25 (apache) File : nvt/glsa_201206_25.nasl |
| 2012-08-06 | Name : Fedora Update for php FEDORA-2012-10908 File : nvt/gb_fedora_2012_10908_php_fc16.nasl |
| 2012-08-03 | Name : Mandriva Update for openssl MDVSA-2012:007 (openssl) File : nvt/gb_mandriva_MDVSA_2012_007.nasl |
| 2012-08-03 | Name : Mandriva Update for openssl MDVSA-2012:038 (openssl) File : nvt/gb_mandriva_MDVSA_2012_038.nasl |
| 2012-08-03 | Name : Mandriva Update for curl MDVSA-2012:058 (curl) File : nvt/gb_mandriva_MDVSA_2012_058.nasl |
| 2012-08-03 | Name : Mandriva Update for php MDVSA-2012:065 (php) File : nvt/gb_mandriva_MDVSA_2012_065.nasl |
| 2012-08-03 | Name : Mandriva Update for php MDVSA-2012:068 (php) File : nvt/gb_mandriva_MDVSA_2012_068.nasl |
| 2012-08-03 | Name : Mandriva Update for php MDVSA-2012:068-1 (php) File : nvt/gb_mandriva_MDVSA_2012_068_1.nasl |
| 2012-08-02 | Name : SuSE Update for openssl openSUSE-SU-2012:0083-1 (openssl) File : nvt/gb_suse_2012_0083_1.nasl |
| 2012-08-02 | Name : SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2) File : nvt/gb_suse_2012_0314_1.nasl |
| 2012-07-30 | Name : CentOS Update for libxml2 CESA-2012:0016 centos4 File : nvt/gb_CESA-2012_0016_libxml2_centos4.nasl |
| 2012-07-30 | Name : CentOS Update for libxml2 CESA-2012:0017 centos5 File : nvt/gb_CESA-2012_0017_libxml2_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for php53 CESA-2012:0019 centos5 File : nvt/gb_CESA-2012_0019_php53_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for php CESA-2012:0019 centos6 File : nvt/gb_CESA-2012_0019_php_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for php CESA-2012:0033 centos5 File : nvt/gb_CESA-2012_0033_php_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2012:0059 centos6 File : nvt/gb_CESA-2012_0059_openssl_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2012:0060 centos5 File : nvt/gb_CESA-2012_0060_openssl_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for php CESA-2012:0071 centos4 File : nvt/gb_CESA-2012_0071_php_centos4.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2012:0086 centos4 File : nvt/gb_CESA-2012_0086_openssl_centos4.nasl |
| 2012-07-30 | Name : CentOS Update for php53 CESA-2012:0092 centos5 File : nvt/gb_CESA-2012_0092_php53_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for php CESA-2012:0093 centos4 File : nvt/gb_CESA-2012_0093_php_centos4.nasl |
| 2012-07-30 | Name : CentOS Update for php CESA-2012:0093 centos5 File : nvt/gb_CESA-2012_0093_php_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for php CESA-2012:0093 centos6 File : nvt/gb_CESA-2012_0093_php_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for httpd CESA-2012:0128 centos6 File : nvt/gb_CESA-2012_0128_httpd_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2012:0426 centos5 File : nvt/gb_CESA-2012_0426_openssl_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2012:0426 centos6 File : nvt/gb_CESA-2012_0426_openssl_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for php CESA-2012:0546 centos5 File : nvt/gb_CESA-2012_0546_php_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for php CESA-2012:0546 centos6 File : nvt/gb_CESA-2012_0546_php_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for php53 CESA-2012:0547 centos5 File : nvt/gb_CESA-2012_0547_php53_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for php CESA-2012:1045 centos5 File : nvt/gb_CESA-2012_1045_php_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for php CESA-2012:1046 centos6 File : nvt/gb_CESA-2012_1046_php_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for php53 CESA-2012:1047 centos5 File : nvt/gb_CESA-2012_1047_php53_centos5.nasl |
| 2012-07-13 | Name : VMSA-2012-0012 VMware ESXi update addresses several security issues. File : nvt/gb_VMSA-2012-0012.nasl |
| 2012-07-09 | Name : RedHat Update for libxml2 RHSA-2011:1749-03 File : nvt/gb_RHSA-2011_1749-03_libxml2.nasl |
| 2012-07-09 | Name : RedHat Update for openssl RHSA-2012:0059-01 File : nvt/gb_RHSA-2012_0059-01_openssl.nasl |
| 2012-07-09 | Name : RedHat Update for httpd RHSA-2012:0128-01 File : nvt/gb_RHSA-2012_0128-01_httpd.nasl |
| 2012-07-09 | Name : HP System Management Homepage Multiple Vulnerabilities - July 2012 File : nvt/gb_hp_smh_mult_vuln_july12.nasl |
| 2012-07-03 | Name : Fedora Update for php FEDORA-2012-9762 File : nvt/gb_fedora_2012_9762_php_fc16.nasl |
| 2012-06-28 | Name : RedHat Update for php RHSA-2012:1045-01 File : nvt/gb_RHSA-2012_1045-01_php.nasl |
| 2012-06-28 | Name : RedHat Update for php RHSA-2012:1046-01 File : nvt/gb_RHSA-2012_1046-01_php.nasl |
| 2012-06-28 | Name : RedHat Update for php53 RHSA-2012:1047-01 File : nvt/gb_RHSA-2012_1047-01_php53.nasl |
| 2012-06-14 | Name : PHP versoin < 5.3.9 File : nvt/nopsec_php_5_3_9.nasl |
| 2012-06-04 | Name : Fedora Update for openssl FEDORA-2012-8014 File : nvt/gb_fedora_2012_8014_openssl_fc16.nasl |
| 2012-06-04 | Name : Fedora Update for openssl FEDORA-2012-8024 File : nvt/gb_fedora_2012_8024_openssl_fc15.nasl |
| 2012-05-31 | Name : Debian Security Advisory DSA 2465-1 (php5) File : nvt/deb_2465_1.nasl |
| 2012-05-31 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php516.nasl |
| 2012-05-31 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php517.nasl |
| 2012-05-28 | Name : Fedora Update for maniadrive FEDORA-2012-7567 File : nvt/gb_fedora_2012_7567_maniadrive_fc15.nasl |
| 2012-05-28 | Name : Fedora Update for php-eaccelerator FEDORA-2012-7567 File : nvt/gb_fedora_2012_7567_php-eaccelerator_fc15.nasl |
| 2012-05-28 | Name : Fedora Update for php FEDORA-2012-7567 File : nvt/gb_fedora_2012_7567_php_fc15.nasl |
| 2012-05-28 | Name : Fedora Update for maniadrive FEDORA-2012-7586 File : nvt/gb_fedora_2012_7586_maniadrive_fc16.nasl |
| 2012-05-28 | Name : Fedora Update for php-eaccelerator FEDORA-2012-7586 File : nvt/gb_fedora_2012_7586_php-eaccelerator_fc16.nasl |
| 2012-05-28 | Name : Fedora Update for php FEDORA-2012-7586 File : nvt/gb_fedora_2012_7586_php_fc16.nasl |
| 2012-05-18 | Name : Mac OS X Multiple Vulnerabilities (2012-002) File : nvt/gb_macosx_su12-002.nasl |
| 2012-05-11 | Name : Fedora Update for openssl FEDORA-2012-6395 File : nvt/gb_fedora_2012_6395_openssl_fc15.nasl |
| 2012-05-08 | Name : RedHat Update for php RHSA-2012:0546-01 File : nvt/gb_RHSA-2012_0546-01_php.nasl |
| 2012-05-08 | Name : RedHat Update for php53 RHSA-2012:0547-01 File : nvt/gb_RHSA-2012_0547-01_php53.nasl |
| 2012-05-08 | Name : Ubuntu Update for php5 USN-1437-1 File : nvt/gb_ubuntu_USN_1437_1.nasl |
| 2012-05-04 | Name : PHP-CGI-based setups vulnerability when parsing query string parameters from ... File : nvt/gb_php_cgi_2012.nasl |
| 2012-04-30 | Name : Debian Security Advisory DSA 2454-1 (openssl) File : nvt/deb_2454_1.nasl |
| 2012-04-30 | Name : Fedora Update for openssl FEDORA-2012-6403 File : nvt/gb_fedora_2012_6403_openssl_fc16.nasl |
| 2012-04-26 | Name : Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability File : nvt/secpod_apache_http_srv_cookie_info_disc_vuln.nasl |
| 2012-04-20 | Name : Ubuntu Update for openssl USN-1424-1 File : nvt/gb_ubuntu_USN_1424_1.nasl |
| 2012-04-13 | Name : Fedora Update for openssl FEDORA-2012-4659 File : nvt/gb_fedora_2012_4659_openssl_fc15.nasl |
| 2012-04-12 | Name : PHP Security Bypass Vulnerability File : nvt/gb_php_51806.nasl |
| 2012-04-11 | Name : Fedora Update for openssl FEDORA-2012-4665 File : nvt/gb_fedora_2012_4665_openssl_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for php FEDORA-2011-13472 File : nvt/gb_fedora_2011_13472_php_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for openssl FEDORA-2012-0232 File : nvt/gb_fedora_2012_0232_openssl_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for maniadrive FEDORA-2012-0504 File : nvt/gb_fedora_2012_0504_maniadrive_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for php FEDORA-2012-0504 File : nvt/gb_fedora_2012_0504_php_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for openssl FEDORA-2012-0708 File : nvt/gb_fedora_2012_0708_openssl_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for curl FEDORA-2012-0894 File : nvt/gb_fedora_2012_0894_curl_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for maniadrive FEDORA-2012-1262 File : nvt/gb_fedora_2012_1262_maniadrive_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for php FEDORA-2012-1262 File : nvt/gb_fedora_2012_1262_php_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for httpd FEDORA-2012-1598 File : nvt/gb_fedora_2012_1598_httpd_fc16.nasl |
| 2012-03-29 | Name : RedHat Update for openssl RHSA-2012:0426-01 File : nvt/gb_RHSA-2012_0426-01_openssl.nasl |
| 2012-03-19 | Name : Fedora Update for php-eaccelerator FEDORA-2012-0504 File : nvt/gb_fedora_2012_0504_php-eaccelerator_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for php-eaccelerator FEDORA-2012-1262 File : nvt/gb_fedora_2012_1262_php-eaccelerator_fc16.nasl |
| 2012-03-12 | Name : Debian Security Advisory DSA 2408-1 (php5) File : nvt/deb_2408_1.nasl |
| 2012-03-12 | Name : Gentoo Security Advisory GLSA 201203-02 (cURL) File : nvt/glsa_201203_02.nasl |
| 2012-03-12 | Name : Gentoo Security Advisory GLSA 201203-12 (openssl) File : nvt/glsa_201203_12.nasl |
| 2012-03-07 | Name : Fedora Update for httpd FEDORA-2012-1642 File : nvt/gb_fedora_2012_1642_httpd_fc15.nasl |
| 2012-02-27 | Name : RedHat Update for httpd RHSA-2012:0323-01 File : nvt/gb_RHSA-2012_0323-01_httpd.nasl |
| 2012-02-21 | Name : Fedora Update for maniadrive FEDORA-2012-1301 File : nvt/gb_fedora_2012_1301_maniadrive_fc15.nasl |
| 2012-02-21 | Name : Fedora Update for php-eaccelerator FEDORA-2012-1301 File : nvt/gb_fedora_2012_1301_php-eaccelerator_fc15.nasl |
| 2012-02-21 | Name : Fedora Update for php FEDORA-2012-1301 File : nvt/gb_fedora_2012_1301_php_fc15.nasl |
| 2012-02-21 | Name : Ubuntu Update for php5 USN-1358-2 File : nvt/gb_ubuntu_USN_1358_2.nasl |
| 2012-02-21 | Name : Ubuntu Update for apache2 USN-1368-1 File : nvt/gb_ubuntu_USN_1368_1.nasl |
| 2012-02-13 | Name : Debian Security Advisory DSA 2405-1 (apache2) File : nvt/deb_2405_1.nasl |
| 2012-02-13 | Name : Fedora Update for curl FEDORA-2012-0888 File : nvt/gb_fedora_2012_0888_curl_fc15.nasl |
| 2012-02-13 | Name : Ubuntu Update for openssl USN-1357-1 File : nvt/gb_ubuntu_USN_1357_1.nasl |
| 2012-02-13 | Name : Ubuntu Update for php5 USN-1358-1 File : nvt/gb_ubuntu_USN_1358_1.nasl |
| 2012-02-12 | Name : Debian Security Advisory DSA 2398-1 (curl) File : nvt/deb_2398_1.nasl |
| 2012-02-12 | Name : Debian Security Advisory DSA 2399-1 (php5) File : nvt/deb_2399_1.nasl |
| 2012-02-12 | Name : Debian Security Advisory DSA 2399-2 (php5) File : nvt/deb_2399_2.nasl |
| 2012-02-12 | Name : Debian Security Advisory DSA 2403-1 (php5) File : nvt/deb_2403_1.nasl |
| 2012-02-12 | Name : Debian Security Advisory DSA 2403-2 (php5) File : nvt/deb_2403_2.nasl |
| 2012-02-12 | Name : FreeBSD Ports: apache File : nvt/freebsd_apache20.nasl |
| 2012-02-12 | Name : FreeBSD Ports: openssl File : nvt/freebsd_openssl5.nasl |
| 2012-02-12 | Name : FreeBSD Ports: openssl File : nvt/freebsd_openssl6.nasl |
| 2012-02-12 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php514.nasl |
| 2012-02-12 | Name : FreeBSD Ports: php5, php5-exif File : nvt/freebsd_php515.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-26 (libxml2) File : nvt/glsa_201110_26.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201111-01 (chromium v8) File : nvt/glsa_201111_01.nasl |
| 2012-02-11 | Name : Debian Security Advisory DSA 2390-1 (openssl) File : nvt/deb_2390_1.nasl |
| 2012-02-11 | Name : Debian Security Advisory DSA 2394-1 (libxml2) File : nvt/deb_2394_1.nasl |
| 2012-02-10 | Name : PHP 'php_register_variable_ex()' Remote Code Execution Vulnerability (Windows) File : nvt/gb_php_register_var_fun_arbitrary_code_exec_vuln_win.nasl |
| 2012-02-03 | Name : RedHat Update for openssl RHSA-2012:0086-01 File : nvt/gb_RHSA-2012_0086-01_openssl.nasl |
| 2012-02-03 | Name : RedHat Update for php53 RHSA-2012:0092-01 File : nvt/gb_RHSA-2012_0092-01_php53.nasl |
| 2012-02-03 | Name : RedHat Update for php RHSA-2012:0093-01 File : nvt/gb_RHSA-2012_0093-01_php.nasl |
| 2012-02-03 | Name : Mandriva Update for apache MDVSA-2012:012 (apache) File : nvt/gb_mandriva_MDVSA_2012_012.nasl |
| 2012-02-01 | Name : RedHat Update for php RHSA-2012:0071-01 File : nvt/gb_RHSA-2012_0071-01_php.nasl |
| 2012-02-01 | Name : Fedora Update for maniadrive FEDORA-2012-0420 File : nvt/gb_fedora_2012_0420_maniadrive_fc15.nasl |
| 2012-02-01 | Name : Fedora Update for php-eaccelerator FEDORA-2012-0420 File : nvt/gb_fedora_2012_0420_php-eaccelerator_fc15.nasl |
| 2012-02-01 | Name : Fedora Update for php FEDORA-2012-0420 File : nvt/gb_fedora_2012_0420_php_fc15.nasl |
| 2012-02-01 | Name : Mandriva Update for openssl MDVSA-2012:011 (openssl) File : nvt/gb_mandriva_MDVSA_2012_011.nasl |
| 2012-01-25 | Name : RedHat Update for openssl RHSA-2012:0060-01 File : nvt/gb_RHSA-2012_0060-01_openssl.nasl |
| 2012-01-25 | Name : Fedora Update for openssl FEDORA-2012-0702 File : nvt/gb_fedora_2012_0702_openssl_fc15.nasl |
| 2012-01-25 | Name : Ubuntu Update for curl USN-1346-1 File : nvt/gb_ubuntu_USN_1346_1.nasl |
| 2012-01-23 | Name : PHP Multiple Denial of Service Vulnerabilities (Windows) File : nvt/gb_php_mult_dos_vuln_win.nasl |
| 2012-01-20 | Name : RedHat Update for php RHSA-2012:0033-01 File : nvt/gb_RHSA-2012_0033-01_php.nasl |
| 2012-01-20 | Name : Mandriva Update for openssl MDVSA-2012:006 (openssl) File : nvt/gb_mandriva_MDVSA_2012_006.nasl |
| 2012-01-20 | Name : OpenSSL Multiple Vulnerabilities File : nvt/gb_openssl_51281.nasl |
| 2012-01-20 | Name : Ubuntu Update for libxml2 USN-1334-1 File : nvt/gb_ubuntu_USN_1334_1.nasl |
| 2012-01-16 | Name : Fedora Update for openssl FEDORA-2012-0250 File : nvt/gb_fedora_2012_0250_openssl_fc15.nasl |
| 2012-01-13 | Name : RedHat Update for libxml2 RHSA-2012:0016-01 File : nvt/gb_RHSA-2012_0016-01_libxml2.nasl |
| 2012-01-13 | Name : RedHat Update for libxml2 RHSA-2012:0017-01 File : nvt/gb_RHSA-2012_0017-01_libxml2.nasl |
| 2012-01-13 | Name : RedHat Update for php53 and php RHSA-2012:0019-01 File : nvt/gb_RHSA-2012_0019-01_php53_and_php.nasl |
| 2012-01-13 | Name : Mandriva Update for apache MDVSA-2012:003 (apache) File : nvt/gb_mandriva_MDVSA_2012_003.nasl |
| 2012-01-03 | Name : PHP Web Form Hash Collision Denial of Service Vulnerability (Win) File : nvt/gb_php_web_form_hash_collision_dos_vuln_win.nasl |
| 2012-01-02 | Name : Mandriva Update for php MDVSA-2011:197 (php) File : nvt/gb_mandriva_MDVSA_2011_197.nasl |
| 2011-11-15 | Name : Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability File : nvt/gb_apache_50639.nasl |
| 2011-11-08 | Name : Mandriva Update for php MDVSA-2011:166 (php) File : nvt/gb_mandriva_MDVSA_2011_166.nasl |
| 2011-11-08 | Name : PHP 'is_a()' Function Remote Arbitrary Code Execution Vulnerability (Windows) File : nvt/gb_php_is_a_fun_arbitrary_code_exec_vuln_win.nasl |
| 2011-10-20 | Name : Apple MAC OS X v10.6.8 Safari Multiple Vulnerabilities File : nvt/gb_safari_mult_vuln_macosx.nasl |
| 2011-10-12 | Name : PHP 'is_a()' Function Remote File Include Vulnerability File : nvt/gb_php_49754.nasl |
| 2011-10-10 | Name : Fedora Update for php FEDORA-2011-13446 File : nvt/gb_fedora_2011_13446_php_fc15.nasl |
| 2011-10-10 | Name : Fedora Update for php FEDORA-2011-13458 File : nvt/gb_fedora_2011_13458_php_fc14.nasl |
| 2011-10-10 | Name : Mandriva Update for libxml2 MDVSA-2011:145 (libxml2) File : nvt/gb_mandriva_MDVSA_2011_145.nasl |
| 2011-09-23 | Name : Google Chrome Multiple Vulnerabilities - Sep11 (Lin) File : nvt/secpod_google_chrome_mult_vuln_sep11_lin.nasl |
| 2011-09-23 | Name : Google Chrome Multiple Vulnerabilities - Sep11 (Mac OS X) File : nvt/secpod_google_chrome_mult_vuln_sep11_macosx.nasl |
| 2011-09-23 | Name : Google Chrome Multiple Vulnerabilities - Sep11 (Win) File : nvt/secpod_google_chrome_mult_vuln_sep11_win.nasl |
| 2011-09-07 | Name : Google Chrome multiple vulnerabilities - September11 (Linux) File : nvt/gb_google_chrome_mult_vuln_sep11_lin.nasl |
| 2011-09-07 | Name : Google Chrome multiple vulnerabilities - September11 (Mac OS X) File : nvt/gb_google_chrome_mult_vuln_sep11_macosx.nasl |
| 2011-09-07 | Name : Google Chrome multiple vulnerabilities - September11 (Windows) File : nvt/gb_google_chrome_mult_vuln_sep11_win.nasl |
| 2011-09-07 | Name : Mandriva Update for libxml MDVSA-2011:131 (libxml) File : nvt/gb_mandriva_MDVSA_2011_131.nasl |
| 2011-08-03 | Name : Debian Security Advisory DSA 2255-1 (libxml2) File : nvt/deb_2255_1.nasl |
| 2011-07-12 | Name : Fedora Update for libxml FEDORA-2011-7820 File : nvt/gb_fedora_2011_7820_libxml_fc15.nasl |
| 2011-07-08 | Name : Fedora Update for libxml FEDORA-2011-7856 File : nvt/gb_fedora_2011_7856_libxml_fc14.nasl |
| 2011-06-20 | Name : Ubuntu Update for libxml2 USN-1153-1 File : nvt/gb_ubuntu_USN_1153_1.nasl |
| 2011-01-24 | Name : FreeBSD Ports: chromium File : nvt/freebsd_chromium.nasl |
| 0000-00-00 | Name : FreeBSD Ports: libxml File : nvt/freebsd_libxml0.nasl |
| 0000-00-00 | Name : Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerabi... File : nvt/gb_apache_49957.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 78570 | PHP zend_strndup Function Return Value Parsing Remote DoS |
| 78556 | Apache HTTP Server Status Code 400 Default Error Response httpOnly Cookie Dis... |
| 78555 | Apache HTTP Server Threaded MPM %{cookiename}C Log Format String Cookie Handl... |
| 78512 | cURL Multiple Protocol File Path URL Parsing Control Character Injection |
| 78293 | Apache HTTP Server Scoreboard Invalid Free Operation Local Security Bypass |
| 78191 | OpenSSL GOST ENGINE Parameter Parsing Remote DoS |
| 78190 | OpenSSL Server Gated Cryptograpy (SGC) Handshake Restart Handling Remote DoS |
| 78189 | OpenSSL RFC 3779 Certificate Data Parsing Assertion Failure Remote DoS |
| 78188 | OpenSSL SSL 3.0 Record Cipher Padding Uninitialized Memory Information Disclo... |
| 78186 | OpenSSL Datagram Transport Layer Security (DTLS) CBC Encryption Weakness Plai... |
| 78115 | PHP Hash Collission Form Parameter Parsing Remote DoS PHP contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption. |
| 77310 | Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness (201... |
| 77047 | Roundcube Webmail include/iniset.php Subject Header Parsing Remote DoS |
| 77012 | Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handlin... |
| 76744 | Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handlin... |
| 75713 | PHP is_a() Function __autoload() Function Remote File Inclusion |
| 75560 | Google Chrome Double-free libxml XPath Handling Remote Code Execution |
| 74695 | Google Chrome Double Free Unspecified libxml XPath Handling Issue |
| 73248 | libxml2 xpath.c Xpath Nodeset Processing Overflow |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2013-01-31 | IAVM : 2013-A-0027 - Multiple Vulnerabilities in Juniper Networks Steel Belted Radius Severity : Category I - VMSKEY : V0036639 |
| 2012-09-27 | IAVM : 2012-A-0153 - Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity : Category I - VMSKEY : V0033884 |
| 2012-09-13 | IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0033794 |
| 2012-05-03 | IAVM : 2012-A-0073 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0032171 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-04-05 | Apache HTTP server potential cookie disclosure attempt RuleID : 37968 - Revision : 1 - Type : SERVER-WEBAPP |
| 2015-09-15 | cURL protocol file path URL parsing control character injection attempt RuleID : 35555 - Revision : 2 - Type : SERVER-MAIL |
| 2015-09-15 | cURL protocol file path URL parsing control character injection attempt RuleID : 35554 - Revision : 2 - Type : SERVER-MAIL |
| 2015-09-15 | cURL protocol file path URL parsing control character injection attempt RuleID : 35553 - Revision : 2 - Type : SERVER-MAIL |
| 2015-09-15 | cURL protocol file path URL parsing control character injection attempt RuleID : 35552 - Revision : 2 - Type : SERVER-MAIL |
| 2015-05-12 | Apache mod_log_config cookie handling denial of service attempt RuleID : 34048 - Revision : 2 - Type : SERVER-APACHE |
| 2014-01-10 | Apache mod_log_config cookie handling denial of service attempt RuleID : 24698 - Revision : 6 - Type : SERVER-APACHE |
| 2014-01-10 | Apache mod_log_config cookie handling denial of service attempt RuleID : 24697 - Revision : 7 - Type : SERVER-APACHE |
| 2014-01-10 | libtidy null pointer dereference attempt RuleID : 23995 - Revision : 5 - Type : SERVER-WEBAPP |
| 2014-01-10 | zend_strndup null pointer dereference attempt RuleID : 23994 - Revision : 6 - Type : SERVER-WEBAPP |
| 2014-01-10 | PHP-CGI command injection attempt RuleID : 22097 - Revision : 7 - Type : SERVER-WEBAPP |
| 2014-01-10 | PHP-CGI command injection attempt RuleID : 22064 - Revision : 8 - Type : SERVER-WEBAPP |
| 2014-01-10 | PHP-CGI remote file include attempt RuleID : 22063-community - Revision : 11 - Type : SERVER-WEBAPP |
| 2014-01-10 | PHP-CGI remote file include attempt RuleID : 22063 - Revision : 11 - Type : SERVER-WEBAPP |
| 2014-01-10 | Apache server mod_proxy reverse proxy bypass attempt RuleID : 21214 - Revision : 11 - Type : SERVER-APACHE |
| 2014-01-10 | generic web server hashing collision attack RuleID : 20825 - Revision : 11 - Type : SERVER-WEBAPP |
| 2014-01-10 | Apache mod_proxy reverse proxy information disclosure attempt RuleID : 20528 - Revision : 13 - Type : SERVER-APACHE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2017-10-31 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2907-1.nasl - Type : ACT_GATHER_INFO |
| 2016-03-03 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2012-0008_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-02-29 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0012_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-02-29 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0013_remote.nasl - Type : ACT_GATHER_INFO |
| 2015-07-24 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16907.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0469-1.nasl - Type : ACT_GATHER_INFO |
| 2015-01-27 | Name : The remote web server is affected by multiple vulnerabilities. File : oracle_http_server_cpu_jan_2015.nasl - Type : ACT_GATHER_INFO |
| 2015-01-23 | Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10669.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_apache_20120417.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_apache_20120420.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_libxml2_20121120.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_openssl_20120404.nasl - Type : ACT_GATHER_INFO |
| 2014-12-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10585.nasl - Type : ACT_GATHER_INFO |
| 2014-12-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10659.nasl - Type : ACT_GATHER_INFO |
| 2014-12-05 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15889.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0007.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0008.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0109.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0488.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0531.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0542.nasl - Type : ACT_GATHER_INFO |
| 2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-7.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13519.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13588.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15273.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15388.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15461.nasl - Type : ACT_GATHER_INFO |
| 2014-08-22 | Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_jsa10642.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-132.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-182.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-210.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-261.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-288.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-52.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-76.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-153.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-80.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-111205.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libopenssl-devel-120111.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libxml2-110629.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libxml2-111201.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_apache2-111205.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_apache2-201202-120216.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_curl-120124.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libopenssl-devel-120111.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libxml2-110629.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libxml2-111201.nasl - Type : ACT_GATHER_INFO |
| 2014-04-16 | Name : The remote AIX host is running a vulnerable version of OpenSSL. File : aix_openssl_advisory3.nasl - Type : ACT_GATHER_INFO |
| 2014-04-16 | Name : The remote AIX host is running a vulnerable version of OpenSSL. File : aix_openssl_advisory4.nasl - Type : ACT_GATHER_INFO |
| 2013-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-03.nasl - Type : ACT_GATHER_INFO |
| 2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_0_build_764879_remote.nasl - Type : ACT_GATHER_INFO |
| 2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities. File : vmware_esxi_5_0_build_912577_remote.nasl - Type : ACT_GATHER_INFO |
| 2013-11-01 | Name : The remote web server contains a version of PHP that allows arbitrary code ex... File : php_cgi_remote_code_execution.nasl - Type : ACT_ATTACK |
| 2013-09-27 | Name : The remote host has an application installed that is affected by multiple Ope... File : juniper_sbr_multiple.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-07.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-37.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-38.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-41.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-46.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-62.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-77.nasl - Type : ACT_GATHER_INFO |
| 2013-07-23 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_2_1_0.nasl - Type : ACT_GATHER_INFO |
| 2013-07-16 | Name : The remote web server is affected by several vulnerabilities. File : apache_2_0_65.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0016.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0017.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0019.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0059.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0060.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0086.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0092.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0093.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0128.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0323.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0426.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0546.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0547.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1045.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1046.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1047.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0217.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1047.nasl - Type : ACT_GATHER_INFO |
| 2013-06-07 | Name : The remote web server is affected by a remote PHP code code injection vulnera... File : plesk_apache_code_execution.nasl - Type : ACT_ATTACK |
| 2013-06-05 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_8_4.nasl - Type : ACT_GATHER_INFO |
| 2013-06-05 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2013-002.nasl - Type : ACT_GATHER_INFO |
| 2013-04-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_7be92050a45011e29898001060e06fd4.nasl - Type : ACT_GATHER_INFO |
| 2013-03-05 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-130225.nasl - Type : ACT_GATHER_INFO |
| 2013-02-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130131_mingw32_libxml2_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2013-02-01 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0217.nasl - Type : ACT_GATHER_INFO |
| 2013-02-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0217.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-120504.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php53-120504.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0568.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0569.nasl - Type : ACT_GATHER_INFO |
| 2012-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18035.nasl - Type : ACT_GATHER_INFO |
| 2012-09-27 | Name : The remote device is affected by multiple vulnerabilities. File : appletv_5_1.nasl - Type : ACT_GATHER_INFO |
| 2012-09-27 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13820.nasl - Type : ACT_GATHER_INFO |
| 2012-09-27 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13824.nasl - Type : ACT_GATHER_INFO |
| 2012-09-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-03.nasl - Type : ACT_GATHER_INFO |
| 2012-09-20 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_7_5.nasl - Type : ACT_GATHER_INFO |
| 2012-09-20 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_8_2.nasl - Type : ACT_GATHER_INFO |
| 2012-09-20 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2012-004.nasl - Type : ACT_GATHER_INFO |
| 2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-007.nasl - Type : ACT_GATHER_INFO |
| 2012-08-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0013.nasl - Type : ACT_GATHER_INFO |
| 2012-08-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_07234e78e89911e1b38d0023ae8e59f0.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111206_libxml2_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120111_libxml2_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120111_libxml2_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120111_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120118_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120124_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120124_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120130_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120201_openssl_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120202_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120202_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120213_httpd_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120221_httpd_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120327_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120507_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120507_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120627_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120627_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120627_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-07-13 | Name : The remote VMware ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0012.nasl - Type : ACT_GATHER_INFO |
| 2012-07-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1046.nasl - Type : ACT_GATHER_INFO |
| 2012-07-05 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_1_1_1.nasl - Type : ACT_GATHER_INFO |
| 2012-06-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1045.nasl - Type : ACT_GATHER_INFO |
| 2012-06-28 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2ae114dec06411e1b5e0000c299b62e1.nasl - Type : ACT_GATHER_INFO |
| 2012-06-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1045.nasl - Type : ACT_GATHER_INFO |
| 2012-06-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1046.nasl - Type : ACT_GATHER_INFO |
| 2012-06-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1047.nasl - Type : ACT_GATHER_INFO |
| 2012-06-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-25.nasl - Type : ACT_GATHER_INFO |
| 2012-05-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-7567.nasl - Type : ACT_GATHER_INFO |
| 2012-05-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-7586.nasl - Type : ACT_GATHER_INFO |
| 2012-05-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-7628.nasl - Type : ACT_GATHER_INFO |
| 2012-05-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_59b68b1e9c7811e1b5e0000c299b62e1.nasl - Type : ACT_GATHER_INFO |
| 2012-05-14 | Name : The remote web server contains a version of PHP that allows arbitrary code ex... File : php_cgi_query_string_code_execution.nasl - Type : ACT_ATTACK |
| 2012-05-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0547.nasl - Type : ACT_GATHER_INFO |
| 2012-05-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2465.nasl - Type : ACT_GATHER_INFO |
| 2012-05-10 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_7_4.nasl - Type : ACT_GATHER_INFO |
| 2012-05-10 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2012-002.nasl - Type : ACT_GATHER_INFO |
| 2012-05-09 | Name : The remote web server uses a version of PHP that is affected by a remote code... File : php_5_3_13.nasl - Type : ACT_GATHER_INFO |
| 2012-05-09 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_4_3.nasl - Type : ACT_GATHER_INFO |
| 2012-05-09 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-8114.nasl - Type : ACT_GATHER_INFO |
| 2012-05-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0546.nasl - Type : ACT_GATHER_INFO |
| 2012-05-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0546.nasl - Type : ACT_GATHER_INFO |
| 2012-05-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0547.nasl - Type : ACT_GATHER_INFO |
| 2012-05-07 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_60de13d595f011e1806a001143cd36d8.nasl - Type : ACT_GATHER_INFO |
| 2012-05-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-068.nasl - Type : ACT_GATHER_INFO |
| 2012-05-07 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1437-1.nasl - Type : ACT_GATHER_INFO |
| 2012-05-04 | Name : The remote web server uses a version of PHP that is affected by a remote code... File : php_5_4_2.nasl - Type : ACT_GATHER_INFO |
| 2012-04-28 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2012-0008.nasl - Type : ACT_GATHER_INFO |
| 2012-04-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-065.nasl - Type : ACT_GATHER_INFO |
| 2012-04-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2454.nasl - Type : ACT_GATHER_INFO |
| 2012-04-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1424-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-058.nasl - Type : ACT_GATHER_INFO |
| 2012-04-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-120309.nasl - Type : ACT_GATHER_INFO |
| 2012-04-12 | Name : The remote Fedora host is missing a security update. File : fedora_2012-4630.nasl - Type : ACT_GATHER_INFO |
| 2012-04-12 | Name : The remote Fedora host is missing a security update. File : fedora_2012-4659.nasl - Type : ACT_GATHER_INFO |
| 2012-04-11 | Name : The remote Fedora host is missing a security update. File : fedora_2012-4665.nasl - Type : ACT_GATHER_INFO |
| 2012-04-11 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-120327.nasl - Type : ACT_GATHER_INFO |
| 2012-04-11 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-120328.nasl - Type : ACT_GATHER_INFO |
| 2012-04-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-8034.nasl - Type : ACT_GATHER_INFO |
| 2012-04-06 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php53-120309.nasl - Type : ACT_GATHER_INFO |
| 2012-04-02 | Name : The remote host may be affected by multiple vulnerabilities. File : openssl_0_9_8u.nasl - Type : ACT_GATHER_INFO |
| 2012-04-02 | Name : The remote host may be affected by multiple vulnerabilities. File : openssl_1_0_0h.nasl - Type : ACT_GATHER_INFO |
| 2012-03-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0426.nasl - Type : ACT_GATHER_INFO |
| 2012-03-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0426.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-038.nasl - Type : ACT_GATHER_INFO |
| 2012-03-26 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-8009.nasl - Type : ACT_GATHER_INFO |
| 2012-03-07 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1642.nasl - Type : ACT_GATHER_INFO |
| 2012-03-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201203-02.nasl - Type : ACT_GATHER_INFO |
| 2012-03-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201203-12.nasl - Type : ACT_GATHER_INFO |
| 2012-02-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-201202-7972.nasl - Type : ACT_GATHER_INFO |
| 2012-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0323.nasl - Type : ACT_GATHER_INFO |
| 2012-02-21 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1598.nasl - Type : ACT_GATHER_INFO |
| 2012-02-20 | Name : The remote web server uses a version of PHP that is affected by a code execut... File : php_5_3_9_ace.nasl - Type : ACT_ATTACK |
| 2012-02-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-201202-120203.nasl - Type : ACT_GATHER_INFO |
| 2012-02-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1368-1.nasl - Type : ACT_GATHER_INFO |
| 2012-02-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0128.nasl - Type : ACT_GATHER_INFO |
| 2012-02-15 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-1301.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2408.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0128.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1358-2.nasl - Type : ACT_GATHER_INFO |
| 2012-02-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2012-041-01.nasl - Type : ACT_GATHER_INFO |
| 2012-02-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2012-041-02.nasl - Type : ACT_GATHER_INFO |
| 2012-02-13 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0888.nasl - Type : ACT_GATHER_INFO |
| 2012-02-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1357-1.nasl - Type : ACT_GATHER_INFO |
| 2012-02-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1358-1.nasl - Type : ACT_GATHER_INFO |
| 2012-02-09 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-1262.nasl - Type : ACT_GATHER_INFO |
| 2012-02-07 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2405.nasl - Type : ACT_GATHER_INFO |
| 2012-02-06 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_3fd040be4f0b11e19e320025900931f8.nasl - Type : ACT_GATHER_INFO |
| 2012-02-06 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_curl-7937.nasl - Type : ACT_GATHER_INFO |
| 2012-02-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0086.nasl - Type : ACT_GATHER_INFO |
| 2012-02-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0092.nasl - Type : ACT_GATHER_INFO |
| 2012-02-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0093.nasl - Type : ACT_GATHER_INFO |
| 2012-02-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2403.nasl - Type : ACT_GATHER_INFO |
| 2012-02-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-012.nasl - Type : ACT_GATHER_INFO |
| 2012-02-03 | Name : The remote web server uses a version of PHP that is affected by a code execut... File : php_5_3_10.nasl - Type : ACT_GATHER_INFO |
| 2012-02-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0092.nasl - Type : ACT_GATHER_INFO |
| 2012-02-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0093.nasl - Type : ACT_GATHER_INFO |
| 2012-02-02 | Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_2_22.nasl - Type : ACT_GATHER_INFO |
| 2012-02-02 | Name : The web server running on the remote host is affected by an information discl... File : apache_httponly_info_leak.nasl - Type : ACT_ATTACK |
| 2012-02-02 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_4b7dbfab4c6b11e1bc160023ae8e59f0.nasl - Type : ACT_GATHER_INFO |
| 2012-02-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0086.nasl - Type : ACT_GATHER_INFO |
| 2012-02-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2399.nasl - Type : ACT_GATHER_INFO |
| 2012-01-31 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0059.nasl - Type : ACT_GATHER_INFO |
| 2012-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2398.nasl - Type : ACT_GATHER_INFO |
| 2012-01-31 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
| 2012-01-30 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0894.nasl - Type : ACT_GATHER_INFO |
| 2012-01-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-011.nasl - Type : ACT_GATHER_INFO |
| 2012-01-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2394.nasl - Type : ACT_GATHER_INFO |
| 2012-01-27 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-0420.nasl - Type : ACT_GATHER_INFO |
| 2012-01-27 | Name : The remote host may be affected by a denial of service vulnerability. File : openssl_0_9_8t.nasl - Type : ACT_GATHER_INFO |
| 2012-01-27 | Name : The remote host may be affected by a denial of service vulnerability. File : openssl_1_0_0g.nasl - Type : ACT_GATHER_INFO |
| 2012-01-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0060.nasl - Type : ACT_GATHER_INFO |
| 2012-01-25 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0702.nasl - Type : ACT_GATHER_INFO |
| 2012-01-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0059.nasl - Type : ACT_GATHER_INFO |
| 2012-01-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0060.nasl - Type : ACT_GATHER_INFO |
| 2012-01-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1346-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
| 2012-01-23 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0708.nasl - Type : ACT_GATHER_INFO |
| 2012-01-23 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_5c5f19ce43af11e189b4001ec9578670.nasl - Type : ACT_GATHER_INFO |
| 2012-01-20 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-0504.nasl - Type : ACT_GATHER_INFO |
| 2012-01-20 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1334-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
| 2012-01-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-006.nasl - Type : ACT_GATHER_INFO |
| 2012-01-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-120111.nasl - Type : ACT_GATHER_INFO |
| 2012-01-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7923.nasl - Type : ACT_GATHER_INFO |
| 2012-01-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2390.nasl - Type : ACT_GATHER_INFO |
| 2012-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0250.nasl - Type : ACT_GATHER_INFO |
| 2012-01-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_78cc8a463e5611e189b4001ec9578670.nasl - Type : ACT_GATHER_INFO |
| 2012-01-13 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_9.nasl - Type : ACT_GATHER_INFO |
| 2012-01-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libxml2-111201.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0016.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0017.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0019.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d39218103c8011e197e800215c6a37bb.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0016.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0017.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0019.nasl - Type : ACT_GATHER_INFO |
| 2012-01-11 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0232.nasl - Type : ACT_GATHER_INFO |
| 2012-01-11 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-003.nasl - Type : ACT_GATHER_INFO |
| 2012-01-09 | Name : The remote web server has multiple SSL-related vulnerabilities. File : openssl_0_9_8s.nasl - Type : ACT_GATHER_INFO |
| 2012-01-09 | Name : The remote web server is affected by multiple SSL-related vulnerabilities. File : openssl_1_0_0f.nasl - Type : ACT_GATHER_INFO |
| 2012-01-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-197.nasl - Type : ACT_GATHER_INFO |
| 2011-12-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-7882.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-111130.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libxml2-7600.nasl - Type : ACT_GATHER_INFO |
| 2011-12-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1749.nasl - Type : ACT_GATHER_INFO |
| 2011-11-29 | Name : The web server running on the remote host has an information disclosure vulne... File : apache_mod_proxy_info_leak.nasl - Type : ACT_ATTACK |
| 2011-11-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-166.nasl - Type : ACT_GATHER_INFO |
| 2011-11-02 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201111-01.nasl - Type : ACT_GATHER_INFO |
| 2011-10-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-26.nasl - Type : ACT_GATHER_INFO |
| 2011-10-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-13446.nasl - Type : ACT_GATHER_INFO |
| 2011-10-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-13458.nasl - Type : ACT_GATHER_INFO |
| 2011-10-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-13472.nasl - Type : ACT_GATHER_INFO |
| 2011-10-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-145.nasl - Type : ACT_GATHER_INFO |
| 2011-09-19 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_14_0_835_163.nasl - Type : ACT_GATHER_INFO |
| 2011-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-131.nasl - Type : ACT_GATHER_INFO |
| 2011-08-23 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_13_0_782_215.nasl - Type : ACT_GATHER_INFO |
| 2011-07-27 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libxml2-110629.nasl - Type : ACT_GATHER_INFO |
| 2011-07-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libxml2-7601.nasl - Type : ACT_GATHER_INFO |
| 2011-07-05 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7820.nasl - Type : ACT_GATHER_INFO |
| 2011-07-05 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7856.nasl - Type : ACT_GATHER_INFO |
| 2011-06-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1153-1.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_6887828f022911e0b84d00262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2013-05-10 13:20:38 |
|
| 2013-05-10 13:18:56 |
|
