Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access
Informations
Name HPSBUX03087 SSRT101413 First vendor Publication 2014-08-07
Vendor HP Last vendor Modification 2014-11-20
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 8.3 Attack Range Adjacent network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 6.5 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), execution of arbitrary code, or unauthorized access.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c04396638

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-189 Numeric Errors (CWE/SANS Top 25)
33 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
33 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:19319
 
Oval ID: oval:org.mitre.oval:def:19319
Title: USN-1966-1 -- samba vulnerability
Description: Samba could be made to hang if it received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-1966-1
CVE-2013-4124
Version: 5
Platform(s): Ubuntu 13.04
Ubuntu 12.10
Ubuntu 12.04
Ubuntu 10.04
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20816
 
Oval ID: oval:org.mitre.oval:def:20816
Title: RHSA-2013:1805: samba4 security update (Important)
Description: Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.
Family: unix Class: patch
Reference(s): RHSA-2013:1805-00
CESA-2013:1805
CVE-2013-4408
Version: 4
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): samba4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23548
 
Oval ID: oval:org.mitre.oval:def:23548
Title: RHSA-2014:0305: samba security update (Moderate)
Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim's password could use this flaw to bypass CSRF protections and conduct a CSRF attack against the victim SWAT user. (CVE-2013-0214) An integer overflow flaw was found in the way Samba handled an Extended Attribute (EA) list provided by a client. A malicious client could send a specially crafted EA list that triggered an overflow, causing the server to loop and reprocess the list using an excessive amount of memory. (CVE-2013-4124) Note: This issue did not affect the default configuration of the Samba server. Red Hat would like to thank the Samba project for reporting CVE-2013-0213 and CVE-2013-0214. Upstream acknowledges Jann Horn as the original reporter of CVE-2013-0213 and CVE-2013-0214. All users of Samba are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
Family: unix Class: patch
Reference(s): RHSA-2014:0305-00
CESA-2014:0305
CVE-2013-0213
CVE-2013-0214
CVE-2013-4124
Version: 13
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24000
 
Oval ID: oval:org.mitre.oval:def:24000
Title: ELSA-2013:1805: samba4 security update (Important)
Description: Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.
Family: unix Class: patch
Reference(s): ELSA-2013:1805-00
CVE-2013-4408
Version: 6
Platform(s): Oracle Linux 6
Product(s): samba4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24306
 
Oval ID: oval:org.mitre.oval:def:24306
Title: ELSA-2014:0305: samba security update (Moderate)
Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim's password could use this flaw to bypass CSRF protections and conduct a CSRF attack against the victim SWAT user. (CVE-2013-0214) An integer overflow flaw was found in the way Samba handled an Extended Attribute (EA) list provided by a client. A malicious client could send a specially crafted EA list that triggered an overflow, causing the server to loop and reprocess the list using an excessive amount of memory. (CVE-2013-4124) Note: This issue did not affect the default configuration of the Samba server. Red Hat would like to thank the Samba project for reporting CVE-2013-0213 and CVE-2013-0214. Upstream acknowledges Jann Horn as the original reporter of CVE-2013-0213 and CVE-2013-0214. All users of Samba are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
Family: unix Class: patch
Reference(s): ELSA-2014:0305-00
CVE-2013-0213
CVE-2013-0214
CVE-2013-4124
Version: 7
Platform(s): Oracle Linux 5
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24798
 
Oval ID: oval:org.mitre.oval:def:24798
Title: SUSE-SU-2014:0723-1 -- Security update for Samba
Description: This is a LTSS roll-up update for the Samba Server suite fixing multiple security issues and bugs. Security issues fixed: * CVE-2013-4496: Password lockout was not enforced for SAMR password changes, leading to brute force possibility. * CVE-2013-4408: DCE-RPC fragment length field is incorrectly checked. * CVE-2013-4124: Samba was affected by a denial of service attack on authenticated or guest connections. * CVE-2013-0214: The SWAT webadministration was affected by a cross site scripting attack (XSS). * CVE-2013-0213: The SWAT webadministration could possibly be used in clickjacking attacks.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0723-1
CVE-2013-4496
CVE-2013-4408
CVE-2013-4124
CVE-2013-0214
CVE-2013-0213
CVE-2012-6150
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25565
 
Oval ID: oval:org.mitre.oval:def:25565
Title: SUSE-SU-2013:1469-1 -- Security update for Samba
Description: The Samba server suite received a security update to fix a denial of service problem in integer wrap protection.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1469-1
CVE-2013-4124
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25668
 
Oval ID: oval:org.mitre.oval:def:25668
Title: RHSA-2013-1542: samba security, bug fix and enhancement update (Moderate)
Description: These updated samba packages include numerous bug fixes and one element.
Family: unix Class: patch
Reference(s): RHSA-2013:1542-02
CESA-2013:1542
CVE-2013-0213
CVE-2013-0214
CVE-2013-4124
Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25773
 
Oval ID: oval:org.mitre.oval:def:25773
Title: SUSE-SU-2013:1468-1 -- Security update for Samba
Description: The Samba server suite received a security update to fix a denial of service problem in integer wrap protection. (CVE-2013-4124). Additionally, the following stability fixes are included in this update: * Fix libreplace license ambiguity. (bnc#765270) * Document idmap_ad rfc2307 attribute requirements. (bnc#820531) * The pam_winbind require_membership_of option allows for a list of SID, but currently only provides buffer space for ~20. (bnc#806501). Security Issue reference: * CVE-2013-4124 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4124 >
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1468-1
CVE-2013-4124
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25899
 
Oval ID: oval:org.mitre.oval:def:25899
Title: HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access
Description: Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.
Family: unix Class: vulnerability
Reference(s): CVE-2013-4408
Version: 8
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26024
 
Oval ID: oval:org.mitre.oval:def:26024
Title: RHSA-2013:1543: samba4 security and bug fix update (Moderate)
Description: Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
Family: unix Class: patch
Reference(s): RHSA-2013:1543-02
CESA-2013:1543
CVE-2013-4124
Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): samba4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26319
 
Oval ID: oval:org.mitre.oval:def:26319
Title: HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access
Description: The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake.
Family: unix Class: vulnerability
Reference(s): CVE-2012-6150
Version: 8
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26470
 
Oval ID: oval:org.mitre.oval:def:26470
Title: HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access
Description: Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
Family: unix Class: vulnerability
Reference(s): CVE-2013-4124
Version: 8
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26482
 
Oval ID: oval:org.mitre.oval:def:26482
Title: HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code
Description: Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
Family: unix Class: vulnerability
Reference(s): CVE-2013-4124
Version: 4
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26876
 
Oval ID: oval:org.mitre.oval:def:26876
Title: DEPRECATED: ELSA-2014-0305 -- samba security update (moderate)
Description: [3.0.33-3.40.el5] - Security Release, fixes CVE-2013-0213 and CVE-2013-4124 - resolves: #1073350
Family: unix Class: patch
Reference(s): ELSA-2014-0305
CVE-2013-0213
CVE-2013-0214
CVE-2013-4124
Version: 4
Platform(s): Oracle Linux 5
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27199
 
Oval ID: oval:org.mitre.oval:def:27199
Title: RHSA-2013:1310 -- samba3x security and bug fix update (Moderate)
Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim&#39;s password could use this flaw to bypass CSRF protections and conduct a CSRF attack against the victim SWAT user. (CVE-2013-0214) An integer overflow flaw was found in the way Samba handled an Extended Attribute (EA) list provided by a client. A malicious client could send a specially crafted EA list that triggered an overflow, causing the server to loop and reprocess the list using an excessive amount of memory. (CVE-2013-4124) Note: This issue did not affect the default configuration of the Samba server. Red Hat would like to thank the Samba project for reporting CVE-2013-0213 and CVE-2013-0214. Upstream acknowledges Jann Horn as the original reporter of CVE-2013-0213 and CVE-2013-0214. These updated samba3x packages also include numerous bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 5.10 Technical Notes, linked to in the References, for information on the most significant of these changes. All samba3x users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically.
Family: unix Class: patch
Reference(s): RHSA-2013:1310
CESA-2013:1310
CVE-2013-0213
CVE-2013-0214
CVE-2013-4124
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): samba3x
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27234
 
Oval ID: oval:org.mitre.oval:def:27234
Title: ELSA-2013-1542 -- samba security, bug fix, and enhancement update (moderate)
Description: [3.6.9-164] - resolves: #1008574 - Fix offline logon cache not updating for cross child domain group membership.
Family: unix Class: patch
Reference(s): ELSA-2013-1542
CVE-2013-0213
CVE-2013-0214
CVE-2013-4124
Version: 3
Platform(s): Oracle Linux 6
Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27317
 
Oval ID: oval:org.mitre.oval:def:27317
Title: ELSA-2013-1543 -- samba4 security and bug fix update (moderate)
Description: [4.0.0-58.rc4] - Fix winbind lsat reconnection code, avoids ntlmv2-only session setup problems - resolves: #949993 [4.0.0-57.rc4] - resolves: #984809 - CVE-2013-4124: DoS via integer overflow when reading an EA list [4.0.0-56.rc4] - Fix libwbclient.so.0 symlink. - resolves: #882338 - Fix correct linking of libreplace with cmdline-credentials. - resolves: #911264
Family: unix Class: patch
Reference(s): ELSA-2013-1543
CVE-2013-4124
Version: 3
Platform(s): Oracle Linux 6
Product(s): samba4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27420
 
Oval ID: oval:org.mitre.oval:def:27420
Title: DEPRECATED: ELSA-2013-1805 -- samba4 security update (important)
Description: [4.0.0-60.rc4] - resolves: #1018039 - Fix CVE-2013-4408. [4.0.0-59.rc4] - Fix usage of client min/max protocol options in winbindd - related: #949993
Family: unix Class: patch
Reference(s): ELSA-2013-1805
CVE-2013-4408
Version: 4
Platform(s): Oracle Linux 6
Product(s): samba4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27443
 
Oval ID: oval:org.mitre.oval:def:27443
Title: ELSA-2013-1310 -- samba3x security and bug fix update (moderate)
Description: [3.6.6-0.136] - resolves: #984807 - CVE-2013-4124: DoS via integer overflow when reading an EA list
Family: unix Class: patch
Reference(s): ELSA-2013-1310
CVE-2013-0213
CVE-2013-0214
CVE-2013-4124
Version: 3
Platform(s): Oracle Linux 5
Product(s): samba3x
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 244
Os 4
Os 2
Os 2
Os 1

ExploitDB Exploits

id Description
2013-08-22 Samba nttrans Reply - Integer Overflow Vulnerability

Information Assurance Vulnerability Management (IAVM)

Date Description
2013-08-08 IAVM : 2013-B-0082 - Samba Denial of Service Vulnerability
Severity : Category I - VMSKEY : V0039910

Nessus® Vulnerability Scanner

Date Description
2016-04-21 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-490.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0723-1.nasl - Type : ACT_GATHER_INFO
2015-02-26 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201502-15.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_samba_20140225.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_samba_20140102.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1543.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1542.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1310.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0009.nasl - Type : ACT_GATHER_INFO
2014-08-20 Name : The remote Fedora host is missing a security update.
File : fedora_2014-9132.nasl - Type : ACT_GATHER_INFO
2014-06-26 Name : The remote Fedora host is missing a security update.
File : fedora_2014-7672.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-651.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-644.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-996.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-229.nasl - Type : ACT_GATHER_INFO
2014-04-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0383.nasl - Type : ACT_GATHER_INFO
2014-04-10 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140409_samba4_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-04-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0383.nasl - Type : ACT_GATHER_INFO
2014-04-10 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0383.nasl - Type : ACT_GATHER_INFO
2014-03-26 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140325_samba_and_samba3x_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-03-26 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0330.nasl - Type : ACT_GATHER_INFO
2014-03-26 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0330.nasl - Type : ACT_GATHER_INFO
2014-03-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0330.nasl - Type : ACT_GATHER_INFO
2014-03-18 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140317_samba_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-03-18 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0305.nasl - Type : ACT_GATHER_INFO
2014-03-18 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0305.nasl - Type : ACT_GATHER_INFO
2014-03-18 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0305.nasl - Type : ACT_GATHER_INFO
2014-01-14 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2014-013-04.nasl - Type : ACT_GATHER_INFO
2014-01-07 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_cifs-mount-131213.nasl - Type : ACT_GATHER_INFO
2013-12-24 Name : The remote Fedora host is missing a security update.
File : fedora_2013-23177.nasl - Type : ACT_GATHER_INFO
2013-12-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-299.nasl - Type : ACT_GATHER_INFO
2013-12-16 Name : The remote Fedora host is missing a security update.
File : fedora_2013-23085.nasl - Type : ACT_GATHER_INFO
2013-12-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2054-1.nasl - Type : ACT_GATHER_INFO
2013-12-12 Name : The remote Samba server is affected by multiple vulnerabilities.
File : samba_4_1_3.nasl - Type : ACT_GATHER_INFO
2013-12-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131210_samba_and_samba3x_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-12-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131210_samba4_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1806.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1805.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1806.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2812.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_613e45d1615411e39b62000c292e4fd8.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1805.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1805.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1806.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131121_samba4_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131121_samba_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-11-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1543.nasl - Type : ACT_GATHER_INFO
2013-11-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1542.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1542.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1543.nasl - Type : ACT_GATHER_INFO
2013-10-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130930_samba3x_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-10-09 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1310.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1310.nasl - Type : ACT_GATHER_INFO
2013-09-25 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1966-1.nasl - Type : ACT_GATHER_INFO
2013-09-20 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_cifs-mount-130806.nasl - Type : ACT_GATHER_INFO
2013-09-20 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_cifs-mount-130807.nasl - Type : ACT_GATHER_INFO
2013-08-15 Name : The remote Fedora host is missing a security update.
File : fedora_2013-14355.nasl - Type : ACT_GATHER_INFO
2013-08-10 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_e21c7c7a011611e39e833c970e169bc2.nasl - Type : ACT_GATHER_INFO
2013-08-10 Name : The remote Fedora host is missing a security update.
File : fedora_2013-14312.nasl - Type : ACT_GATHER_INFO
2013-08-08 Name : The remote Samba server is affected by a denial of service vulnerability.
File : samba_4_0_8.nasl - Type : ACT_GATHER_INFO
2013-08-07 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-207.nasl - Type : ACT_GATHER_INFO
2013-08-07 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2013-218-03.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-11-21 21:21:10
  • Multiple Updates
2014-08-08 13:22:30
  • First insertion