Executive Summary

Summary
Title HP-UX Running NTP, Remote Execution of Code, Denial of Service (DoS), or Other Vulnerabilities
Informations
Name HPSBUX03240 SSRT101872 First vendor Publication 2015-02-18
Vendor HP Last vendor Modification 2015-04-08
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c04554677

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
50 % CWE-17 Code

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28192
 
Oval ID: oval:org.mitre.oval:def:28192
Title: ELSA-2014-2025 -- ntp security update (important)
Description: [4.2.2p1-18.el5] - don't generate weak control key for resolver (CVE-2014-9293) - don't generate weak MD5 keys in ntp-keygen (CVE-2014-9294) - fix buffer overflows via specially-crafted packets (CVE-2014-9295)
Family: unix Class: patch
Reference(s): ELSA-2014-2025
CVE-2014-9293
CVE-2014-9294
CVE-2014-9295
Version: 3
Platform(s): Oracle Linux 5
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28264
 
Oval ID: oval:org.mitre.oval:def:28264
Title: USN-2449-1 -- NTP vulnerabilities
Description: Neel Mehta discovered that NTP generated weak authentication keys. A remote attacker could possibly use this issue to brute force the authentication key and send requests if permitted by IP restrictions. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9293">CVE-2014-9293</a>) Stephen Roettger discovered that NTP generated weak MD5 keys. A remote attacker could possibly use this issue to brute force the MD5 key and spoof a client or server. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9294">CVE-2014-9294</a>) Stephen Roettger discovered that NTP contained buffer overflows in the crypto_recv(), ctl_putdata() and configure() functions. In non-default configurations, a remote attacker could use these issues to cause NTP to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service. In addition, attackers would be isolated by the NTP AppArmor profile. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9295">CVE-2014-9295</a>) Stephen Roettger discovered that NTP incorrectly continued processing when handling certain errors. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9296">CVE-2014-9296</a>)
Family: unix Class: patch
Reference(s): USN-2449-1
CVE-2014-9293
CVE-2014-9294
CVE-2014-9295
CVE-2014-9296
Version: 3
Platform(s): Ubuntu 14.10
Ubuntu 14.04
Ubuntu 12.04
Ubuntu 10.04
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28304
 
Oval ID: oval:org.mitre.oval:def:28304
Title: ELSA-2014-2024 -- ntp security update (important)
Description: [4.2.6p5-2] - don't generate weak control key for resolver (CVE-2014-9293) - don't generate weak MD5 keys in ntp-keygen (CVE-2014-9294) - fix buffer overflows via specially-crafted packets (CVE-2014-9295) - don't mobilize passive association when authentication fails (CVE-2014-9296)
Family: unix Class: patch
Reference(s): ELSA-2014-2024
CVE-2014-9293
CVE-2014-9294
CVE-2014-9295
CVE-2014-9296
Version: 3
Platform(s): Oracle Linux 6
Oracle Linux 7
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28338
 
Oval ID: oval:org.mitre.oval:def:28338
Title: Network Time Protocol (NTP) vulnerability in AIX
Description: Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.
Family: unix Class: vulnerability
Reference(s): CVE-2014-9295
Version: 7
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28460
 
Oval ID: oval:org.mitre.oval:def:28460
Title: RHSA-2014:2025 -- ntp security update (Important)
Description: The Network Time Protocol (NTP) is used to synchronize a computer&#39;s time with a referenced time source. Multiple buffer overflow flaws were discovered in ntpd&#39;s crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit. (CVE-2014-9295) It was found that ntpd automatically generated weak keys for its internal use if no ntpdc request authentication key was specified in the ntp.conf configuration file. A remote attacker able to match the configured IP restrictions could guess the generated key, and possibly use it to send ntpdc query or configuration requests. (CVE-2014-9293) It was found that ntp-keygen used a weak method for generating MD5 keys. This could possibly allow an attacker to guess generated MD5 keys that could then be used to spoof an NTP client or server. Note: it is recommended to regenerate any MD5 keys that had explicitly been generated with ntp-keygen; the default installation does not contain such keys). (CVE-2014-9294) All ntp users are advised to upgrade to this updated package, which contains backported patches to resolve these issues. After installing the update, the ntpd daemon will restart automatically.
Family: unix Class: patch
Reference(s): RHSA-2014:2025
CESA-2014:2025
CVE-2014-9293
CVE-2014-9294
CVE-2014-9295
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28483
 
Oval ID: oval:org.mitre.oval:def:28483
Title: RHSA-2014:2024 -- ntp security update (Important)
Description: The Network Time Protocol (NTP) is used to synchronize a computer&#39;s time with a referenced time source. Multiple buffer overflow flaws were discovered in ntpd&#39;s crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit. (CVE-2014-9295) It was found that ntpd automatically generated weak keys for its internal use if no ntpdc request authentication key was specified in the ntp.conf configuration file. A remote attacker able to match the configured IP restrictions could guess the generated key, and possibly use it to send ntpdc query or configuration requests. (CVE-2014-9293) It was found that ntp-keygen used a weak method for generating MD5 keys. This could possibly allow an attacker to guess generated MD5 keys that could then be used to spoof an NTP client or server. Note: it is recommended to regenerate any MD5 keys that had explicitly been generated with ntp-keygen; the default installation does not contain such keys). (CVE-2014-9294) A missing return statement in the receive() function could potentially allow a remote attacker to bypass NTP&#39;s authentication mechanism. (CVE-2014-9296) All ntp users are advised to upgrade to this updated package, which contains backported patches to resolve these issues. After installing the update, the ntpd daemon will restart automatically.
Family: unix Class: patch
Reference(s): RHSA-2014:2024
CESA-2014:2024-CentOS 7
CESA-2014:2024-CentOS 6
CVE-2014-9293
CVE-2014-9294
CVE-2014-9295
CVE-2014-9296
Version: 7
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
CentOS Linux 7
CentOS Linux 6
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28493
 
Oval ID: oval:org.mitre.oval:def:28493
Title: DSA-3108-1 -- ntp security update
Description: Several vulnerabilities were discovered in the ntp package, an implementation of the Network Time Protocol.
Family: unix Class: patch
Reference(s): DSA-3108-1
CVE-2014-9293
CVE-2014-9294
CVE-2014-9295
CVE-2014-9296
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28660
 
Oval ID: oval:org.mitre.oval:def:28660
Title: Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities.
Description: Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.
Family: unix Class: vulnerability
Reference(s): CVE-2014-9295
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28677
 
Oval ID: oval:org.mitre.oval:def:28677
Title: Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities.
Description: The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
Family: unix Class: vulnerability
Reference(s): CVE-2014-9293
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28755
 
Oval ID: oval:org.mitre.oval:def:28755
Title: Network Time Protocol (NTP) vulnerability in AIX
Description: The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
Family: unix Class: vulnerability
Reference(s): CVE-2014-9293
Version: 7
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28761
 
Oval ID: oval:org.mitre.oval:def:28761
Title: Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities.
Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Family: unix Class: vulnerability
Reference(s): CVE-2014-9297
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28798
 
Oval ID: oval:org.mitre.oval:def:28798
Title: Network Time Protocol (NTP) vulnerability in AIX
Description: util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
Family: unix Class: vulnerability
Reference(s): CVE-2014-9294
Version: 7
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28826
 
Oval ID: oval:org.mitre.oval:def:28826
Title: Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities.
Description: util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
Family: unix Class: vulnerability
Reference(s): CVE-2014-9294
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28830
 
Oval ID: oval:org.mitre.oval:def:28830
Title: Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities.
Description: The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.
Family: unix Class: vulnerability
Reference(s): CVE-2014-9296
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29503
 
Oval ID: oval:org.mitre.oval:def:29503
Title: AIX 'NTPv4' vulnerability
Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Family: unix Class: vulnerability
Reference(s): CVE-2014-9297
Version: 5
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 774

Information Assurance Vulnerability Management (IAVM)

Date Description
2015-02-19 IAVM : 2015-A-0041 - Multiple Vulnerabilities in Network Time Protocol (NTP)
Severity : Category I - VMSKEY : V0058907

Snort® IPS/IDS

Date Description
2015-01-23 ntpd multiple vector buffer overflow attempt
RuleID : 32890 - Revision : 5 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2017-12-07 Name : The remote host is potentially affected by multiple NTP client vulnerabilities.
File : check_point_gaia_sk103825.nasl - Type : ACT_GATHER_INFO
2016-07-19 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15935.nasl - Type : ACT_GATHER_INFO
2016-07-19 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15934.nasl - Type : ACT_GATHER_INFO
2015-12-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20151119_ntp_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-12-02 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-2231.nasl - Type : ACT_GATHER_INFO
2015-11-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-2231.nasl - Type : ACT_GATHER_INFO
2015-11-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-2231.nasl - Type : ACT_GATHER_INFO
2015-09-16 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16392.nasl - Type : ACT_GATHER_INFO
2015-08-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150722_ntp_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0102.nasl - Type : ACT_GATHER_INFO
2015-07-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1459.nasl - Type : ACT_GATHER_INFO
2015-07-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1459.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1459.nasl - Type : ACT_GATHER_INFO
2015-07-02 Name : The remote AIX host is missing a security patch.
File : aix_IV71096.nasl - Type : ACT_GATHER_INFO
2015-07-02 Name : The remote AIX host is missing a security patch.
File : aix_IV71094.nasl - Type : ACT_GATHER_INFO
2015-05-28 Name : A network management system on the remote host is affected by multiple vulner...
File : cisco_prime_lms_sa-20141222-ntpd.nasl - Type : ACT_GATHER_INFO
2015-05-28 Name : A network management system on the remote host is affected by multiple vulner...
File : cisco-sa-20141222-ntpd-prime_dcnm.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0322-1.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_44236.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_44235.nasl - Type : ACT_GATHER_INFO
2015-03-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-140.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-149.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-116.nasl - Type : ACT_GATHER_INFO
2015-03-25 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-496.nasl - Type : ACT_GATHER_INFO
2015-03-20 Name : The remote NTP server is affected by multiple vulnerabilities.
File : ntp_4_2_8.nasl - Type : ACT_GATHER_INFO
2015-03-20 Name : The management application running on the remote host is affected by multiple...
File : cisco-sa-20141222-ntpd-prsm.nasl - Type : ACT_GATHER_INFO
2015-03-18 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sn-CSCus27229-iosxr.nasl - Type : ACT_GATHER_INFO
2015-03-18 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sn-CSCus26956-iosxr.nasl - Type : ACT_GATHER_INFO
2015-03-18 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20141222-ntpd-nxos.nasl - Type : ACT_GATHER_INFO
2015-02-27 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15936.nasl - Type : ACT_GATHER_INFO
2015-02-16 Name : The remote Fedora host is missing a security update.
File : fedora_2015-1759.nasl - Type : ACT_GATHER_INFO
2015-02-16 Name : The remote Fedora host is missing a security update.
File : fedora_2015-1736.nasl - Type : ACT_GATHER_INFO
2015-02-13 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-046.nasl - Type : ACT_GATHER_INFO
2015-02-12 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_ntp-150209.nasl - Type : ACT_GATHER_INFO
2015-02-11 Name : The remote AIX host is missing a security patch.
File : aix_IV68430.nasl - Type : ACT_GATHER_INFO
2015-02-11 Name : The remote AIX host is missing a security patch.
File : aix_IV68429.nasl - Type : ACT_GATHER_INFO
2015-02-11 Name : The remote AIX host is missing a security patch.
File : aix_IV68428.nasl - Type : ACT_GATHER_INFO
2015-02-11 Name : The remote AIX host is missing a security patch.
File : aix_IV68427.nasl - Type : ACT_GATHER_INFO
2015-02-11 Name : The remote AIX host is missing a security patch.
File : aix_IV68426.nasl - Type : ACT_GATHER_INFO
2015-02-10 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2497-1.nasl - Type : ACT_GATHER_INFO
2015-01-29 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0104.nasl - Type : ACT_GATHER_INFO
2015-01-23 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_ntp_20150120.nasl - Type : ACT_GATHER_INFO
2015-01-07 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0002.nasl - Type : ACT_GATHER_INFO
2015-01-07 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0001.nasl - Type : ACT_GATHER_INFO
2015-01-06 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-003.nasl - Type : ACT_GATHER_INFO
2015-01-02 Name : The remote Fedora host is missing a security update.
File : fedora_2014-17395.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote Fedora host is missing a security update.
File : fedora_2014-17367.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-34.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2014-0085.nasl - Type : ACT_GATHER_INFO
2014-12-23 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2449-1.nasl - Type : ACT_GATHER_INFO
2014-12-23 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_ntp-141219.nasl - Type : ACT_GATHER_INFO
2014-12-23 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3108.nasl - Type : ACT_GATHER_INFO
2014-12-23 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2014-356-01.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-2025.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-2024.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2014-2025.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Fedora host is missing a security update.
File : fedora_2014-17361.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_4033d82687dd11e490793c970e169bc2.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-792.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-2024.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2014-2025.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-2024.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141220_ntp_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141220_ntp_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-462.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2015-10-06 09:28:19
  • Multiple Updates
2015-04-09 05:25:56
  • Multiple Updates
2015-02-23 13:22:22
  • First insertion