Executive Summary

Summary
Title HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilities
Informations
Name HPSBUX03334 SSRT102000 First vendor Publication 2015-05-19
Vendor HP Last vendor Modification 2015-05-19
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilities.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c04679334

CWE : Common Weakness Enumeration

% Id Name
40 % CWE-17 Code
20 % CWE-310 Cryptographic Issues
20 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
20 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28275
 
Oval ID: oval:org.mitre.oval:def:28275
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted base64 data that triggers a buffer overflow.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0292
Version: 3
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28477
 
Oval ID: oval:org.mitre.oval:def:28477
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0289
Version: 3
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28514
 
Oval ID: oval:org.mitre.oval:def:28514
Title: RHSA-2015:0800 -- openssl security update (Moderate)
Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method. (CVE-2015-0204)
Family: unix Class: patch
Reference(s): RHSA-2015:0800
CESA-2015:0800
CVE-2014-8275
CVE-2015-0204
CVE-2015-0287
CVE-2015-0288
CVE-2015-0289
CVE-2015-0292
CVE-2015-0293
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28541
 
Oval ID: oval:org.mitre.oval:def:28541
Title: AIX OpenSSL Denial of Service (invalid write operation and memory corruption)
Description: The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0287
Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28557
 
Oval ID: oval:org.mitre.oval:def:28557
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0209
Version: 3
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28564
 
Oval ID: oval:org.mitre.oval:def:28564
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0204
Version: 6
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28671
 
Oval ID: oval:org.mitre.oval:def:28671
Title: AIX OpenSSL Denial of Service (NULL pointer dereference and application crash)
Description: The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0289
Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28785
 
Oval ID: oval:org.mitre.oval:def:28785
Title: AIX OpenSSL Denial of Service (NULL pointer dereference and application crash)
Description: The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0288
Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28791
 
Oval ID: oval:org.mitre.oval:def:28791
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0287
Version: 3
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28795
 
Oval ID: oval:org.mitre.oval:def:28795
Title: AIX OpenSSL Denial of Service (memory corruption and application crash)
Description: Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0209
Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28799
 
Oval ID: oval:org.mitre.oval:def:28799
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0288
Version: 3
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28833
 
Oval ID: oval:org.mitre.oval:def:28833
Title: AIX OpenSSL Denial of Service (invalid read operation and application crash)
Description: The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0286
Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28849
 
Oval ID: oval:org.mitre.oval:def:28849
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0293
Version: 3
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28868
 
Oval ID: oval:org.mitre.oval:def:28868
Title: AIX OpenSSL Denial of Service (assertion failure and daemon exit)
Description: The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0293
Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28905
 
Oval ID: oval:org.mitre.oval:def:28905
Title: AIX OpenSSL Denial of Service (memory corruption)
Description: Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted base64 data that triggers a buffer overflow.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0292
Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28933
 
Oval ID: oval:org.mitre.oval:def:28933
Title: Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
Description: The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature.
Family: unix Class: vulnerability
Reference(s): CVE-2015-0286
Version: 3
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 286

Information Assurance Vulnerability Management (IAVM)

Date Description
2015-09-24 IAVM : 2015-A-0222 - Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0061471
2015-09-03 IAVM : 2015-B-0106 - Multiple Vulnerabilities in HP Version Control Repository Manager
Severity : Category I - VMSKEY : V0061359
2015-07-16 IAVM : 2015-A-0154 - Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0061081
2015-07-16 IAVM : 2015-A-0160 - Multiple Vulnerabilities in Oracle Linux and Virtualization
Severity : Category I - VMSKEY : V0061123
2015-06-25 IAVM : 2015-A-0135 - Multiple Vulnerabilities in Blue Coat ProxySG
Severity : Category I - VMSKEY : V0060997

Snort® IPS/IDS

Date Description
2015-07-19 OpenSSL denial-of-service via crafted x.509 certificate attempt
RuleID : 34889 - Revision : 3 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33806 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33805 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33804 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33803 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33802 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33801 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33800 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33799 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33798 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33797 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33796 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33795 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33794 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33793 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33792 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33791 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33790 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33789 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33788 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33787 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33786 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade cipher suite attempt
RuleID : 33785 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33784 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33783 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33782 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33781 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33780 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33779 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33778 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33777 - Revision : 6 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33703 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33702 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33701 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33700 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33699 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33698 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33697 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33696 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33695 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33694 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33693 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33692 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33691 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33690 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33689 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33688 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33687 - Revision : 2 - Type : SERVER-OTHER
2015-04-07 SSL request for export grade ciphersuite attempt
RuleID : 33686 - Revision : 2 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2017-12-07 Name : The remote host is potentially affected by an SSL/TLS vulnerability.
File : check_point_gaia_sk103683.nasl - Type : ACT_GATHER_INFO
2016-07-22 Name : The remote database server is affected by multiple vulnerabilities.
File : oracle_rdbms_cpu_jul_2016.nasl - Type : ACT_GATHER_INFO
2016-04-14 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20150320-openssl-ios.nasl - Type : ACT_GATHER_INFO
2016-04-14 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20150320-openssl-iosxe.nasl - Type : ACT_GATHER_INFO
2016-04-07 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-682.nasl - Type : ACT_GATHER_INFO
2016-03-29 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_2_6.nasl - Type : ACT_GATHER_INFO
2016-03-14 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-327.nasl - Type : ACT_GATHER_INFO
2016-03-10 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160309_openssl098e_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2016-03-09 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2016-0372.nasl - Type : ACT_GATHER_INFO
2016-03-09 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2016-0372.nasl - Type : ACT_GATHER_INFO
2016-03-09 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0372.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0678-1.nasl - Type : ACT_GATHER_INFO
2016-03-07 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0631-1.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-294.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0624-1.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0641-1.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-289.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-292.nasl - Type : ACT_GATHER_INFO
2016-03-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0303.nasl - Type : ACT_GATHER_INFO
2016-03-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0304.nasl - Type : ACT_GATHER_INFO
2016-03-02 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0617-1.nasl - Type : ACT_GATHER_INFO
2016-03-02 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0620-1.nasl - Type : ACT_GATHER_INFO
2016-02-26 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20140605-openssl-nxos.nasl - Type : ACT_GATHER_INFO
2016-01-28 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16302.nasl - Type : ACT_GATHER_INFO
2016-01-14 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0113-1.nasl - Type : ACT_GATHER_INFO
2016-01-06 Name : The remote database server is affected by multiple vulnerabilities.
File : db2_105fp7_nix.nasl - Type : ACT_GATHER_INFO
2016-01-06 Name : The remote database server is affected by multiple vulnerabilities.
File : db2_105fp7_win.nasl - Type : ACT_GATHER_INFO
2015-12-30 Name : A web application on the remote host is affected by multiple vulnerabilities.
File : puppet_enterprise_380.nasl - Type : ACT_GATHER_INFO
2015-12-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2303-1.nasl - Type : ACT_GATHER_INFO
2015-12-17 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-889.nasl - Type : ACT_GATHER_INFO
2015-12-16 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2168-2.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15ad_colorqube.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15aj.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15am.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by a man-in-the-middle vulnerabi...
File : xerox_xrx15ap.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15av.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15r.nasl - Type : ACT_GATHER_INFO
2015-12-09 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2216-1.nasl - Type : ACT_GATHER_INFO
2015-12-04 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2182-1.nasl - Type : ACT_GATHER_INFO
2015-12-03 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2166-1.nasl - Type : ACT_GATHER_INFO
2015-12-03 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2168-1.nasl - Type : ACT_GATHER_INFO
2015-10-22 Name : A web application running on the remote host is affected by multiple vulnerab...
File : mysql_enterprise_monitor_3_0_23.nasl - Type : ACT_GATHER_INFO
2015-10-19 Name : The remote printer is affected by a security bypass vulnerability known as FR...
File : lexmark_printer_TE701.nasl - Type : ACT_GATHER_INFO
2015-10-06 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16321.nasl - Type : ACT_GATHER_INFO
2015-10-06 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16323.nasl - Type : ACT_GATHER_INFO
2015-10-05 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16139.nasl - Type : ACT_GATHER_INFO
2015-10-05 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_11.nasl - Type : ACT_GATHER_INFO
2015-09-04 Name : The remote Windows host has an application installed that is affected by mult...
File : hp_version_control_repo_manager_7_5_0_0.nasl - Type : ACT_GATHER_INFO
2015-09-04 Name : The remote Linux host has an application installed that is affected by multip...
File : hp_version_control_repo_manager_7_5_0_nix.nasl - Type : ACT_GATHER_INFO
2015-08-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1410-1.nasl - Type : ACT_GATHER_INFO
2015-07-27 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-507.nasl - Type : ACT_GATHER_INFO
2015-07-22 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_5.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The application installed on the remote host is affected by multiple vulnerab...
File : oracle_secure_global_desktop_jul_2015_cpu.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_10_4.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2015-005.nasl - Type : ACT_GATHER_INFO
2015-06-29 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1086-4.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1086-3.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1138-1.nasl - Type : ACT_GATHER_INFO
2015-06-25 Name : The remote device is affected by multiple vulnerabilities.
File : bluecoat_proxy_sg_6_5_7_5.nasl - Type : ACT_GATHER_INFO
2015-06-23 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1086-2.nasl - Type : ACT_GATHER_INFO
2015-06-19 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1085-1.nasl - Type : ACT_GATHER_INFO
2015-06-19 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1086-1.nasl - Type : ACT_GATHER_INFO
2015-06-16 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0070.nasl - Type : ACT_GATHER_INFO
2015-06-10 Name : The remote AIX host has a version of Java SDK installed that is affected by m...
File : aix_java_april2015_advisory.nasl - Type : ACT_GATHER_INFO
2015-06-09 Name : The remote Windows host has VPN client software installed that is affected by...
File : smb_kb3062760.nasl - Type : ACT_GATHER_INFO
2015-06-04 Name : The remote web server is running an application that is affected by multiple ...
File : splunk_618.nasl - Type : ACT_GATHER_INFO
2015-05-27 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0946-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0541-1.nasl - Type : ACT_GATHER_INFO
2015-05-19 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20150310-ssl-nxos.nasl - Type : ACT_GATHER_INFO
2015-05-19 Name : The remote Apache Tomcat server is affected by multiple vulnerabilities.
File : tomcat_7_0_60.nasl - Type : ACT_GATHER_INFO
2015-05-19 Name : The remote Apache Tomcat server is affected by multiple vulnerabilities.
File : tomcat_8_0_21.nasl - Type : ACT_GATHER_INFO
2015-05-15 Name : The remote Apache Tomcat server is affected by multiple vulnerabilities.
File : tomcat_6_0_44.nasl - Type : ACT_GATHER_INFO
2015-05-05 Name : The remote Fedora host is missing a security update.
File : fedora_2015-6855.nasl - Type : ACT_GATHER_INFO
2015-05-04 Name : The remote Fedora host is missing a security update.
File : fedora_2015-6951.nasl - Type : ACT_GATHER_INFO
2015-04-22 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2015-111-09.nasl - Type : ACT_GATHER_INFO
2015-04-21 Name : The remote device is missing a vendor-supplied security patch.
File : juniper_jsa10679.nasl - Type : ACT_GATHER_INFO
2015-04-21 Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_jsa10679.nasl - Type : ACT_GATHER_INFO
2015-04-20 Name : The remote AIX host has a version of OpenSSL installed that is affected by mu...
File : aix_openssl_advisory13.nasl - Type : ACT_GATHER_INFO
2015-04-16 Name : The remote Windows host contains a programming platform that is affected by m...
File : oracle_java_cpu_apr_2015.nasl - Type : ACT_GATHER_INFO
2015-04-16 Name : The remote Unix host contains a programming platform that is affected by mult...
File : oracle_java_cpu_apr_2015_unix.nasl - Type : ACT_GATHER_INFO
2015-04-16 Name : The remote Windows host contains a programming platform that is affected by m...
File : oracle_jrockit_cpu_apr_2015.nasl - Type : ACT_GATHER_INFO
2015-04-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0800.nasl - Type : ACT_GATHER_INFO
2015-04-14 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0800.nasl - Type : ACT_GATHER_INFO
2015-04-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0800.nasl - Type : ACT_GATHER_INFO
2015-04-14 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150413_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_10_3.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2015-004.nasl - Type : ACT_GATHER_INFO
2015-04-09 Name : The remote device is affected by a security feature bypass vulnerability.
File : bluecoat_proxy_sg_6_5_6_2.nasl - Type : ACT_GATHER_INFO
2015-04-06 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16317.nasl - Type : ACT_GATHER_INFO
2015-04-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0752.nasl - Type : ACT_GATHER_INFO
2015-03-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-062.nasl - Type : ACT_GATHER_INFO
2015-03-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-063.nasl - Type : ACT_GATHER_INFO
2015-03-27 Name : The remote Windows host has an application that is affected by the FREAK vuln...
File : blackberry_es_freak_kb36811.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote host is affected by multiple vulnerabilities.
File : cisco_anyconnect_3_1_7021.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-132.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-177.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote host is affected by multiple vulnerabilities.
File : macosx_cisco_anyconnect_3_1_7021.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150324_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150324_openssl_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-03-25 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-498.nasl - Type : ACT_GATHER_INFO
2015-03-25 Name : The remote Fedora host is missing a security update.
File : fedora_2015-4300.nasl - Type : ACT_GATHER_INFO
2015-03-25 Name : The remote Fedora host is missing a security update.
File : fedora_2015-4303.nasl - Type : ACT_GATHER_INFO
2015-03-25 Name : The remote Fedora host is missing a security update.
File : fedora_2015-4320.nasl - Type : ACT_GATHER_INFO
2015-03-25 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0039.nasl - Type : ACT_GATHER_INFO
2015-03-25 Name : The remote Windows host contains a program that is affected by multiple vulne...
File : stunnel_5_12.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0715.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0716.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201503-11.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_0_9_8zf.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_0r.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_1m.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_2a.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0715.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0716.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0715.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0716.nasl - Type : ACT_GATHER_INFO
2015-03-23 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-247.nasl - Type : ACT_GATHER_INFO
2015-03-23 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libopenssl-devel-150317.nasl - Type : ACT_GATHER_INFO
2015-03-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3197.nasl - Type : ACT_GATHER_INFO
2015-03-20 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_9d15355bce7c11e49db0d050992ecde8.nasl - Type : ACT_GATHER_INFO
2015-03-20 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_compat-openssl097g-150317.nasl - Type : ACT_GATHER_INFO
2015-03-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2537-1.nasl - Type : ACT_GATHER_INFO
2015-03-18 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0030.nasl - Type : ACT_GATHER_INFO
2015-03-17 Name : The remote Mac OS X host has a web browser installed that is affected by the ...
File : macosx_opera_28_0_1750_40.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote host is affected by multiple vulnerabilities.
File : mcafee_firewall_enterprise_SB10102.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote web server contains an application that is affected by multiple vu...
File : splunk_622.nasl - Type : ACT_GATHER_INFO
2015-03-10 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0029.nasl - Type : ACT_GATHER_INFO
2015-03-05 Name : The remote Mac OS X host contains a web browser that is affected by multiple ...
File : macosx_google_chrome_41_0_2272_76.nasl - Type : ACT_GATHER_INFO
2015-03-04 Name : The remote host supports a set of weak ciphers.
File : ssl_rsa_export_supported_ciphers.nasl - Type : ACT_GATHER_INFO
2015-02-18 Name : The remote AIX host has a version of OpenSSL installed that is affected by mu...
File : aix_openssl_advisory12.nasl - Type : ACT_GATHER_INFO
2015-02-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_compat-openssl097g-150122.nasl - Type : ACT_GATHER_INFO
2015-02-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libopenssl-devel-150112.nasl - Type : ACT_GATHER_INFO
2015-01-26 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-67.nasl - Type : ACT_GATHER_INFO
2015-01-23 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0005.nasl - Type : ACT_GATHER_INFO
2015-01-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150121_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0066.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0066.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0066.nasl - Type : ACT_GATHER_INFO
2015-01-16 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_0_9_8zd.nasl - Type : ACT_GATHER_INFO
2015-01-16 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_0p.nasl - Type : ACT_GATHER_INFO
2015-01-16 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_1k.nasl - Type : ACT_GATHER_INFO
2015-01-13 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-469.nasl - Type : ACT_GATHER_INFO
2015-01-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2459-1.nasl - Type : ACT_GATHER_INFO
2015-01-12 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2015-009-01.nasl - Type : ACT_GATHER_INFO
2015-01-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3125.nasl - Type : ACT_GATHER_INFO
2015-01-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-019.nasl - Type : ACT_GATHER_INFO
2015-01-09 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_4e536c14979111e4977dd050992ecde8.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-349.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_1h.nasl - Type : ACT_GATHER_INFO
2014-04-08 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_0m.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2016-01-22 09:26:20
  • Multiple Updates
2015-05-20 21:26:19
  • First insertion