Executive Summary

Summary
Title HP-UX running OpenSSL, Remote Disclosure of Information
Informations
Name HPSBUX03388 SSRT102180 First vendor Publication 2015-08-05
Vendor HP Last vendor Modification 2015-08-05
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A potential security vulnerability has been identified with HP-UX running OpenSSL with SSL/TLS enabled.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c04760669

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-399 Resource Management Errors
17 % CWE-362 Race Condition
17 % CWE-310 Cryptographic Issues
17 % CWE-254 Security Features
17 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28506
 
Oval ID: oval:org.mitre.oval:def:28506
Title: AIX OpenSSL NewSessionTicket vulnerability
Description: Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1791
Version: 5
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28583
 
Oval ID: oval:org.mitre.oval:def:28583
Title: USN-2639-1 -- openssl vulnerabilities
Description: openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL.
Family: unix Class: patch
Reference(s): USN-2639-1
CVE-2014-8176
CVE-2015-1788
CVE-2015-1789
CVE-2015-1790
CVE-2015-1791
CVE-2015-1792
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Ubuntu 15.04
Ubuntu 14.10
Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29017
 
Oval ID: oval:org.mitre.oval:def:29017
Title: AIX OpenSSL PKCS#7 parsing code vulnerability
Description: The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1790
Version: 5
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29158
 
Oval ID: oval:org.mitre.oval:def:29158
Title: HP-UX OpenSSL Vulnerability (Alternative Chain Certificate Forgery)
Description: The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1793
Version: 1
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29160
 
Oval ID: oval:org.mitre.oval:def:29160
Title: USN-2639-1 -- openssl vulnerabilities
Description: openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL.
Family: unix Class: patch
Reference(s): USN-2639-1
CVE-2014-8176
CVE-2015-1788
CVE-2015-1789
CVE-2015-1790
CVE-2015-1791
CVE-2015-1792
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Ubuntu 15.04
Ubuntu 14.10
Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29191
 
Oval ID: oval:org.mitre.oval:def:29191
Title: HP-UX OpenSSL Vulnerability (Exploitable out-of-bounds read in X509_cmp_time)
Description: The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1789
Version: 1
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29224
 
Oval ID: oval:org.mitre.oval:def:29224
Title: HP-UX OpenSSL Vulnerability (Malformed ECParameters causes infinite loop)
Description: The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1788
Version: 1
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29229
 
Oval ID: oval:org.mitre.oval:def:29229
Title: HP-UX OpenSSL Vulnerability (PKCS7 crash with missing EnvelopedContent)
Description: The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1790
Version: 1
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29239
 
Oval ID: oval:org.mitre.oval:def:29239
Title: HP-UX OpenSSL Vulnerability (Race condition handling NewSessionTicket)
Description: Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1791
Version: 1
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29305
 
Oval ID: oval:org.mitre.oval:def:29305
Title: AIX OpenSSL X509_cmp_time vulnerability
Description: The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1789
Version: 5
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29329
 
Oval ID: oval:org.mitre.oval:def:29329
Title: AIX Logjam Vulnerability
Description: The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Family: unix Class: vulnerability
Reference(s): CVE-2015-4000
Version: 5
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29344
 
Oval ID: oval:org.mitre.oval:def:29344
Title: AIX OpenSSL binary polynomial field vulnerability
Description: The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1788
Version: 5
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29435
 
Oval ID: oval:org.mitre.oval:def:29435
Title: AIX OpenSSL CMS Code vulnerability
Description: The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1792
Version: 5
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29466
 
Oval ID: oval:org.mitre.oval:def:29466
Title: HP-UX OpenSSL Vulnerability (CMS verify infinite loop with unknown hash function)
Description: The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1792
Version: 1
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29478
 
Oval ID: oval:org.mitre.oval:def:29478
Title: HP-UX OpenSSL Vulnerability (DHE man-in-the-middle protection (Logjam))
Description: The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Family: unix Class: vulnerability
Reference(s): CVE-2015-4000
Version: 1
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2
Application 1
Application 1
Application 1
Application 1
Application 2
Application 2
Application 1
Application 1
Application 2
Application 345
Application 1
Application 2
Application 5
Application 5
Application 1
Application 1
Application 3
Os 151
Os 101
Os 4
Os 2
Os 1
Os 1
Os 1
Os 1
Os 1
Os 1

Information Assurance Vulnerability Management (IAVM)

Date Description
2015-08-27 IAVM : 2015-A-0203 - Multiple Cisco Products Certificate Forgery Vulnerability
Severity : Category I - VMSKEY : V0061345
2015-08-20 IAVM : 2015-A-0199 - Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2015-07-16 IAVM : 2015-A-0158 - Multiple Vulnerabilities in Oracle Java SE
Severity : Category I - VMSKEY : V0061089
2015-07-09 IAVM : 2015-A-0144 - OpenSSL Certificate Validation Vulnerability
Severity : Category I - VMSKEY : V0061067

Snort® IPS/IDS

Date Description
2015-08-20 OpenSSL alternative chains certificate forgery attempt
RuleID : 35307 - Revision : 2 - Type : SERVER-OTHER
2015-08-11 OpenSSL anomalous x509 certificate with default org name and certificate chai...
RuleID : 35111 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33806 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33805 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33804 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33803 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33802 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33801 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33800 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33799 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33798 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33797 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33796 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33795 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33794 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33793 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33792 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33791 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33790 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33789 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33788 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33787 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33786 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade cipher suite attempt
RuleID : 33785 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33784 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33783 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33782 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33781 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33780 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33779 - Revision : 5 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33778 - Revision : 6 - Type : SERVER-OTHER
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33777 - Revision : 6 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2017-12-04 Name : The remote host is missing a vendor-supplied security patch.
File : check_point_gaia_sk106499.nasl - Type : ACT_GATHER_INFO
2017-01-20 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201701-46.nasl - Type : ACT_GATHER_INFO
2016-10-06 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3688.nasl - Type : ACT_GATHER_INFO
2016-09-27 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2385-1.nasl - Type : ACT_GATHER_INFO
2016-09-09 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1064.nasl - Type : ACT_GATHER_INFO
2016-09-08 Name : The remote host is affected by multiple vulnerabilities.
File : screenos_JSA10733.nasl - Type : ACT_GATHER_INFO
2016-09-02 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2209-1.nasl - Type : ACT_GATHER_INFO
2016-08-29 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1618-1.nasl - Type : ACT_GATHER_INFO
2016-06-23 Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa10727.nasl - Type : ACT_GATHER_INFO
2016-06-08 Name : The remote Debian host is missing a security update.
File : debian_DLA-507.nasl - Type : ACT_GATHER_INFO
2016-06-01 Name : The remote device is affected by multiple vulnerabilities.
File : cisco_ace_A5_3_3.nasl - Type : ACT_GATHER_INFO
2016-05-31 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201605-06.nasl - Type : ACT_GATHER_INFO
2016-05-13 Name : A web application running on the remote host is affected by multiple vulnerab...
File : solarwinds_srm_profiler_6_2_3.nasl - Type : ACT_GATHER_INFO
2016-03-29 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_2_6.nasl - Type : ACT_GATHER_INFO
2016-03-24 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_5_4.nasl - Type : ACT_GATHER_INFO
2016-03-14 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201603-11.nasl - Type : ACT_GATHER_INFO
2016-03-10 Name : The remote AIX host has a version of OpenSSL installed that is affected by mu...
File : aix_openssl_advisory17.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-294.nasl - Type : ACT_GATHER_INFO
2016-02-18 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-218.nasl - Type : ACT_GATHER_INFO
2016-02-17 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-215.nasl - Type : ACT_GATHER_INFO
2016-02-03 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-102.nasl - Type : ACT_GATHER_INFO
2016-02-03 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-104.nasl - Type : ACT_GATHER_INFO
2016-02-02 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_1r.nasl - Type : ACT_GATHER_INFO
2016-02-02 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_2f.nasl - Type : ACT_GATHER_INFO
2016-01-28 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16898.nasl - Type : ACT_GATHER_INFO
2016-01-28 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16913.nasl - Type : ACT_GATHER_INFO
2016-01-26 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-92.nasl - Type : ACT_GATHER_INFO
2016-01-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0224-1.nasl - Type : ACT_GATHER_INFO
2016-01-21 Name : The remote host has an enterprise management application installed that is af...
File : oracle_enterprise_manager_jan_2016_cpu.nasl - Type : ACT_GATHER_INFO
2016-01-21 Name : The application installed on the remote host is affected by multiple vulnerab...
File : oracle_secure_global_desktop_jan_2016_cpu.nasl - Type : ACT_GATHER_INFO
2016-01-06 Name : The remote database server is affected by multiple vulnerabilities.
File : db2_105fp7_nix.nasl - Type : ACT_GATHER_INFO
2016-01-06 Name : The remote database server is affected by multiple vulnerabilities.
File : db2_105fp7_win.nasl - Type : ACT_GATHER_INFO
2016-01-04 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201512-10.nasl - Type : ACT_GATHER_INFO
2015-12-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2303-1.nasl - Type : ACT_GATHER_INFO
2015-12-17 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-889.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15av.nasl - Type : ACT_GATHER_INFO
2015-11-19 Name : The remote Nessus installation is affected by multiple denial of service vuln...
File : nessus_tns_2015_07.nasl - Type : ACT_GATHER_INFO
2015-11-03 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1851-1.nasl - Type : ACT_GATHER_INFO
2015-11-02 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1840-1.nasl - Type : ACT_GATHER_INFO
2015-10-29 Name : The remote host is missing one or more security updates.
File : mysql_5_6_26_rpm.nasl - Type : ACT_GATHER_INFO
2015-10-22 Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_6_27.nasl - Type : ACT_GATHER_INFO
2015-10-12 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1695-1.nasl - Type : ACT_GATHER_INFO
2015-10-09 Name : The remote host allows SSH connections with one or more Diffie-Hellman moduli...
File : ssh_logjam.nasl - Type : ACT_GATHER_INFO
2015-10-06 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-635.nasl - Type : ACT_GATHER_INFO
2015-09-23 Name : The remote security device is missing a vendor-supplied security patch.
File : cisco-sa-CSCuv26213-asa-cx.nasl - Type : ACT_GATHER_INFO
2015-09-23 Name : The management application installed on the remote host is affected by a cert...
File : cisco-sa-CSCuv26213-prsm.nasl - Type : ACT_GATHER_INFO
2015-09-23 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201507-15.nasl - Type : ACT_GATHER_INFO
2015-09-22 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1581-1.nasl - Type : ACT_GATHER_INFO
2015-09-18 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16914.nasl - Type : ACT_GATHER_INFO
2015-09-18 Name : The remote IBM HTTP Server is affected by multiple vulnerabilities.
File : websphere_8_5_5_7.nasl - Type : ACT_GATHER_INFO
2015-09-16 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16674.nasl - Type : ACT_GATHER_INFO
2015-09-15 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1547-2.nasl - Type : ACT_GATHER_INFO
2015-09-14 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1544-1.nasl - Type : ACT_GATHER_INFO
2015-09-14 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1547-1.nasl - Type : ACT_GATHER_INFO
2015-09-11 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1526-1.nasl - Type : ACT_GATHER_INFO
2015-09-09 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1509-1.nasl - Type : ACT_GATHER_INFO
2015-09-04 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1482-1.nasl - Type : ACT_GATHER_INFO
2015-09-01 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1449-1.nasl - Type : ACT_GATHER_INFO
2015-08-31 Name : The remote Debian host is missing a security update.
File : debian_DLA-303.nasl - Type : ACT_GATHER_INFO
2015-08-28 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20150710-openssl-VSG.nasl - Type : ACT_GATHER_INFO
2015-08-26 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-586.nasl - Type : ACT_GATHER_INFO
2015-08-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3339.nasl - Type : ACT_GATHER_INFO
2015-08-21 Name : The remote web server is running an application that is affected by multiple ...
File : splunk_625.nasl - Type : ACT_GATHER_INFO
2015-08-20 Name : The remote application is affected by a certificate validation bypass vulnera...
File : securitycenter_openssl_1_0_1p.nasl - Type : ACT_GATHER_INFO
2015-08-19 Name : The remote AIX host is missing a security patch.
File : aix_IV75967.nasl - Type : ACT_GATHER_INFO
2015-08-17 Name : The remote AIX host has a version of Java SDK installed that is affected by m...
File : aix_java_july2015_advisory.nasl - Type : ACT_GATHER_INFO
2015-08-17 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_10_5.nasl - Type : ACT_GATHER_INFO
2015-08-17 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2015-006.nasl - Type : ACT_GATHER_INFO
2015-08-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1604.nasl - Type : ACT_GATHER_INFO
2015-08-13 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1375-1.nasl - Type : ACT_GATHER_INFO
2015-08-11 Name : The remote AIX host is missing a security patch.
File : aix_IV75643.nasl - Type : ACT_GATHER_INFO
2015-08-11 Name : The remote AIX host is missing a security patch.
File : aix_IV75644.nasl - Type : ACT_GATHER_INFO
2015-08-11 Name : The remote AIX host is missing a security patch.
File : aix_IV75645.nasl - Type : ACT_GATHER_INFO
2015-08-11 Name : The remote AIX host is missing a security patch.
File : aix_IV75646.nasl - Type : ACT_GATHER_INFO
2015-08-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2706-1.nasl - Type : ACT_GATHER_INFO
2015-08-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1544.nasl - Type : ACT_GATHER_INFO
2015-08-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150730_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-08-04 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1329-1.nasl - Type : ACT_GATHER_INFO
2015-08-04 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1331-1.nasl - Type : ACT_GATHER_INFO
2015-08-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3324.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1526.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1526.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1526.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1319-1.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1320-1.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2696-1.nasl - Type : ACT_GATHER_INFO
2015-07-28 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3316.nasl - Type : ACT_GATHER_INFO
2015-07-27 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-507.nasl - Type : ACT_GATHER_INFO
2015-07-27 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-511.nasl - Type : ACT_GATHER_INFO
2015-07-27 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-512.nasl - Type : ACT_GATHER_INFO
2015-07-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1488.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-569.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-570.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-571.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : A web application on the remote host is affected by multiple vulnerabilities.
File : puppet_enterprise_activemq_psql_ssl.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1485.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1486.nasl - Type : ACT_GATHER_INFO
2015-07-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1268-2.nasl - Type : ACT_GATHER_INFO
2015-07-21 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1269-1.nasl - Type : ACT_GATHER_INFO
2015-07-21 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2673-1.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote AIX host has a version of OpenSSL installed that is affected by mu...
File : aix_openssl_advisory14.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-495.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1241.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1242.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1243.nasl - Type : ACT_GATHER_INFO
2015-07-18 Name : The remote database server is affected by multiple vulnerabilities.
File : db2_97fp10_multi_vuln.nasl - Type : ACT_GATHER_INFO
2015-07-17 Name : The remote Windows host contains a programming platform that is affected by m...
File : oracle_java_cpu_jul_2015.nasl - Type : ACT_GATHER_INFO
2015-07-17 Name : The remote Unix host contains a programming platform that is affected by mult...
File : oracle_java_cpu_jul_2015_unix.nasl - Type : ACT_GATHER_INFO
2015-07-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1230.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1228.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1229.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1230.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_44d9daee940c417986bb6e3ffd617869.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : A programming platform installed on the remote Windows host is affected by mu...
File : oracle_jrockit_cpu_jul_2015.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1228.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1229.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1228.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1229.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1230.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150715_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150715_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150715_java_1_8_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-07-16 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2656-2.nasl - Type : ACT_GATHER_INFO
2015-07-14 Name : The remote Fedora host is missing a security update.
File : fedora_2015-11414.nasl - Type : ACT_GATHER_INFO
2015-07-14 Name : The remote Fedora host is missing a security update.
File : fedora_2015-11475.nasl - Type : ACT_GATHER_INFO
2015-07-14 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-480.nasl - Type : ACT_GATHER_INFO
2015-07-14 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1177-2.nasl - Type : ACT_GATHER_INFO
2015-07-13 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2015-190-01.nasl - Type : ACT_GATHER_INFO
2015-07-13 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-564.nasl - Type : ACT_GATHER_INFO
2015-07-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_075952fe267e11e59d033c970e169bc2.nasl - Type : ACT_GATHER_INFO
2015-07-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-479.nasl - Type : ACT_GATHER_INFO
2015-07-13 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2656-1.nasl - Type : ACT_GATHER_INFO
2015-07-09 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-474.nasl - Type : ACT_GATHER_INFO
2015-07-09 Name : The remote host is affected by multiple vulnerabilities.
File : openssl_1_0_1p.nasl - Type : ACT_GATHER_INFO
2015-07-09 Name : The remote host is affected by multiple vulnerabilities.
File : openssl_1_0_2d.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Mac OS X host contains a web browser that is affected by multiple ...
File : macosx_firefox_31_8_esr.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Mac OS X host contains a web browser that is affected by multiple ...
File : macosx_firefox_38_1_esr.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Mac OS X host contains a web browser that is affected by multiple ...
File : macosx_firefox_39_0.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Mac OS X host contains a mail client that is affected by multiple ...
File : macosx_thunderbird_38_1.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_31_8_esr.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_38_1_esr.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_39_0.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_38_1.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1181-2.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1182-2.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1183-2.nasl - Type : ACT_GATHER_INFO
2015-07-07 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1184-2.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1197.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3300.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150625_nss_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150630_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1177-1.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1184-1.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_10_4.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2015-005.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1197.nasl - Type : ACT_GATHER_INFO
2015-06-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1197.nasl - Type : ACT_GATHER_INFO
2015-06-29 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1150-1.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1185.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-447.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1185.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1143-1.nasl - Type : ACT_GATHER_INFO
2015-06-25 Name : The remote Fedora host is missing a security update.
File : fedora_2015-10108.nasl - Type : ACT_GATHER_INFO
2015-06-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1185.nasl - Type : ACT_GATHER_INFO
2015-06-23 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201506-02.nasl - Type : ACT_GATHER_INFO
2015-06-22 Name : The remote Fedora host is missing a security update.
File : fedora_2015-10047.nasl - Type : ACT_GATHER_INFO
2015-06-18 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-550.nasl - Type : ACT_GATHER_INFO
2015-06-18 Name : The remote Debian host is missing a security update.
File : debian_DLA-247.nasl - Type : ACT_GATHER_INFO
2015-06-17 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150615_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-06-16 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1115.nasl - Type : ACT_GATHER_INFO
2015-06-16 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1115.nasl - Type : ACT_GATHER_INFO
2015-06-16 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0070.nasl - Type : ACT_GATHER_INFO
2015-06-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1115.nasl - Type : ACT_GATHER_INFO
2015-06-15 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3287.nasl - Type : ACT_GATHER_INFO
2015-06-15 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2015-9161.nasl - Type : ACT_GATHER_INFO
2015-06-12 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2015-162-01.nasl - Type : ACT_GATHER_INFO
2015-06-12 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_8305e215108011e58ba2000c2980a9f3.nasl - Type : ACT_GATHER_INFO
2015-06-12 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_0_9_8zg.nasl - Type : ACT_GATHER_INFO
2015-06-12 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_0s.nasl - Type : ACT_GATHER_INFO
2015-06-12 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_1n.nasl - Type : ACT_GATHER_INFO
2015-06-12 Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_2b.nasl - Type : ACT_GATHER_INFO
2015-06-12 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2639-1.nasl - Type : ACT_GATHER_INFO
2015-06-08 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150604_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-06-05 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1072.nasl - Type : ACT_GATHER_INFO
2015-06-05 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1072.nasl - Type : ACT_GATHER_INFO
2015-06-05 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0065.nasl - Type : ACT_GATHER_INFO
2015-06-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1072.nasl - Type : ACT_GATHER_INFO
2015-06-03 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2015-9048.nasl - Type : ACT_GATHER_INFO
2015-06-02 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2015-9130.nasl - Type : ACT_GATHER_INFO
2015-05-28 Name : The remote host allows SSL/TLS connections with one or more Diffie-Hellman mo...
File : ssl_logjam.nasl - Type : ACT_GATHER_INFO
2015-05-21 Name : The remote host supports a set of weak ciphers.
File : ssl_dh_export_supported_ciphers.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2016-01-22 09:26:21
  • Multiple Updates
2015-08-05 21:25:11
  • First insertion