Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2009:304 | First vendor Publication | 2009-11-26 |
Vendor | Mandriva | Last vendor Modification | 2009-11-29 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Some vulnerabilities were discovered and corrected in php: PHP 5.2.11, and 5.3.x before 5.3.1, does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive (CVE-2009-4017). The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable (CVE-2009-4018). The updated packages have been patched to correct these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:304 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-82 | Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi... |
CAPEC-99 | XML Parser Attack |
CAPEC-119 | Resource Depletion |
CAPEC-121 | Locate and Exploit Test APIs |
CAPEC-125 | Resource Depletion through Flooding |
CAPEC-130 | Resource Depletion through Allocation |
CAPEC-147 | XML Ping of Death |
CAPEC-197 | XEE (XML Entity Expansion) |
CAPEC-227 | Denial of Service through Resource Depletion |
CAPEC-228 | Resource Depletion through DTD Injection in a SOAP Message |
CAPEC-229 | XML Attribute Blowup |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-770 | Allocation of Resources Without Limits or Throttling |
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10821 | |||
Oval ID: | oval:org.mitre.oval:def:10821 | ||
Title: | Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438. | ||
Description: | Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-4022 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11745 | |||
Oval ID: | oval:org.mitre.oval:def:11745 | ||
Title: | Vulnerability with DNSSEC validation enabled in BIND. | ||
Description: | Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-4022 | Version: | 3 |
Platform(s): | IBM AIX 6.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22841 | |||
Oval ID: | oval:org.mitre.oval:def:22841 | ||
Title: | ELSA-2009:1620: bind security update (Moderate) | ||
Description: | Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1620-01 CVE-2009-4022 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | bind |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29109 | |||
Oval ID: | oval:org.mitre.oval:def:29109 | ||
Title: | RHSA-2009:1620 -- bind security update (Moderate) | ||
Description: | Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1620 CESA-2009:1620-CentOS 5 CVE-2009-4022 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | bind |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6667 | |||
Oval ID: | oval:org.mitre.oval:def:6667 | ||
Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
Description: | PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-4017 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7256 | |||
Oval ID: | oval:org.mitre.oval:def:7256 | ||
Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
Description: | The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-4018 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7261 | |||
Oval ID: | oval:org.mitre.oval:def:7261 | ||
Title: | HP-UX Running BIND, Remote Denial of Service (DoS), Unauthorized Disclosure of Information | ||
Description: | Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-4022 | Version: | 6 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7459 | |||
Oval ID: | oval:org.mitre.oval:def:7459 | ||
Title: | Security Vulnerability in BIND DNS Software Shipped With Solaris May Allow DNS Cache Poisoning | ||
Description: | Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-4022 | Version: | 3 |
Platform(s): | Sun Solaris 9 Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2010-03-05 | Kolang (proc_open PHP safe mode bypass 4.3.10 - 5.3.0) |
OpenVAS Exploits
Date | Description |
---|---|
2012-06-21 | Name : PHP version smaller than 5.3.1 File : nvt/nopsec_php_5_3_1.nasl |
2012-06-21 | Name : PHP version smaller than 5.2.11 File : nvt/nopsec_php_5_2_11.nasl |
2011-10-20 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006) File : nvt/gb_macosx_su11-006.nasl |
2011-08-09 | Name : CentOS Update for bind CESA-2010:0062 centos5 i386 File : nvt/gb_CESA-2010_0062_bind_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for php CESA-2010:0040 centos5 i386 File : nvt/gb_CESA-2010_0040_php_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for bind CESA-2009:1620 centos5 i386 File : nvt/gb_CESA-2009_1620_bind_centos5_i386.nasl |
2011-03-09 | Name : Gentoo Security Advisory GLSA 201006-11 (BIND) File : nvt/glsa_201006_11.nasl |
2010-10-01 | Name : HP-UX Update for BIND HPSBUX02546 File : nvt/gb_hp_ux_HPSBUX02546.nasl |
2010-06-23 | Name : HP-UX Update for Apache with PHP HPSBUX02543 File : nvt/gb_hp_ux_HPSBUX02543.nasl |
2010-05-12 | Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002 File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl |
2010-03-02 | Name : Fedora Update for bind FEDORA-2010-0868 File : nvt/gb_fedora_2010_0868_bind_fc12.nasl |
2010-03-02 | Name : Fedora Update for bind FEDORA-2010-0861 File : nvt/gb_fedora_2010_0861_bind_fc11.nasl |
2010-03-02 | Name : Fedora Update for php FEDORA-2010-0495 File : nvt/gb_fedora_2010_0495_php_fc11.nasl |
2010-03-02 | Name : Fedora Update for maniadrive FEDORA-2010-0495 File : nvt/gb_fedora_2010_0495_maniadrive_fc11.nasl |
2010-01-29 | Name : SuSE Update for acroread SUSE-SA:2010:008 File : nvt/gb_suse_2010_008.nasl |
2010-01-25 | Name : RedHat Update for bind RHSA-2010:0062-02 File : nvt/gb_RHSA-2010_0062-02_bind.nasl |
2010-01-22 | Name : Ubuntu Update for bind9 vulnerabilities USN-888-1 File : nvt/gb_ubuntu_USN_888_1.nasl |
2010-01-22 | Name : Mandriva Update for bind MDVSA-2010:021 (bind) File : nvt/gb_mandriva_MDVSA_2010_021.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos3 i386 File : nvt/gb_CESA-2010_0040_php_centos3_i386.nasl |
2010-01-19 | Name : RedHat Update for php RHSA-2010:0040-01 File : nvt/gb_RHSA-2010_0040-01_php.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos4 x86_64 File : nvt/gb_CESA-2010_0040_php_centos4_x86_64.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos4 i386 File : nvt/gb_CESA-2010_0040_php_centos4_i386.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos3 x86_64 File : nvt/gb_CESA-2010_0040_php_centos3_x86_64.nasl |
2010-01-11 | Name : FreeBSD Security Advisory (FreeBSD-SA-10:01.bind.asc) File : nvt/freebsdsa_bind8.nasl |
2009-12-30 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php56.nasl |
2009-12-30 | Name : CentOS Security Advisory CESA-2009:1620 (bind) File : nvt/ovcesa2009_1620.nasl |
2009-12-30 | Name : Debian Security Advisory DSA 1961-1 (bind9) File : nvt/deb_1961_1.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:313-1 (bind) File : nvt/mdksa_2009_313_1.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:324 (php) File : nvt/mdksa_2009_324.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:305 (php) File : nvt/mdksa_2009_305.nasl |
2009-12-10 | Name : SuSE Security Advisory SUSE-SA:2009:059 (bind) File : nvt/suse_sa_2009_059.nasl |
2009-12-10 | Name : Ubuntu USN-865-1 (bind9) File : nvt/ubuntu_865_1.nasl |
2009-12-04 | Name : PHP Multiple Vulnerabilities Dec-09 File : nvt/gb_php_mult_vuln_dec09.nasl |
2009-12-03 | Name : Mandriva Security Advisory MDVSA-2009:303 (php) File : nvt/mdksa_2009_303.nasl |
2009-12-03 | Name : Fedora Core 12 FEDORA-2009-12233 (bind) File : nvt/fcore_2009_12233.nasl |
2009-12-03 | Name : Fedora Core 11 FEDORA-2009-12218 (bind) File : nvt/fcore_2009_12218.nasl |
2009-12-03 | Name : SLES11: Security update for bind File : nvt/sles11_bind0.nasl |
2009-12-03 | Name : Ubuntu USN-862-1 (php5) File : nvt/ubuntu_862_1.nasl |
2009-12-03 | Name : RedHat Security Advisory RHSA-2009:1620 File : nvt/RHSA_2009_1620.nasl |
2009-11-25 | Name : ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vu... File : nvt/bind_37118.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-176-01 bind File : nvt/esoft_slk_ssa_2010_176_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-024-02 php File : nvt/esoft_slk_ssa_2010_024_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-336-01 bind File : nvt/esoft_slk_ssa_2009_336_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
60493 | ISC BIND DNSSEC Recursive Query Additional Section Cache Poisoning |
60451 | PHP File Upload Crafted multipart/form-data Temporary File Exhaustion Remote DoS |
60438 | PHP ext/standard/proc_open.c proc_open() Function safe_mode_*_env_vars Bypass |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-04 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15787.nasl - Type : ACT_GATHER_INFO |
2014-10-28 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15748.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL10898.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0062.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1620.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091130_bind_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100113_php_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100120_bind_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-10-13 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2011-006.nasl - Type : ACT_GATHER_INFO |
2011-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-336-01.nasl - Type : ACT_GATHER_INFO |
2011-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-176-01.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6847.nasl - Type : ACT_GATHER_INFO |
2010-09-17 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_6_2_0_12.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-303.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-0495.nasl - Type : ACT_GATHER_INFO |
2010-06-07 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_40339.nasl - Type : ACT_GATHER_INFO |
2010-06-02 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201006-11.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_3.nasl - Type : ACT_GATHER_INFO |
2010-03-05 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO |
2010-02-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201001-03.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1961.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-100215.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6846.nasl - Type : ACT_GATHER_INFO |
2010-01-26 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_bind-100121.nasl - Type : ACT_GATHER_INFO |
2010-01-26 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_bind-100121.nasl - Type : ACT_GATHER_INFO |
2010-01-26 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_bind-100121.nasl - Type : ACT_GATHER_INFO |
2010-01-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_bind-100121.nasl - Type : ACT_GATHER_INFO |
2010-01-25 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-024-02.nasl - Type : ACT_GATHER_INFO |
2010-01-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0062.nasl - Type : ACT_GATHER_INFO |
2010-01-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0062.nasl - Type : ACT_GATHER_INFO |
2010-01-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-888-1.nasl - Type : ACT_GATHER_INFO |
2010-01-21 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-021.nasl - Type : ACT_GATHER_INFO |
2010-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
2010-01-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1620.nasl - Type : ACT_GATHER_INFO |
2009-12-18 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_12.nasl - Type : ACT_GATHER_INFO |
2009-12-18 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_39a25a63eb5c11deb65000215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-865-1.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-324.nasl - Type : ACT_GATHER_INFO |
2009-12-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-313.nasl - Type : ACT_GATHER_INFO |
2009-12-02 | Name : The remote name server is affected by a cache poisoning vulnerability. File : bind9_dnssec_cache_poisoning.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_bind-091127.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_bind-091127.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_bind-091127.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_bind-091127.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1620.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-304.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote Fedora host is missing a security update. File : fedora_2009-12233.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-862-1.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote Fedora host is missing a security update. File : fedora_2009-12218.nasl - Type : ACT_GATHER_INFO |
2009-11-20 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_1.nasl - Type : ACT_GATHER_INFO |
2009-09-18 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_11.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:40:59 |
|
2013-05-11 00:47:52 |
|