Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2010:232 | First vendor Publication | 2010-11-15 |
Vendor | Mandriva | Last vendor Modification | 2010-11-15 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.9 | Attack Range | Adjacent network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 5.5 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities were discovered and corrected in cups: Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings (CVE-2010-0540). The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file (CVE-2010-0542). The web interface in CUPS, reads uninitialized memory during handling of form variables, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via unspecified vectors (CVE-2010-1748). The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file (CVE-2010-2431). ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request (CVE-2010-2941). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
20 % | CWE-416 | Use After Free |
20 % | CWE-352 | Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25) |
20 % | CWE-264 | Permissions, Privileges, and Access Controls |
20 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10365 | |||
Oval ID: | oval:org.mitre.oval:def:10365 | ||
Title: | The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file. | ||
Description: | The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0542 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10382 | |||
Oval ID: | oval:org.mitre.oval:def:10382 | ||
Title: | Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings. | ||
Description: | Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0540 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12954 | |||
Oval ID: | oval:org.mitre.oval:def:12954 | ||
Title: | DSA-2176-1 cups -- several | ||
Description: | Several vulnerabilities have been discovered in the Common UNIX Printing System: CVE-2008-5183 A null pointer dereference in RSS job completion notifications could lead to denial of service. CVE-2009-3553 It was discovered that incorrect file descriptor handling could lead to denial of service. CVE-2010-0540 A cross-site request forgery vulnerability was discovered in the web interface. CVE-2010-0542 Incorrect memory management in the filter subsystem could lead to denial of service. CVE-2010-1748 Information disclosure in the web interface. CVE-2010-2431 Emmanuel Bouillon discovered a symlink vulnerability in handling of cache files. CVE-2010-2432 Denial of service in the authentication code. CVE-2010-2941 Incorrect memory management in the IPP code could lead to denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2176-1 CVE-2008-5183 CVE-2009-3553 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2431 CVE-2010-2432 CVE-2010-2941 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22210 | |||
Oval ID: | oval:org.mitre.oval:def:22210 | ||
Title: | RHSA-2010:0866: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0866-02 CVE-2010-2941 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22217 | |||
Oval ID: | oval:org.mitre.oval:def:22217 | ||
Title: | RHSA-2010:0811: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0811-01 CESA-2010:0811 CVE-2010-2431 CVE-2010-2941 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22255 | |||
Oval ID: | oval:org.mitre.oval:def:22255 | ||
Title: | ELSA-2010:0811: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0811-01 CVE-2010-2431 CVE-2010-2941 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22302 | |||
Oval ID: | oval:org.mitre.oval:def:22302 | ||
Title: | RHSA-2010:0490: cups security update (Important) | ||
Description: | The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect&URL=% and (2) /admin?URL=/admin/&OP=% URIs. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0490-01 CESA-2010:0490 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 | Version: | 42 |
Platform(s): | Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22760 | |||
Oval ID: | oval:org.mitre.oval:def:22760 | ||
Title: | ELSA-2010:0490: cups security update (Important) | ||
Description: | The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect&URL=% and (2) /admin?URL=/admin/&OP=% URIs. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0490-01 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23225 | |||
Oval ID: | oval:org.mitre.oval:def:23225 | ||
Title: | ELSA-2010:0866: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0866-02 CVE-2010-2941 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27944 | |||
Oval ID: | oval:org.mitre.oval:def:27944 | ||
Title: | DEPRECATED: ELSA-2010-0866 -- cups security update (important) | ||
Description: | [1:1.4.2-35:.1] - Applied patch to fix cupsd memory corruption vulnerability (CVE-2010-2941, STR #3648, bug #624438). | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0866 CVE-2010-2941 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28063 | |||
Oval ID: | oval:org.mitre.oval:def:28063 | ||
Title: | DEPRECATED: ELSA-2010-0811 -- cups security update (important) | ||
Description: | [1.3.7-18:.8] - Applied patch to fix cupsd memory corruption vulnerability (CVE-2010-2941, STR #3648, bug #624438). - Fix latent privilege escalation vulnerability (CVE-2010-2431, STR #3510, bug #605397). | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0811 CVE-2010-2431 CVE-2010-2941 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9723 | |||
Oval ID: | oval:org.mitre.oval:def:9723 | ||
Title: | The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstated by the (1) /admin?OP=redirectURL=% and (2) /admin?URL=/admin/OP=% URIs. | ||
Description: | The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect&URL=% and (2) /admin?URL=/admin/&OP=% URIs. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-1748 | Version: | 6 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-08-10 | Name : Gentoo Security Advisory GLSA 201207-10 (cups) File : nvt/glsa_201207_10.nasl |
2011-09-12 | Name : Fedora Update for cups FEDORA-2011-11221 File : nvt/gb_fedora_2011_11221_cups_fc14.nasl |
2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
2011-08-09 | Name : CentOS Update for cups CESA-2010:0490 centos5 i386 File : nvt/gb_CESA-2010_0490_cups_centos5_i386.nasl |
2011-03-09 | Name : Debian Security Advisory DSA 2176-1 (cups) File : nvt/deb_2176_1.nasl |
2010-12-21 | Name : CUPS Information Disclosure Vulnerability File : nvt/gb_cups_info_disc_vuln.nasl |
2010-12-02 | Name : Fedora Update for cups FEDORA-2010-17641 File : nvt/gb_fedora_2010_17641_cups_fc14.nasl |
2010-11-23 | Name : Mandriva Update for cups MDVSA-2010:233 (cups) File : nvt/gb_mandriva_MDVSA_2010_233.nasl |
2010-11-23 | Name : Mandriva Update for cups MDVSA-2010:232 (cups) File : nvt/gb_mandriva_MDVSA_2010_232.nasl |
2010-11-23 | Name : Fedora Update for cups FEDORA-2010-17615 File : nvt/gb_fedora_2010_17615_cups_fc13.nasl |
2010-11-23 | Name : Fedora Update for cups FEDORA-2010-17627 File : nvt/gb_fedora_2010_17627_cups_fc12.nasl |
2010-11-18 | Name : CUPS IPP Use-After-Free Denial of Service Vulnerability File : nvt/gb_cupsd_ipp_use_after_free_dos_vuln.nasl |
2010-11-16 | Name : Ubuntu Update for cups, cupsys vulnerability USN-1012-1 File : nvt/gb_ubuntu_USN_1012_1.nasl |
2010-11-04 | Name : RedHat Update for cups RHSA-2010:0811-01 File : nvt/gb_RHSA-2010_0811-01_cups.nasl |
2010-08-20 | Name : CentOS Update for cups CESA-2010:0490 centos3 i386 File : nvt/gb_CESA-2010_0490_cups_centos3_i386.nasl |
2010-07-30 | Name : Fedora Update for cups FEDORA-2010-10101 File : nvt/gb_fedora_2010_10101_cups_fc12.nasl |
2010-07-02 | Name : Fedora Update for cups FEDORA-2010-10388 File : nvt/gb_fedora_2010_10388_cups_fc13.nasl |
2010-06-28 | Name : Fedora Update for cups FEDORA-2010-10066 File : nvt/gb_fedora_2010_10066_cups_fc11.nasl |
2010-06-25 | Name : Ubuntu Update for cups, cupsys vulnerabilities USN-952-1 File : nvt/gb_ubuntu_USN_952_1.nasl |
2010-06-22 | Name : CUPS Web Interface Multiple Vulnerabilities File : nvt/gb_cups_web_interface_mult_vulnerabilities.nasl |
2010-06-21 | Name : CUPS 'texttops' Filter NULL-pointer Dereference Vulnerability File : nvt/gb_cups_40943.nasl |
2010-06-18 | Name : RedHat Update for cups RHSA-2010:0490-01 File : nvt/gb_RHSA-2010_0490-01_cups.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-333-01 cups File : nvt/esoft_slk_ssa_2010_333_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-176-05 cups File : nvt/esoft_slk_ssa_2010_176_05.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68951 | CUPS IPP Request Handling Use-After-Free Arbitrary Code Execution CUPS contains a flaw related to the 'ipp.c' function's failure to allocate memory correctly for attribute values with invalid string data types, creating a use-after-free error. This may allow a remote attacker to use a crafted IPP request to execute arbitrary code. |
65698 | CUPS cupsFileOpen Function Multiple Temporary File Symlink Arbitrary File Ove... |
65692 | CUPS texttops.c _WriteProlog Function Memory Corruption |
65569 | CUPS Web Interface Form Variable Handling cupsd Process Memory Disclosure |
65555 | Apple Mac OS X CUPS Web Interface Settings Manipulation CSRF |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | CUPS IPP multi-valued attribute memory corruption attempt RuleID : 26972 - Revision : 4 - Type : SERVER-OTHER |
2014-01-10 | Apple CUPS IPP memory corruption attempt RuleID : 23139 - Revision : 5 - Type : SERVER-OTHER |
2014-01-10 | Apple CUPS IPP memory corruption attempt RuleID : 23138 - Revision : 5 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_cups-101124.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0490.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0811.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0866.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100617_cups_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101028_cups_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101110_cups_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-07-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201207-10.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-7775.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_cups-110921.nasl - Type : ACT_GATHER_INFO |
2011-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-7774.nasl - Type : ACT_GATHER_INFO |
2011-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-176-05.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_cups-101124.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_cups-101124.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2176.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12665.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_cups-101119.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-7244.nasl - Type : ACT_GATHER_INFO |
2010-11-30 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-333-01.nasl - Type : ACT_GATHER_INFO |
2010-11-30 | Name : The remote print service is affected by multiple vulnerabilities. File : cups_1_4_5.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0811.nasl - Type : ACT_GATHER_INFO |
2010-11-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17615.nasl - Type : ACT_GATHER_INFO |
2010-11-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17627.nasl - Type : ACT_GATHER_INFO |
2010-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0866.nasl - Type : ACT_GATHER_INFO |
2010-11-17 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17641.nasl - Type : ACT_GATHER_INFO |
2010-11-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-233.nasl - Type : ACT_GATHER_INFO |
2010-11-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-232.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO |
2010-11-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1012-1.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0811.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10101.nasl - Type : ACT_GATHER_INFO |
2010-07-14 | Name : The remote CUPS install contains a memory information disclosure vulnerability. File : cups_memory_access.nasl - Type : ACT_ATTACK |
2010-07-08 | Name : The remote printer service is affected by multiple vulnerabilities. File : cups_1_4_4.nasl - Type : ACT_GATHER_INFO |
2010-07-02 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10388.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10066.nasl - Type : ACT_GATHER_INFO |
2010-06-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-952-1.nasl - Type : ACT_GATHER_INFO |
2010-06-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0490.nasl - Type : ACT_GATHER_INFO |
2010-06-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0490.nasl - Type : ACT_GATHER_INFO |
2010-06-15 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_4.nasl - Type : ACT_GATHER_INFO |
2010-06-15 | Name : The remote host is missing a Mac OS X update that fixes a security issue. File : macosx_SecUpd2010-004.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:41:53 |
|