Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name MDVSA-2014:230 First vendor Publication 2014-11-27
Vendor Mandriva Last vendor Modification 2014-11-27
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple vulnerabilities has been found and corrected in the Linux kernel:

The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c (CVE-2014-3610).

Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation (CVE-2014-3611).

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application (CVE-2014-3645).

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application (CVE-2014-3646).

arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application (CVE-2014-3647).

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c (CVE-2014-3673).

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter (CVE-2014-3687).

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU (CVE-2014-3690).

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application (CVE-2014-7825).

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application (CVE-2014-7826).

The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call (CVE-2014-7970).

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601 (CVE-2014-8369).

The updated packages provides a solution for these security issues.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:230

CWE : Common Weakness Enumeration

% Id Name
30 % CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
20 % CWE-20 Improper Input Validation
10 % CWE-476 NULL Pointer Dereference
10 % CWE-362 Race Condition
10 % CWE-189 Numeric Errors (CWE/SANS Top 25)
10 % CWE-125 Out-of-bounds Read
10 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:27268
 
Oval ID: oval:org.mitre.oval:def:27268
Title: ELSA-2014-1724 -- kernel security and bug fix update (important)
Description: [3.10.0-123.9.2] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-123.9.2] - [virt] kvm: fix PIT timer race condition (Petr Matousek) [1144879 1144880] {CVE-2014-3611} - [virt] kvm/vmx: handle invept and invvpid vm exits gracefully (Petr Matousek) [1145449 1116936] [1144828 1144829] {CVE-2014-3645 CVE-2014-3646} [3.10.0-123.9.1] - [md] raid6: avoid data corruption during recovery of double-degraded RAID6 (Jes Sorensen) [1143850 1130905] - [fs] ext4: fix type declaration of ext4_validate_block_bitmap (Lukas Czerner) [1140978 1091055] - [fs] ext4: error out if verifying the block bitmap fails (Lukas Czerner) [1140978 1091055] - [powerpc] sched: stop updating inside arch_update_cpu_topology() when nothing to be update (Gustavo Duarte) [1140300 1098372] - [powerpc] 64bit sendfile is capped at 2GB (Gustavo Duarte) [1139126 1107774] - [s390] fix restore of invalid floating-point-control (Hendrik Brueckner) [1138733 1121965] - [kernel] sched/fair: Rework sched_fair time accounting (Rik van Riel) [1134717 1123731] - [kernel] math64: Add mul_u64_u32_shr() (Rik van Riel) [1134717 1123731] - [kernel] workqueue: zero cpumask of wq_numa_possible_cpumask on init (Motohiro Kosaki) [1134715 1117184] - [cpufreq] acpi-cpufreq: skip loading acpi_cpufreq after intel_pstate (Motohiro Kosaki) [1134716 1123250] - [security] selinux: Increase ebitmap_node size for 64-bit configuration (Paul Moore) [1132076 922752] - [security] selinux: Reduce overhead of mls_level_isvalid() function call (Paul Moore) [1132076 922752] - [ethernet] cxgb4: allow large buffer size to have page size (Gustavo Duarte) [1130548 1078977] - [kernel] sched/autogroup: Fix race with task_groups list (Gustavo Duarte) [1129990 1081406] - [net] sctp: inherit auth_capable on INIT collisions (Daniel Borkmann) [1124337 1123763] {CVE-2014-5077} - [sound] alsa/control: Don't access controls outside of protected regions (Radomir Vrbovsky) [1117330 1117331] {CVE-2014-4653}
Family: unix Class: patch
Reference(s): ELSA-2014-1724
CVE-2014-4653
CVE-2014-5077
CVE-2014-3611
CVE-2014-3645
CVE-2014-3646
Version: 3
Platform(s): Oracle Linux 7
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27974
 
Oval ID: oval:org.mitre.oval:def:27974
Title: ELSA-2014-3089 -- Unbreakable Enterprise kernel security update (important)
Description: kernel-uek [2.6.32-400.36.11uek] - net: sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [Orabug: 20010592] {CVE-2014-3687} - net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [Orabug: 20010579] {CVE-2014-3673}
Family: unix Class: patch
Reference(s): ELSA-2014-3089
CVE-2014-3687
CVE-2014-3673
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27992
 
Oval ID: oval:org.mitre.oval:def:27992
Title: RHSA-2014:1843 -- kernel security and bug fix update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611, Important) * A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3185, Moderate) * It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invept (Invalidate Translations Derived from EPT) and invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invept/invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. (CVE-2014-3645, CVE-2014-3646, Moderate) Red Hat would like to thank Lars Bull of Google for reporting CVE-2014-3611, and the Advanced Threat Research team at Intel Security for reporting CVE-2014-3645 and CVE-2014-3646. This update also fixes the following bugs: * This update fixes several race conditions between PCI error recovery callbacks and potential calls of the ifup and ifdown commands in the tg3 driver. When triggered, these race conditions could cause a kernel crash. (BZ#1142570) * Previously, GFS2 failed to unmount a sub-mounted GFS2 file system if its parent was also a GFS2 file system. This problem has been fixed by adding the appropriate d_op->d_hash() routine call for the last component of the mount point path in the path name lookup mechanism code (namei). (BZ#1145193) * Due to previous changes in the virtio-net driver, a Red Hat Enterprise Linux 6.6 guest was unable to boot with the "mgr_rxbuf=off" option specified. This was caused by providing the page_to_skb() function with an incorrect packet length in the driver's Rx path. This problem has been fixed and the guest in the described scenario can now boot successfully. (BZ#1148693) * When using one of the newer IPSec Authentication Header (AH) algorithms with Openswan, a kernel panic could occur. This happened because the maximum truncated ICV length was too small. To fix this problem, the MAX_AH_AUTH_LEN parameter has been set to 64. (BZ#1149083) * A bug in the IPMI driver caused the kernel to panic when an IPMI interface was removed using the hotmod script. The IPMI driver has been fixed to properly clean the relevant data when removing an IPMI interface. (BZ#1149578) * Due to a bug in the IPMI driver, the kernel could panic when adding an IPMI interface that was previously removed using the hotmod script. This update fixes this bug by ensuring that the relevant shadow structure is initialized at the right time. (BZ#1149580) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:1843
CESA-2014:1843
CVE-2014-3185
CVE-2014-3611
CVE-2014-3645
CVE-2014-3646
Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28203
 
Oval ID: oval:org.mitre.oval:def:28203
Title: USN-2396-1 -- Linux kernel vulnerabilities
Description: Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3647">CVE-2014-3647</a>) A flaw was discovered with the handling of the invept instruction in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3646">CVE-2014-3646</a>) Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. A local guest user with access to PIT i/o ports could exploit this flaw to cause a denial of service (crash) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3611">CVE-2014-3611</a>) Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual Machine) handles noncanonical writes to certain MSR registers. A privileged guest user can exploit this flaw to cause a denial of service (kernel panic) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3610">CVE-2014-3610</a>)
Family: unix Class: patch
Reference(s): USN-2396-1
CVE-2014-3647
CVE-2014-3646
CVE-2014-3611
CVE-2014-3610
Version: 5
Platform(s): Ubuntu 14.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28227
 
Oval ID: oval:org.mitre.oval:def:28227
Title: ELSA-2014-3087 -- Unbreakable Enterprise kernel security update (important)
Description: kernel-uek [3.8.13-44.1.5.el6uek] - net: sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [Orabug: 20010590] {CVE-2014-3687} - net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [Orabug: 20010577] {CVE-2014-3673}
Family: unix Class: patch
Reference(s): ELSA-2014-3087
CVE-2014-3687
CVE-2014-3673
Version: 5
Platform(s): Oracle Linux 6
Oracle Linux 7
Product(s): kernel-uek
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28309
 
Oval ID: oval:org.mitre.oval:def:28309
Title: ELSA-2014-3088 -- Unbreakable Enterprise kernel security update (important)
Description: [2.6.39-400.215.13] - net: sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [Orabug: 20010591] {CVE-2014-3687} - net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [Orabug: 20010578] {CVE-2014-3673}
Family: unix Class: patch
Reference(s): ELSA-2014-3088
CVE-2014-3687
CVE-2014-3673
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Os 6
Os 1
Os 2153
Os 2
Os 3
Os 1
Os 1
Os 3
Os 2
Os 1
Os 1
Os 1
Os 1
Os 5

Snort® IPS/IDS

Date Description
2015-07-13 Linux kernel SCTP Unknown Chunk Types denial of service attempt
RuleID : 34802 - Revision : 2 - Type : OS-LINUX

Nessus® Vulnerability Scanner

Date Description
2017-08-25 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-1842.nasl - Type : ACT_GATHER_INFO
2017-08-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170801_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2017-08-16 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-1842-1.nasl - Type : ACT_GATHER_INFO
2017-08-09 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-1842.nasl - Type : ACT_GATHER_INFO
2017-08-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-1842.nasl - Type : ACT_GATHER_INFO
2017-08-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-2077.nasl - Type : ACT_GATHER_INFO
2017-04-03 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2016-01-28 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL13145361.nasl - Type : ACT_GATHER_INFO
2015-12-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20151119_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-12-02 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-2152.nasl - Type : ACT_GATHER_INFO
2015-11-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-2152.nasl - Type : ACT_GATHER_INFO
2015-11-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-2152.nasl - Type : ACT_GATHER_INFO
2015-09-09 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL17199.nasl - Type : ACT_GATHER_INFO
2015-07-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1272.nasl - Type : ACT_GATHER_INFO
2015-06-17 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1071-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0068-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0178-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0481-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0529-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0652-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0864.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0869.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0869.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0869.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150422_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-04-22 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0864.nasl - Type : ACT_GATHER_INFO
2015-04-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0864.nasl - Type : ACT_GATHER_INFO
2015-04-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150421_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0040.nasl - Type : ACT_GATHER_INFO
2015-04-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0782.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-118.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150305_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-150306.nasl - Type : ACT_GATHER_INFO
2015-03-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-3012.nasl - Type : ACT_GATHER_INFO
2015-03-19 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-058.nasl - Type : ACT_GATHER_INFO
2015-03-18 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0290.nasl - Type : ACT_GATHER_INFO
2015-03-18 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0034.nasl - Type : ACT_GATHER_INFO
2015-03-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-3013.nasl - Type : ACT_GATHER_INFO
2015-03-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-3014.nasl - Type : ACT_GATHER_INFO
2015-03-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-3015.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0674.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0290.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150311_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-03-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0674.nasl - Type : ACT_GATHER_INFO
2015-03-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0674.nasl - Type : ACT_GATHER_INFO
2015-03-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0284.nasl - Type : ACT_GATHER_INFO
2015-03-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0290.nasl - Type : ACT_GATHER_INFO
2015-02-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2513-1.nasl - Type : ACT_GATHER_INFO
2015-02-06 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2015-0126.nasl - Type : ACT_GATHER_INFO
2015-02-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0115.nasl - Type : ACT_GATHER_INFO
2015-02-04 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2491-1.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0062.nasl - Type : ACT_GATHER_INFO
2015-01-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0043.nasl - Type : ACT_GATHER_INFO
2015-01-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2462-1.nasl - Type : ACT_GATHER_INFO
2015-01-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2463-1.nasl - Type : ACT_GATHER_INFO
2015-01-06 Name : The remote Fedora host is missing a security update.
File : fedora_2014-17244.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-141202.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-141217.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-791.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-793.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-794.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2447-2.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2448-2.nasl - Type : ACT_GATHER_INFO
2014-12-18 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1997.nasl - Type : ACT_GATHER_INFO
2014-12-18 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141216_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-12-17 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15912.nasl - Type : ACT_GATHER_INFO
2014-12-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1997.nasl - Type : ACT_GATHER_INFO
2014-12-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1997.nasl - Type : ACT_GATHER_INFO
2014-12-16 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15910.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141209_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2441-1.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2442-1.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2443-1.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2445-1.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2446-1.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2447-1.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2448-1.nasl - Type : ACT_GATHER_INFO
2014-12-10 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-12-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-12-09 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3093.nasl - Type : ACT_GATHER_INFO
2014-12-05 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-455.nasl - Type : ACT_GATHER_INFO
2014-12-05 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3096.nasl - Type : ACT_GATHER_INFO
2014-12-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1943.nasl - Type : ACT_GATHER_INFO
2014-11-28 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-230.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2417-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2419-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2420-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2421-1.nasl - Type : ACT_GATHER_INFO
2014-11-21 Name : The remote Fedora host is missing a security update.
File : fedora_2014-15200.nasl - Type : ACT_GATHER_INFO
2014-11-19 Name : The remote Fedora host is missing a security update.
File : fedora_2014-15159.nasl - Type : ACT_GATHER_INFO
2014-11-19 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3089.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Fedora host is missing a security update.
File : fedora_2014-14068.nasl - Type : ACT_GATHER_INFO
2014-11-14 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3087.nasl - Type : ACT_GATHER_INFO
2014-11-14 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3088.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1843.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1843.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1843.nasl - Type : ACT_GATHER_INFO
2014-11-04 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3086.nasl - Type : ACT_GATHER_INFO
2014-11-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141028_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2014-11-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3060.nasl - Type : ACT_GATHER_INFO
2014-11-03 Name : The remote Fedora host is missing a security update.
File : fedora_2014-12955.nasl - Type : ACT_GATHER_INFO
2014-11-03 Name : The remote Fedora host is missing a security update.
File : fedora_2014-14126.nasl - Type : ACT_GATHER_INFO
2014-11-03 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2396-1.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3084.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3085.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2394-1.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2395-1.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1724.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote Fedora host is missing a security update.
File : fedora_2014-13558.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote Fedora host is missing a security update.
File : fedora_2014-13773.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1724.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1724.nasl - Type : ACT_GATHER_INFO
2014-10-22 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-201.nasl - Type : ACT_GATHER_INFO
2014-10-22 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-10-20 Name : The remote Fedora host is missing a security update.
File : fedora_2014-13045.nasl - Type : ACT_GATHER_INFO
2014-10-20 Name : The remote Fedora host is missing a security update.
File : fedora_2014-13020.nasl - Type : ACT_GATHER_INFO
2014-10-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-09-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2356-1.nasl - Type : ACT_GATHER_INFO
2014-09-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2358-1.nasl - Type : ACT_GATHER_INFO
2014-09-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2359-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-11-29 13:27:27
  • Multiple Updates
2014-11-27 13:24:56
  • First insertion