Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2015:062 | First vendor Publication | 2015-03-27 |
Vendor | Mandriva | Last vendor Modification | 2015-03-27 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities has been discovered and corrected in openssl: Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment (CVE-2010-5298). The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160). The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment (CVE-2014-0195). The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition (CVE-2014-0198). The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake (CVE-2014-0221). OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224). The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value (CVE-2014-3470). Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message (CVE-2014-3513). The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566). Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure (CVE-2014-3567). The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix (CVE-2014-3569). The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (CVE-2014-3570). OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c (CVE-2014-3571). The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572). OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c (CVE-2014-8275). The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204). The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support (CVE-2015-0205). Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection (CVE-2015-0206). Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import (CVE-2015-0209). The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature (CVE-2015-0286). The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse (CVE-2015-0287). The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key (CVE-2015-0288). The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289). The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message (CVE-2015-0293). The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
38 % | CWE-310 | Cryptographic Issues |
14 % | CWE-20 | Improper Input Validation |
10 % | CWE-476 | NULL Pointer Dereference |
10 % | CWE-17 | Code |
5 % | CWE-399 | Resource Management Errors |
5 % | CWE-362 | Race Condition |
5 % | CWE-326 | Inadequate Encryption Strength |
5 % | CWE-125 | Out-of-bounds Read |
5 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
5 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:23812 | |||
Oval ID: | oval:org.mitre.oval:def:23812 | ||
Title: | DEPRECATED: ELSA-2014:0376: openssl security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Neel Mehta of Google Security as the original reporter. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0376-00 CVE-2014-0160 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24049 | |||
Oval ID: | oval:org.mitre.oval:def:24049 | ||
Title: | RHSA-2014:0626: openssl097a and openssl098e security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of this issue. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0626-00 CESA-2014:0626 CVE-2014-0224 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | openssl097a openssl098e |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24135 | |||
Oval ID: | oval:org.mitre.oval:def:24135 | ||
Title: | AIX OpenSSL DTLS invalid fragment vulnerability | ||
Description: | The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-0195 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24137 | |||
Oval ID: | oval:org.mitre.oval:def:24137 | ||
Title: | The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior | ||
Description: | The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0076 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24241 | |||
Oval ID: | oval:org.mitre.oval:def:24241 | ||
Title: | The TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read | ||
Description: | The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0160 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24301 | |||
Oval ID: | oval:org.mitre.oval:def:24301 | ||
Title: | Vulnerability in OpenSSL 0.9.8 - 0.9.8za, 1.0.0 - 1.0.0m and 1.0.1 - 1.0.1h, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) | ||
Description: | The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0195 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24324 | |||
Oval ID: | oval:org.mitre.oval:def:24324 | ||
Title: | ELSA-2014:0376: openssl security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Neel Mehta of Google Security as the original reporter. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0376-00 CESA-2014:0160 CVE-2014-0160 | Version: | 9 |
Platform(s): | Oracle Linux 6 CentOS Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24397 | |||
Oval ID: | oval:org.mitre.oval:def:24397 | ||
Title: | Vulnerability in OpenSSL through 1.0.1g, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) | ||
Description: | Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-5298 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24448 | |||
Oval ID: | oval:org.mitre.oval:def:24448 | ||
Title: | USN-2232-1 -- openssl vulnerabilities | ||
Description: | Several security issues were fixed in OpenSSL. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2232-1 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24603 | |||
Oval ID: | oval:org.mitre.oval:def:24603 | ||
Title: | Vulnerability in OpenSSL 0.9.8 - 0.9.8za, 1.0.0 - 1.0.0m and 1.0.1 - 1.0.1h, allows remote attackers to cause a denial of service (recursion and client crash) | ||
Description: | The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0221 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24606 | |||
Oval ID: | oval:org.mitre.oval:def:24606 | ||
Title: | USN-2165-1 -- openssl vulnerabilities | ||
Description: | OpenSSL could be made to expose sensitive information over the network, possibly including private keys. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2165-1 CVE-2014-0160 CVE-2014-0076 | Version: | 5 |
Platform(s): | Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24628 | |||
Oval ID: | oval:org.mitre.oval:def:24628 | ||
Title: | USN-2232-3 -- openssl regression | ||
Description: | USN-2232-1 introduced a regression in OpenSSL. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2232-3 CVE-2014-0224 CVE-2014-0195 CVE-2014-0221 CVE-2014-3470 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24638 | |||
Oval ID: | oval:org.mitre.oval:def:24638 | ||
Title: | Race condition in the ssl3_read_bytes function in s3_pkt.c in | ||
Description: | Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-5298 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24677 | |||
Oval ID: | oval:org.mitre.oval:def:24677 | ||
Title: | SUSE-SU-2014:0761-1 -- Security update for OpenSSL | ||
Description: | OpenSSL was updated to fix several vulnerabilities: * SSL/TLS MITM vulnerability. (CVE-2014-0224) * DTLS recursion flaw. (CVE-2014-0221) * Anonymous ECDH denial of service. (CVE-2014-3470) * Using the FLUSH+RELOAD Cache Side-channel Attack the nonces could have been recovered. (CVE-2014-0076) | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0761-1 CVE-2014-0224 CVE-2014-0221 CVE-2014-3470 CVE-2014-0076 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24718 | |||
Oval ID: | oval:org.mitre.oval:def:24718 | ||
Title: | RHSA-2014:0376: openssl security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Neel Mehta of Google Security as the original reporter. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0376-00 CVE-2014-0160 CESA-2014:0376 | Version: | 9 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24737 | |||
Oval ID: | oval:org.mitre.oval:def:24737 | ||
Title: | USN-2192-1 -- openssl vulnerabilities | ||
Description: | OpenSSL could be made to crash if it received specially crafted network traffic. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2192-1 CVE-2010-5298 CVE-2014-0198 | Version: | 4 |
Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24771 | |||
Oval ID: | oval:org.mitre.oval:def:24771 | ||
Title: | AIX OpenSSL SSL/TLS Man In The Middle (MITM) vulnerability | ||
Description: | OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-0224 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24772 | |||
Oval ID: | oval:org.mitre.oval:def:24772 | ||
Title: | RHSA-2014:0624: openssl security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of this issue. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0624-00 CESA-2014:0624 CVE-2014-0224 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24780 | |||
Oval ID: | oval:org.mitre.oval:def:24780 | ||
Title: | AIX OpenSSL Anonymous ECDH denial of service | ||
Description: | The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-3470 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24781 | |||
Oval ID: | oval:org.mitre.oval:def:24781 | ||
Title: | SUSE-SU-2014:0538-1 -- Security update for OpenSSL | ||
Description: | OpenSSL has been updated to fix an attack on ECDSA Nonces. Using the FLUSH+RELOAD Cache Side-channel Attack the Nonces could have been recovered. (CVE-2014-0076) Security Issue reference: * CVE-2014-0076 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 > | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0538-1 CVE-2014-0076 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24892 | |||
Oval ID: | oval:org.mitre.oval:def:24892 | ||
Title: | RHSA-2014:0625: openssl security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195) Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198) A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221) A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470) Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gröbert and Ivan Fratrić of Google as the original reporters of CVE-2014-3470. All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0625-00 CESA-2014:0625 CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24955 | |||
Oval ID: | oval:org.mitre.oval:def:24955 | ||
Title: | Vulnerability in OpenSSL 0.9.8 - 0.9.8za, 1.0.0 - 1.0.0m and 1.0.1 - 1.0.1h, allows remote attackers to cause a denial of service | ||
Description: | OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0224 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24977 | |||
Oval ID: | oval:org.mitre.oval:def:24977 | ||
Title: | AIX OpenSSL DTLS recursion flaw | ||
Description: | The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-0221 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25010 | |||
Oval ID: | oval:org.mitre.oval:def:25010 | ||
Title: | RHSA-2014:0680: openssl098e security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of this issue. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0680-00 CVE-2014-0224 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 7 CentOS Linux 7 | Product(s): | openssl098e |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25014 | |||
Oval ID: | oval:org.mitre.oval:def:25014 | ||
Title: | RHSA-2014:0679: openssl security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195) Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198) A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221) A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470) Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gröbert and Ivan Fratrić of Google as the original reporters of CVE-2014-3470. All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0679-00 CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 7 CentOS Linux 7 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25035 | |||
Oval ID: | oval:org.mitre.oval:def:25035 | ||
Title: | AIX OpenSSL SSL_MODE_RELEASE_BUFFERS NULL pointer dereference | ||
Description: | The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-0198 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25039 | |||
Oval ID: | oval:org.mitre.oval:def:25039 | ||
Title: | Vulnerability in OpenSSL 0.9.8 - 0.9.8za, 1.0.0 - 1.0.0m and 1.0.1 - 1.0.1h, allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information | ||
Description: | The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3470 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25058 | |||
Oval ID: | oval:org.mitre.oval:def:25058 | ||
Title: | Vulnerability in OpenSSL 1.x through 1.0.1g allows remote attackers to cause a denial of service | ||
Description: | The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0198 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25082 | |||
Oval ID: | oval:org.mitre.oval:def:25082 | ||
Title: | USN-2232-2 -- openssl regression | ||
Description: | USN-2232-1 introduced a regression in OpenSSL. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2232-2 CVE-2014-0224 CVE-2014-0195 CVE-2014-0221 CVE-2014-3470 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25095 | |||
Oval ID: | oval:org.mitre.oval:def:25095 | ||
Title: | ELSA-2014:0624: openssl security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of this issue. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0624-00 CVE-2014-0224 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25106 | |||
Oval ID: | oval:org.mitre.oval:def:25106 | ||
Title: | ELSA-2014:0626: openssl097a and openssl098e security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of this issue. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0626-00 CVE-2014-0224 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openssl097a openssl098e |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25171 | |||
Oval ID: | oval:org.mitre.oval:def:25171 | ||
Title: | ELSA-2014:0625: openssl security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195) Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198) A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221) A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470) Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Juri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Grobert and Ivan Fratric of Google as the original reporters of CVE-2014-3470. All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0625-00 CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25286 | |||
Oval ID: | oval:org.mitre.oval:def:25286 | ||
Title: | SUSE-SU-2014:0541-1 -- Security update for OpenSSL | ||
Description: | OpenSSL has been updated to fix an attack on ECDSA Nonces. Using the FLUSH+RELOAD Cache Side-channel Attack the Nonces could have been recovered. This update also ensures that the stack is marked non-executable on x86 32bit (bnc#870192). On other processor platforms it was already marked as non-executable before. Security Issue reference: * CVE-2014-0076 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 > | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0541-1 CVE-2014-0076 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25291 | |||
Oval ID: | oval:org.mitre.oval:def:25291 | ||
Title: | SUSE-SU-2014:0759-1 -- Security update for OpenSSL | ||
Description: | OpenSSL was updated to fix several vulnerabilities: * SSL/TLS MITM vulnerability. (CVE-2014-0224) * DTLS recursion flaw. (CVE-2014-0221) * Anonymous ECDH denial of service. (CVE-2014-3470) | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0759-1 CVE-2014-0224 CVE-2014-0221 CVE-2014-3470 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25448 | |||
Oval ID: | oval:org.mitre.oval:def:25448 | ||
Title: | SUSE-SU-2014:0539-1 -- Security update for OpenSSL | ||
Description: | OpenSSL has been updated to fix an attack on ECDSA Nonces. Using the FLUSH+RELOAD Cache Side-channel Attack the Nonces could be recovered. (CVE-2014-0076) The update also enables use of SHA-2 family certificate verification of X.509 certificates used in todays SSL certificate infrastructure. Security Issue reference: * CVE-2014-0076 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 > | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0539-1 CVE-2014-0076 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25803 | |||
Oval ID: | oval:org.mitre.oval:def:25803 | ||
Title: | USN-2232-4 -- openssl vulnerabilities | ||
Description: | USN-2232-1 introduced a regression in OpenSSL. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2232-4 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 | Version: | 3 |
Platform(s): | Ubuntu 10.04 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26416 | |||
Oval ID: | oval:org.mitre.oval:def:26416 | ||
Title: | AIX OpenSSL Denial of Service due to memory consumption | ||
Description: | Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-3567 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26548 | |||
Oval ID: | oval:org.mitre.oval:def:26548 | ||
Title: | DSA-3053-1 openssl - security update | ||
Description: | Several vulnerabilities have been found in OpenSSL, the Secure Sockets Layer library and toolkit. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-3053-1 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26742 | |||
Oval ID: | oval:org.mitre.oval:def:26742 | ||
Title: | DEPRECATED: ELSA-2014-0376 -- openssl security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Neel Mehta of Google Security as the original reporter. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0376 CVE-2014-0160 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26743 | |||
Oval ID: | oval:org.mitre.oval:def:26743 | ||
Title: | AIX OpenSSL Denial of Service due to memory leak in DTLS SRTP extension | ||
Description: | Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-3513 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26829 | |||
Oval ID: | oval:org.mitre.oval:def:26829 | ||
Title: | RHSA-2014:1652: openssl security update (Important) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server. (CVE-2014-3513) A memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server. (CVE-2014-3567) All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to mitigate the CVE-2014-3566 issue and correct the CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1652-00 CESA-2014:1652 CVE-2014-3513 CVE-2014-3567 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 CentOS Linux 6 CentOS Linux 7 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27014 | |||
Oval ID: | oval:org.mitre.oval:def:27014 | ||
Title: | RHSA-2014:1653: openssl security update (Moderate) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to mitigate the CVE-2014-3566 issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1653-00 CESA-2014:1653 CVE-2014-3566 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27052 | |||
Oval ID: | oval:org.mitre.oval:def:27052 | ||
Title: | USN-2385-1 -- OpenSSL vulnerabilities | ||
Description: | It was discovered that OpenSSL incorrectly handled memory when parsing DTLS SRTP extension data. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3513">CVE-2014-3513</a>) It was discovered that OpenSSL incorrectly handled memory when verifying the integrity of a session ticket. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3567">CVE-2014-3567</a>) In addition, this update introduces support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV). This new feature prevents protocol downgrade attacks when certain applications such as web browsers attempt to reconnect using a lower protocol version for interoperability reasons. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2385-1 CVE-2014-3513 CVE-2014-3567 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27057 | |||
Oval ID: | oval:org.mitre.oval:def:27057 | ||
Title: | ELSA-2014-1653 -- openssl security update | ||
Description: | [0.9.8e-31] - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) [0.9.8e-30] - fix CVE-2014-0221 - recursion in DTLS code leading to DoS - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS [0.9.8e-29] - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability [0.9.8e-28] - replace expired GlobalSign Root CA certificate in ca-bundle.crt | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-1653 CVE-2014-3566 | Version: | 5 |
Platform(s): | Oracle Linux 5 | Product(s): | openssl openssl-devel openssl-perl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27080 | |||
Oval ID: | oval:org.mitre.oval:def:27080 | ||
Title: | ELSA-2014-0680 -- openssl098e security update (important) | ||
Description: | [0.9.8e-29.2] - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0680 CVE-2014-0224 | Version: | 3 |
Platform(s): | Oracle Linux 7 | Product(s): | openssl098e |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27084 | |||
Oval ID: | oval:org.mitre.oval:def:27084 | ||
Title: | ELSA-2014-1652 -- openssl security update | ||
Description: | [1.0.1e-30.2] - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) [1.0.1e-30] - add ECC TLS extensions to DTLS (#1119800) [1.0.1e-29] - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation [1.0.1e-28] - fix CVE-2014-0224 fix that broke EAP-FAST session resumption support [1.0.1e-26] - drop EXPORT, RC2, and DES from the default cipher list (#1057520) - print ephemeral key size negotiated in TLS handshake (#1057715) - do not include ECC ciphersuites in SSLv2 client hello (#1090952) - properly detect encryption failure in BIO (#1100819) - fail on hmac integrity check if the .hmac file is empty (#1105567) - FIPS mode: make the limitations on DSA, DH, and RSA keygen length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment variable is set [1.0.1e-25] - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH [1.0.1e-24] - add back support for secp521r1 EC curve [1.0.1e-23] - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension [1.0.1e-22] - use 2048 bit RSA key in FIPS selftests [1.0.1e-21] - add DH_compute_key_padded needed for FIPS CAVS testing - make 3des strength to be 128 bits instead of 168 (#1056616) - FIPS mode: do not generate DSA keys and DH parameters < 2048 bits - FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys) - FIPS mode: add DH selftest - FIPS mode: reseed DRBG properly on RAND_add() - FIPS mode: add RSA encrypt/decrypt selftest - FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key - use the key length from configuration file if req -newkey rsa is invoked [1.0.1e-20] - fix CVE-2013-4353 - Invalid TLS handshake crash [1.0.1e-19] - fix CVE-2013-6450 - possible MiTM attack on DTLS1 [1.0.1e-18] - fix CVE-2013-6449 - crash when version in SSL structure is incorrect [1.0.1e-17] - add back some no-op symbols that were inadvertently dropped | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-1652 CVE-2014-3513 CVE-2014-3567 | Version: | 6 |
Platform(s): | Oracle Linux 6 Oracle Linux 7 | Product(s): | openssl openssl-devel openssl-perl openssl-static openssl-libs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27104 | |||
Oval ID: | oval:org.mitre.oval:def:27104 | ||
Title: | AIX OpenSSL Patch to mitigate CVE-2014-3566 | ||
Description: | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-3566 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27106 | |||
Oval ID: | oval:org.mitre.oval:def:27106 | ||
Title: | DEPRECATED: ELSA-2014-0624 -- openssl security update (important) | ||
Description: | [0.9.8e-27.3] - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability [0.9.8e-27.1] - replace expired GlobalSign Root CA certificate in ca-bundle.crt | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0624 CVE-2014-0224 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27123 | |||
Oval ID: | oval:org.mitre.oval:def:27123 | ||
Title: | ELSA-2014-0679 -- openssl security update (important) | ||
Description: | [1.0.1e-34.3] - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0679 CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 | Version: | 5 |
Platform(s): | Oracle Linux 7 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27130 | |||
Oval ID: | oval:org.mitre.oval:def:27130 | ||
Title: | DEPRECATED: ELSA-2014-0626 -- openssl097a and openssl098e security update (important) | ||
Description: | [0.9.8e-18.0.1.el6_5.2] - Updated the description [0.9.8e-18.2] - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability [0.9.8e-18] - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0626 CVE-2014-0224 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openssl097a openssl098e |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27151 | |||
Oval ID: | oval:org.mitre.oval:def:27151 | ||
Title: | DEPRECATED: ELSA-2014-0625 -- openssl security update (important) | ||
Description: | [1.0.1e-16.14] - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0625 CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28044 | |||
Oval ID: | oval:org.mitre.oval:def:28044 | ||
Title: | SUSE-SU-2014:1557-2 -- Security update for compat-openssl097g (moderate) | ||
Description: | The SLES 9 compatibility package compat-openssl097g received a roll up update fixing various security issues: * Build option no-ssl3 is incomplete (CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV (CVE-2014-3566) * Information leak in pretty printing functions (CVE-2014-3508) * OCSP bad key DoS attack (CVE-2013-0166) * SSL/TLS CBC plaintext recovery attack (CVE-2013-0169) * Anonymous ECDH denial of service (CVE-2014-3470) * SSL/TLS MITM vulnerability (CVE-2014-0224) Security Issues: * CVE-2013-0166 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166> * CVE-2013-0169 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169> * CVE-2014-0224 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224> * CVE-2014-3470 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470> * CVE-2014-3508 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508> * CVE-2014-3566 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566> * CVE-2014-3568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1557-2 CVE-2013-0166 CVE-2013-0169 CVE-2014-0224 CVE-2014-3470 CVE-2014-3508 CVE-2014-3566 CVE-2014-3568 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | compat-openssl097g |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28154 | |||
Oval ID: | oval:org.mitre.oval:def:28154 | ||
Title: | IBM SDK Java Technology Edition vulnerability | ||
Description: | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-3566 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28223 | |||
Oval ID: | oval:org.mitre.oval:def:28223 | ||
Title: | SUSE-SU-2014:1386-1 -- Security update for OpenSSL (important) | ||
Description: | This OpenSSL update fixes the following issues: * Session Ticket Memory Leak (CVE-2014-3567) * Build option no-ssl3 is incomplete ((CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3513 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513> * CVE-2014-3567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567> * CVE-2014-3566 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566> * CVE-2014-3568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1386-1 CVE-2014-3513 CVE-2014-3567 CVE-2014-3566 CVE-2014-3568 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28230 | |||
Oval ID: | oval:org.mitre.oval:def:28230 | ||
Title: | SUSE-SU-2014:1447-1 -- Security update for openwsman (moderate) | ||
Description: | This update adds a configuration option to disable SSLv2 and SSLv3 in openwsman. This is required to mitigate CVE-2014-3566. To use the new option, edit /etc/openwsman/openwsman.conf and add the following line to the [server] section: ssl_disabled_protocols = SSLv2 SSLv3 Security Issues: * CVE-2014-3566 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1447-1 CVE-2014-3566 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | openwsman |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28273 | |||
Oval ID: | oval:org.mitre.oval:def:28273 | ||
Title: | SUSE-SU-2014:1524-1 -- Security update for openssl (moderate) | ||
Description: | openssl was updated to fix four security issues. These security issues were fixed: - SRTP Memory Leak (CVE-2014-3513). - Session Ticket Memory Leak (CVE-2014-3567). - Fixed incomplete no-ssl3 build option (CVE-2014-3568). - Add support for TLS_FALLBACK_SCSV (CVE-2014-3566). NOTE: This update alone DOESN'T FIX the POODLE SSL protocol vulnerability. OpenSSL only adds downgrade detection support for client applications. See https://www.suse.com/support/kb/doc.php?id=7015773 for mitigations. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1524-1 CVE-2014-3513 CVE-2014-3567 CVE-2014-3568 CVE-2014-3566 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28380 | |||
Oval ID: | oval:org.mitre.oval:def:28380 | ||
Title: | SUSE-SU-2014:1361-1 -- Security update for OpenSSL (important) | ||
Description: | This OpenSSL update fixes the following issues: * Session Ticket Memory Leak (CVE-2014-3567) * Build option no-ssl3 is incomplete (CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567> * CVE-2014-3566 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566> * CVE-2014-3568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1361-1 CVE-2014-3567 CVE-2014-3566 CVE-2014-3568 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28398 | |||
Oval ID: | oval:org.mitre.oval:def:28398 | ||
Title: | Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. | ||
Description: | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-3566 | Version: | 4 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28457 | |||
Oval ID: | oval:org.mitre.oval:def:28457 | ||
Title: | SUSE-SU-2014:1387-1 -- Security update for OpenSSL (important) | ||
Description: | This OpenSSL update fixes the following issues: * Session Ticket Memory Leak (CVE-2014-3567) * Build option no-ssl3 is incomplete ((CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567> * CVE-2014-3566 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566> * CVE-2014-3568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1387-1 CVE-2014-3567 CVE-2014-3566 CVE-2014-3568 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28481 | |||
Oval ID: | oval:org.mitre.oval:def:28481 | ||
Title: | SUSE-SU-2014:1512-1 -- Security update for compat-openssl098 (moderate) | ||
Description: | compat-openssl098 was updated to fix three security issues. NOTE: this update alone DOESN'T FIX the POODLE SSL protocol vulnerability. OpenSSL only adds downgrade detection support for client applications. See https://www.suse.com/support/kb/doc.php?id=7015773 for mitigations. These security issues were fixed: - Session ticket memory leak (CVE-2014-3567). - Fixed build option no-ssl3 (CVE-2014-3568). - Added support for TLS_FALLBACK_SCSV (CVE-2014-3566). | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1512-1 CVE-2014-3567 CVE-2014-3568 CVE-2014-3566 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 12 | Product(s): | compat-openssl098 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28488 | |||
Oval ID: | oval:org.mitre.oval:def:28488 | ||
Title: | SUSE-SU-2014:1519-1 -- Security update for evolution-data-server (moderate) | ||
Description: | evolution-data-server has been updated to disable support for SSLv3. This security issues has been fixed: * SSLv3 POODLE attack (CVE-2014-3566) Security Issues: * CVE-2014-3566 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1519-1 CVE-2014-3566 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | evolution-data-server |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28514 | |||
Oval ID: | oval:org.mitre.oval:def:28514 | ||
Title: | RHSA-2015:0800 -- openssl security update (Moderate) | ||
Description: | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method. (CVE-2015-0204) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2015:0800 CESA-2015:0800 CVE-2014-8275 CVE-2015-0204 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28541 | |||
Oval ID: | oval:org.mitre.oval:def:28541 | ||
Title: | AIX OpenSSL Denial of Service (invalid write operation and memory corruption) | ||
Description: | The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-0287 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28671 | |||
Oval ID: | oval:org.mitre.oval:def:28671 | ||
Title: | AIX OpenSSL Denial of Service (NULL pointer dereference and application crash) | ||
Description: | The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-0289 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28678 | |||
Oval ID: | oval:org.mitre.oval:def:28678 | ||
Title: | SUSE-SU-2014:1558-1 -- Security update for pure-ftpd (moderate) | ||
Description: | ure-ftpd was updated to fix one security issue and two non-security bugs: * SSLv2 and SSLv3 have been disabled to avoid the attack named POODLE (CVE-2014-3566, bnc#902229). * Added the disable_ascii option (bnc#828469). * Fixed wait on TLS handshake (bnc#856424). Security Issues: * CVE-2014-3566 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1558-1 CVE-2014-3566 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | pure-ftpd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28785 | |||
Oval ID: | oval:org.mitre.oval:def:28785 | ||
Title: | AIX OpenSSL Denial of Service (NULL pointer dereference and application crash) | ||
Description: | The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-0288 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28795 | |||
Oval ID: | oval:org.mitre.oval:def:28795 | ||
Title: | AIX OpenSSL Denial of Service (memory corruption and application crash) | ||
Description: | Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-0209 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28833 | |||
Oval ID: | oval:org.mitre.oval:def:28833 | ||
Title: | AIX OpenSSL Denial of Service (invalid read operation and application crash) | ||
Description: | The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-0286 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28868 | |||
Oval ID: | oval:org.mitre.oval:def:28868 | ||
Title: | AIX OpenSSL Denial of Service (assertion failure and daemon exit) | ||
Description: | The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2015-0293 | Version: | 4 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29152 | |||
Oval ID: | oval:org.mitre.oval:def:29152 | ||
Title: | Vulnerability in SSLv3 affects ftpd, sendmaild, imapd, and popd on AIX | ||
Description: | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2014-3566 | Version: | 5 |
Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29321 | |||
Oval ID: | oval:org.mitre.oval:def:29321 | ||
Title: | DSA-2896-2 -- openssl -- security update | ||
Description: | A vulnerability has been discovered in OpenSSL's support for the TLS/DTLS Heartbeat extension. Up to 64KB of memory from either client or server can be recovered by an attacker. This vulnerability might allow an attacker to compromise the private key and other sensitive data in memory. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2896-2 CVE-2014-0160 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29338 | |||
Oval ID: | oval:org.mitre.oval:def:29338 | ||
Title: | DSA-2950-2 -- openssl -- security update | ||
Description: | Multiple vulnerabilities have been discovered in OpenSSL. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2950-2 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | openssl |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2014-04-24 | Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support |
2014-04-10 | Heartbleed OpenSSL - Information Leak Exploit (1) |
2014-04-09 | OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS ... |
2014-04-08 | OpenSSL TLS Heartbeat Extension - Memory Disclosure |
OpenVAS Exploits
Date | Description |
---|---|
2014-10-16 | Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-09-24 | IAVM : 2015-A-0222 - Multiple Security Vulnerabilities in Apple iOS Severity : Category I - VMSKEY : V0061471 |
2015-09-03 | IAVM : 2015-B-0106 - Multiple Vulnerabilities in HP Version Control Repository Manager Severity : Category I - VMSKEY : V0061359 |
2015-07-16 | IAVM : 2015-A-0160 - Multiple Vulnerabilities in Oracle Linux and Virtualization Severity : Category I - VMSKEY : V0061123 |
2015-07-16 | IAVM : 2015-A-0154 - Multiple Vulnerabilities in Oracle Fusion Middleware Severity : Category I - VMSKEY : V0061081 |
2015-06-25 | IAVM : 2015-A-0135 - Multiple Vulnerabilities in Blue Coat ProxySG Severity : Category I - VMSKEY : V0060997 |
2015-05-21 | IAVM : 2015-A-0113 - Multiple Vulnerabilities in Juniper Networks CTPOS Severity : Category I - VMSKEY : V0060737 |
2015-02-05 | IAVM : 2015-B-0012 - Multiple Vulnerabilities in VMware ESXi 5.0 Severity : Category I - VMSKEY : V0058517 |
2015-02-05 | IAVM : 2015-B-0013 - Multiple Vulnerabilities in VMware ESXi 5.1 Severity : Category I - VMSKEY : V0058515 |
2015-02-05 | IAVM : 2015-B-0014 - Multiple Vulnerabilities in VMware ESXi 5.5 Severity : Category I - VMSKEY : V0058513 |
2015-01-22 | IAVM : 2015-B-0007 - Multiple Vulnerabilities in Juniper Secure Analytics (JSA) and Security Threa... Severity : Category I - VMSKEY : V0058213 |
2014-11-13 | IAVM : 2014-A-0172 - Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform Severity : Category I - VMSKEY : V0057381 |
2014-07-31 | IAVM : 2014-B-0102 - Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5 Severity : Category I - VMSKEY : V0053507 |
2014-07-31 | IAVM : 2014-A-0115 - Multiple Vulnerabilities in VMware Horizon View Severity : Category I - VMSKEY : V0053501 |
2014-07-31 | IAVM : 2014-B-0101 - Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1 Severity : Category I - VMSKEY : V0053505 |
2014-07-31 | IAVM : 2014-B-0103 - Multiple Vulnerabilities in VMware Horizon View Client Severity : Category I - VMSKEY : V0053509 |
2014-07-24 | IAVM : 2014-B-0097 - Multiple Vulnerabilities in VMware ESXi 5.0 Severity : Category I - VMSKEY : V0053319 |
2014-07-17 | IAVM : 2014-A-0099 - Multiple Vulnerabilities in McAfee Email Gateway Severity : Category I - VMSKEY : V0053203 |
2014-07-17 | IAVM : 2014-A-0100 - Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux Severity : Category I - VMSKEY : V0053201 |
2014-07-17 | IAVM : 2014-A-0103 - Multiple Vulnerabilities in Oracle E-Business Severity : Category I - VMSKEY : V0053195 |
2014-07-17 | IAVM : 2014-A-0109 - Multiple Vulnerabilities in VMware Fusion Severity : Category I - VMSKEY : V0053183 |
2014-07-17 | IAVM : 2014-A-0110 - Multiple Vulnerabilities in VMware Player Severity : Category I - VMSKEY : V0053181 |
2014-07-17 | IAVM : 2014-A-0111 - Multiple Vulnerabilities in VMware Workstation Severity : Category I - VMSKEY : V0053179 |
2014-07-17 | IAVM : 2014-B-0095 - Multiple Vulnerabilities in Splunk Severity : Category I - VMSKEY : V0053177 |
2014-07-03 | IAVM : 2014-B-0084 - HP Onboard Administrator Information Disclosure Vulnerability Severity : Category I - VMSKEY : V0052901 |
2014-07-03 | IAVM : 2014-B-0088 - Multiple Vulnerabilities in VMware ESXi 5.5 Severity : Category I - VMSKEY : V0052911 |
2014-07-03 | IAVM : 2014-B-0089 - Multiple Vulnerabilities in VMware ESXi 5.1 Severity : Category I - VMSKEY : V0052909 |
2014-07-03 | IAVM : 2014-B-0091 - Multiple Vulnerabilities in VMware vCenter Update Manager 5.5 Severity : Category I - VMSKEY : V0052907 |
2014-07-03 | IAVM : 2014-B-0085 - Multiple Vulnerabilities in HP System Management Homepage (SMH) Severity : Category I - VMSKEY : V0052899 |
2014-07-03 | IAVM : 2014-B-0092 - Multiple Vulnerabilities in VMware vSphere Client 5.5 Severity : Category I - VMSKEY : V0052893 |
2014-06-26 | IAVM : 2014-A-0089 - Multiple Vulnerabilities in Juniper Pulse Secure Access Service (IVE) Severity : Category I - VMSKEY : V0052805 |
2014-06-19 | IAVM : 2014-B-0079 - Multiple Vulnerabilities in IBM AIX Severity : Category I - VMSKEY : V0052641 |
2014-06-19 | IAVM : 2014-B-0078 - Multiple Vulnerabilities in Blue Coat ProxySG Severity : Category I - VMSKEY : V0052639 |
2014-06-19 | IAVM : 2014-A-0087 - Multiple Vulnerabilities in McAfee ePolicy Orchestrator Severity : Category I - VMSKEY : V0052637 |
2014-06-19 | IAVM : 2014-B-0080 - Multiple Vulnerabilities in Stunnel Severity : Category I - VMSKEY : V0052627 |
2014-06-19 | IAVM : 2014-B-0077 - Multiple Vulnerabilities in McAfee Web Gateway Severity : Category I - VMSKEY : V0052625 |
2014-06-12 | IAVM : 2014-A-0083 - Multiple Vulnerabilities in OpenSSL Severity : Category I - VMSKEY : V0052495 |
2014-05-01 | IAVM : 2014-A-0063 - Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux Severity : Category I - VMSKEY : V0050009 |
2014-05-01 | IAVM : 2014-A-0062 - Multiple Vulnerabilities In McAfee Email Gateway Severity : Category I - VMSKEY : V0050005 |
2014-05-01 | IAVM : 2014-B-0050 - McAfee Web Gateway Information Disclosure Vulnerability Severity : Category I - VMSKEY : V0050003 |
2014-04-24 | IAVM : 2014-B-0046 - Multiple Vulnerabilities in HP System Management Homepage (SMH) Severity : Category I - VMSKEY : V0049737 |
2014-04-17 | IAVM : 2014-A-0057 - Multiple Vulnerabilities in Oracle MySQL Products Severity : Category I - VMSKEY : V0049591 |
2014-04-17 | IAVM : 2014-A-0053 - Multiple Vulnerabilities in Juniper Network JUNOS Severity : Category I - VMSKEY : V0049589 |
2014-04-17 | IAVM : 2014-A-0054 - Multiple Vulnerabilities in Oracle Database Severity : Category I - VMSKEY : V0049587 |
2014-04-17 | IAVM : 2014-A-0055 - Multiple Vulnerabilities in Oracle Fusion Middleware Severity : Category I - VMSKEY : V0049585 |
2014-04-17 | IAVM : 2014-A-0056 - Multiple Vulnerabilities in Oracle Java SE Severity : Category I - VMSKEY : V0049583 |
2014-04-17 | IAVM : 2014-A-0058 - Multiple Vulnerabilities in Oracle & Sun Systems Product Suite Severity : Category I - VMSKEY : V0049579 |
2014-04-17 | IAVM : 2014-B-0041 - Multiple Vulnerabilities in Splunk Severity : Category I - VMSKEY : V0049577 |
2014-04-17 | IAVM : 2014-B-0042 - Stunnel Information Disclosure Vulnerability Severity : Category I - VMSKEY : V0049575 |
2014-04-10 | IAVM : 2014-A-0051 - OpenSSL Information Disclosure Vulnerability Severity : Category I - VMSKEY : V0048667 |
2014-01-30 | IAVM : 2014-A-0017 - Multiple Vulnerabilities in Cisco TelePresence Video Communication Server Severity : Category I - VMSKEY : V0043846 |
2014-01-30 | IAVM : 2014-A-0019 - Multiple Vulnerabilities in VMware Fusion Severity : Category I - VMSKEY : V0043844 |
2013-11-21 | IAVM : 2013-A-0222 - Multiple Vulnerabilties in VMware Workstation Severity : Category II - VMSKEY : V0042383 |
2012-06-28 | IAVM : 2012-A-0104 - Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client Severity : Category I - VMSKEY : V0033046 |
Snort® IPS/IDS
Date | Description |
---|---|
2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52626 - Revision : 1 - Type : SERVER-OTHER |
2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52625 - Revision : 1 - Type : SERVER-OTHER |
2020-01-21 | OpenSSL SSL ChangeCipherSpec man-in-the-middle attempt RuleID : 52487 - Revision : 1 - Type : SERVER-OTHER |
2019-10-10 | OpenSSL DTLS SRTP extension parsing denial-of-service attempt RuleID : 51460 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL DTLS duplicate record denial of service attempt RuleID : 51359 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL DTLS duplicate record denial of service attempt RuleID : 51358 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL DTLS duplicate record denial of service attempt RuleID : 51357 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL DTLS duplicate record denial of service attempt RuleID : 51356 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous ascii client session ticket RuleID : 51354 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous ascii client session ticket RuleID : 51353 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous ascii client session ticket RuleID : 51352 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous ascii client session ticket RuleID : 51351 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous ascii session ticket RuleID : 51350 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous ascii session ticket RuleID : 51349 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous ascii session ticket RuleID : 51348 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous ascii session ticket RuleID : 51347 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous non-zero length session ticket in client hello RuleID : 51346 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous non-zero length session ticket in client hello RuleID : 51345 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous non-zero length session ticket in client hello RuleID : 51344 - Revision : 1 - Type : SERVER-OTHER |
2019-10-01 | OpenSSL TLS anomalous non-zero length session ticket in client hello RuleID : 51343 - Revision : 1 - Type : SERVER-OTHER |
2015-07-19 | OpenSSL denial-of-service via crafted x.509 certificate attempt RuleID : 34889 - Revision : 3 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33806 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33805 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33804 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33803 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33802 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33801 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33800 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33799 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33798 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33797 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33796 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33795 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33794 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33793 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33792 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33791 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33790 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33789 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33788 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33787 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33786 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade cipher suite attempt RuleID : 33785 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33784 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33783 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33782 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33781 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33780 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL request for export grade ciphersuite attempt RuleID : 33779 - Revision : 5 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33778 - Revision : 6 - Type : SERVER-OTHER |
2015-04-14 | SSL export grade ciphersuite server negotiation attempt RuleID : 33777 - Revision : 6 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33703 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33702 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33701 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33700 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33699 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33698 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33697 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33696 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33695 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33694 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33693 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33692 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33691 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33690 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33689 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33688 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33687 - Revision : 2 - Type : SERVER-OTHER |
2015-04-07 | SSL request for export grade ciphersuite attempt RuleID : 33686 - Revision : 2 - Type : SERVER-OTHER |
2014-12-18 | SSLv3 CBC client connection attempt RuleID : 32566 - Revision : 2 - Type : POLICY-OTHER |
2014-12-11 | OpenSSL TLS large number of session tickets sent - possible dos attempt RuleID : 32468 - Revision : 3 - Type : SERVER-OTHER |
2014-12-11 | OpenSSL TLS large number of session tickets sent - possible dos attempt RuleID : 32467 - Revision : 3 - Type : SERVER-OTHER |
2014-12-11 | OpenSSL TLS large number of session tickets sent - possible dos attempt RuleID : 32466 - Revision : 3 - Type : SERVER-OTHER |
2014-12-11 | OpenSSL TLS large number of session tickets sent - possible dos attempt RuleID : 32465 - Revision : 3 - Type : SERVER-OTHER |
2014-12-09 | OpenSSL DTLS SRTP extension parsing denial-of-service attempt RuleID : 32382 - Revision : 6 - Type : SERVER-OTHER |
2014-12-09 | OpenSSL DTLS SRTP extension parsing denial-of-service attempt RuleID : 32381 - Revision : 7 - Type : SERVER-OTHER |
2014-11-19 | SSLv3 POODLE CBC padding brute force attempt RuleID : 32205 - Revision : 5 - Type : SERVER-OTHER |
2014-11-19 | SSLv3 POODLE CBC padding brute force attempt RuleID : 32204 - Revision : 5 - Type : SERVER-OTHER |
2014-11-16 | OpenSSL TLSv1.2 ChangeCipherSpec man-in-the-middle exploitation attempt RuleID : 31484 - Revision : 3 - Type : SERVER-OTHER |
2014-11-16 | OpenSSL TLSv1.1 ChangeCipherSpec man-in-the-middle exploitation attempt RuleID : 31483 - Revision : 3 - Type : SERVER-OTHER |
2014-11-16 | OpenSSL TLSv1.0 ChangeCipherSpec man-in-the-middle exploitation attempt RuleID : 31482 - Revision : 3 - Type : SERVER-OTHER |
2014-11-16 | OpenSSL SSL ChangeCipherSpec man-in-the-middle exploitation attempt RuleID : 31481 - Revision : 3 - Type : SERVER-OTHER |
2014-11-16 | OpenSSL TLSv1.2 ChangeCipherSpec man-in-the-middle exploitation attempt RuleID : 31480 - Revision : 3 - Type : SERVER-OTHER |
2014-11-16 | OpenSSL TLSv1.1 ChangeCipherSpec man-in-the-middle exploitation attempt RuleID : 31479 - Revision : 3 - Type : SERVER-OTHER |
2014-11-16 | OpenSSL TLSv1.0 ChangeCipherSpec man-in-the-middle exploitation attempt RuleID : 31478 - Revision : 3 - Type : SERVER-OTHER |
2014-11-16 | OpenSSL SSL ChangeCipherSpec man-in-the-middle exploitation attempt RuleID : 31477 - Revision : 3 - Type : SERVER-OTHER |
2014-11-16 | OpenSSL DTLSv1.0 handshake fragment buffer overrun attempt RuleID : 31361 - Revision : 4 - Type : SERVER-OTHER |
2014-11-16 | OpenSSL DTLSv1.0 handshake fragment buffer overrun attempt RuleID : 31182 - Revision : 2 - Type : SERVER-OTHER |
2014-07-05 | OpenSSL DTLS handshake recursion denial of service attempt RuleID : 31181 - Revision : 9 - Type : SERVER-OTHER |
2014-07-05 | OpenSSL DTLS handshake recursion denial of service attempt RuleID : 31180 - Revision : 7 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt RuleID : 30788-community - Revision : 5 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt RuleID : 30788 - Revision : 5 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30787-community - Revision : 5 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30787 - Revision : 5 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30786-community - Revision : 4 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30786 - Revision : 4 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30785-community - Revision : 4 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30785 - Revision : 4 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt RuleID : 30784-community - Revision : 4 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt RuleID : 30784 - Revision : 4 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt RuleID : 30783-community - Revision : 4 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt RuleID : 30783 - Revision : 4 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30782-community - Revision : 4 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30782 - Revision : 4 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30781-community - Revision : 5 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30781 - Revision : 5 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30780-community - Revision : 4 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30780 - Revision : 4 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30779-community - Revision : 4 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30779 - Revision : 4 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30778-community - Revision : 4 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30778 - Revision : 4 - Type : SERVER-OTHER |
2014-04-25 | OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30777-community - Revision : 4 - Type : SERVER-OTHER |
2014-05-24 | OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30777 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed at... RuleID : 30742 - Revision : 2 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed at... RuleID : 30741 - Revision : 3 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed at... RuleID : 30740 - Revision : 2 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed at... RuleID : 30739 - Revision : 3 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30738 - Revision : 2 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30737 - Revision : 3 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30736 - Revision : 2 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30735 - Revision : 3 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.2 heartbeat read overrun attempt RuleID : 30734 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.2 heartbeat read overrun attempt RuleID : 30733 - Revision : 5 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.1 heartbeat read overrun attempt RuleID : 30732 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.1 heartbeat read overrun attempt RuleID : 30731 - Revision : 5 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1 heartbeat read overrun attempt RuleID : 30730 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1 heartbeat read overrun attempt RuleID : 30729 - Revision : 5 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL SSLv3 heartbeat read overrun attempt RuleID : 30728 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL SSLv3 heartbeat read overrun attempt RuleID : 30727 - Revision : 5 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed at... RuleID : 30726 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed at... RuleID : 30725 - Revision : 3 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed at... RuleID : 30724 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed at... RuleID : 30723 - Revision : 3 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30722 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30721 - Revision : 3 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30720 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30719 - Revision : 3 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.2 heartbeat read overrun attempt RuleID : 30718 - Revision : 5 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.2 heartbeat read overrun attempt RuleID : 30717 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.1 heartbeat read overrun attempt RuleID : 30716 - Revision : 5 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1.1 heartbeat read overrun attempt RuleID : 30715 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1 heartbeat read overrun attempt RuleID : 30714 - Revision : 5 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL TLSv1 heartbeat read overrun attempt RuleID : 30713 - Revision : 4 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL SSLv3 heartbeat read overrun attempt RuleID : 30712 - Revision : 5 - Type : SERVER-OTHER |
2014-05-17 | OpenVPN OpenSSL SSLv3 heartbeat read overrun attempt RuleID : 30711 - Revision : 4 - Type : SERVER-OTHER |
2014-04-15 | OpenSSL Heartbleed masscan access exploitation attempt RuleID : 30549-community - Revision : 2 - Type : SERVER-OTHER |
2014-05-15 | OpenSSL Heartbleed masscan access exploitation attempt RuleID : 30549 - Revision : 2 - Type : SERVER-OTHER |
2014-04-11 | OpenSSL TLSv1.2 heartbeat read overrun attempt RuleID : 30525-community - Revision : 4 - Type : SERVER-OTHER |
2014-05-11 | OpenSSL TLSv1.2 heartbeat read overrun attempt RuleID : 30525 - Revision : 4 - Type : SERVER-OTHER |
2014-04-11 | OpenSSL TLSv1.1 heartbeat read overrun attempt RuleID : 30524-community - Revision : 5 - Type : SERVER-OTHER |
2014-05-11 | OpenSSL TLSv1.1 heartbeat read overrun attempt RuleID : 30524 - Revision : 5 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL TLSv1.2 heartbeat read overrun attempt - vulnerable client response RuleID : 30523-community - Revision : 9 - Type : SERVER-OTHER |
2014-05-10 | OpenSSL TLSv1.2 heartbeat read overrun attempt - vulnerable client response RuleID : 30523 - Revision : 9 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL TLSv1.1 heartbeat read overrun attempt - vulnerable client response RuleID : 30522-community - Revision : 9 - Type : SERVER-OTHER |
2014-05-10 | OpenSSL TLSv1.1 heartbeat read overrun attempt - vulnerable client response RuleID : 30522 - Revision : 9 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL TLSv1 heartbeat read overrun attempt - vulnerable client response RuleID : 30521-community - Revision : 9 - Type : SERVER-OTHER |
2014-05-10 | OpenSSL TLSv1 heartbeat read overrun attempt - vulnerable client response RuleID : 30521 - Revision : 9 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL SSLv3 heartbeat read overrun attempt - vulnerable client response RuleID : 30520-community - Revision : 9 - Type : SERVER-OTHER |
2014-05-10 | OpenSSL SSLv3 heartbeat read overrun attempt - vulnerable client response RuleID : 30520 - Revision : 9 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt RuleID : 30517-community - Revision : 11 - Type : SERVER-OTHER |
2014-05-08 | OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt RuleID : 30517 - Revision : 11 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30516-community - Revision : 11 - Type : SERVER-OTHER |
2014-05-08 | OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30516 - Revision : 11 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30515-community - Revision : 11 - Type : SERVER-OTHER |
2014-05-08 | OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt RuleID : 30515 - Revision : 11 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30514-community - Revision : 11 - Type : SERVER-OTHER |
2014-05-08 | OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt RuleID : 30514 - Revision : 11 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL TLSv1.2 heartbeat read overrun attempt RuleID : 30513-community - Revision : 8 - Type : SERVER-OTHER |
2014-05-08 | OpenSSL TLSv1.2 heartbeat read overrun attempt RuleID : 30513 - Revision : 8 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL TLSv1.1 heartbeat read overrun attempt RuleID : 30512-community - Revision : 8 - Type : SERVER-OTHER |
2014-05-08 | OpenSSL TLSv1.1 heartbeat read overrun attempt RuleID : 30512 - Revision : 8 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL TLSv1 heartbeat read overrun attempt RuleID : 30511-community - Revision : 8 - Type : SERVER-OTHER |
2014-05-08 | OpenSSL TLSv1 heartbeat read overrun attempt RuleID : 30511 - Revision : 8 - Type : SERVER-OTHER |
2014-04-10 | OpenSSL SSLv3 heartbeat read overrun attempt RuleID : 30510-community - Revision : 8 - Type : SERVER-OTHER |
2014-05-08 | OpenSSL SSLv3 heartbeat read overrun attempt RuleID : 30510 - Revision : 8 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-12-07 | Name : The remote host is potentially affected by an SSL/TLS vulnerability. File : check_point_gaia_sk103683.nasl - Type : ACT_GATHER_INFO |
2017-07-20 | Name : The remote database server is affected by multiple vulnerabilities. File : oracle_rdbms_cpu_jul_2017.nasl - Type : ACT_GATHER_INFO |
2017-04-12 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-459.nasl - Type : ACT_GATHER_INFO |
2017-01-10 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_03532a19d68e11e6917114dae9d210b8.nasl - Type : ACT_GATHER_INFO |
2016-11-23 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-1339.nasl - Type : ACT_GATHER_INFO |
2016-09-28 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2396-1.nasl - Type : ACT_GATHER_INFO |
2016-09-19 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2329-1.nasl - Type : ACT_GATHER_INFO |
2016-09-13 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2285-1.nasl - Type : ACT_GATHER_INFO |
2016-07-22 | Name : The remote database server is affected by multiple vulnerabilities. File : oracle_rdbms_cpu_jul_2016.nasl - Type : ACT_GATHER_INFO |
2016-06-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201606-11.nasl - Type : ACT_GATHER_INFO |
2016-06-23 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2016-0086.nasl - Type : ACT_GATHER_INFO |
2016-06-22 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2016-0071.nasl - Type : ACT_GATHER_INFO |
2016-06-17 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1457-1.nasl - Type : ACT_GATHER_INFO |
2016-05-13 | Name : A web application running on the remote host is affected by multiple vulnerab... File : solarwinds_srm_profiler_6_2_3.nasl - Type : ACT_GATHER_INFO |
2016-04-14 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20150320-openssl-ios.nasl - Type : ACT_GATHER_INFO |
2016-04-14 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20150320-openssl-iosxe.nasl - Type : ACT_GATHER_INFO |
2016-04-14 | Name : The application installed on the remote host is affected by an information di... File : ibm_domino_swg21693142.nasl - Type : ACT_GATHER_INFO |
2016-04-07 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2016-682.nasl - Type : ACT_GATHER_INFO |
2016-03-29 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_2_6.nasl - Type : ACT_GATHER_INFO |
2016-03-14 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-327.nasl - Type : ACT_GATHER_INFO |
2016-03-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20160309_openssl098e_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2016-03-09 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2016-0372.nasl - Type : ACT_GATHER_INFO |
2016-03-09 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2016-0372.nasl - Type : ACT_GATHER_INFO |
2016-03-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0372.nasl - Type : ACT_GATHER_INFO |
2016-03-08 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0678-1.nasl - Type : ACT_GATHER_INFO |
2016-03-07 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0631-1.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-294.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0624-1.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0641-1.nasl - Type : ACT_GATHER_INFO |
2016-03-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-289.nasl - Type : ACT_GATHER_INFO |
2016-03-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-292.nasl - Type : ACT_GATHER_INFO |
2016-03-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0303.nasl - Type : ACT_GATHER_INFO |
2016-03-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0304.nasl - Type : ACT_GATHER_INFO |
2016-03-02 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0617-1.nasl - Type : ACT_GATHER_INFO |
2016-03-02 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0620-1.nasl - Type : ACT_GATHER_INFO |
2016-02-26 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20140605-openssl-ios.nasl - Type : ACT_GATHER_INFO |
2016-02-26 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20140605-openssl-iosxe.nasl - Type : ACT_GATHER_INFO |
2016-02-26 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20140605-openssl-iosxr.nasl - Type : ACT_GATHER_INFO |
2016-02-26 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20140605-openssl-nxos.nasl - Type : ACT_GATHER_INFO |
2016-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3489.nasl - Type : ACT_GATHER_INFO |
2016-01-25 | Name : The remote Debian host is missing a security update. File : debian_DLA-400.nasl - Type : ACT_GATHER_INFO |
2016-01-14 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0113-1.nasl - Type : ACT_GATHER_INFO |
2016-01-06 | Name : The remote database server is affected by multiple vulnerabilities. File : db2_105fp7_nix.nasl - Type : ACT_GATHER_INFO |
2016-01-06 | Name : The remote database server is affected by multiple vulnerabilities. File : db2_105fp7_win.nasl - Type : ACT_GATHER_INFO |
2015-12-30 | Name : A web application on the remote host is affected by multiple vulnerabilities. File : puppet_enterprise_380.nasl - Type : ACT_GATHER_INFO |
2015-12-30 | Name : The remote VMware ESXi host is missing a security-related patch. File : vmware_VMSA-2014-0004_remote.nasl - Type : ACT_GATHER_INFO |
2015-12-30 | Name : The remote VMware ESXi host is missing a security-related patch. File : vmware_VMSA-2014-0006_remote.nasl - Type : ACT_GATHER_INFO |
2015-12-21 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-2303-1.nasl - Type : ACT_GATHER_INFO |
2015-12-17 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-889.nasl - Type : ACT_GATHER_INFO |
2015-12-16 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-2168-2.nasl - Type : ACT_GATHER_INFO |
2015-12-11 | Name : The remote multi-function device is affected by multiple vulnerabilities. File : xerox_xrx15ad_colorqube.nasl - Type : ACT_GATHER_INFO |
2015-12-11 | Name : The remote multi-function device is affected by multiple vulnerabilities. File : xerox_xrx15aj.nasl - Type : ACT_GATHER_INFO |
2015-12-11 | Name : The remote multi-function device is affected by multiple vulnerabilities. File : xerox_xrx15am.nasl - Type : ACT_GATHER_INFO |
2015-12-11 | Name : The remote multi-function device is affected by a man-in-the-middle vulnerabi... File : xerox_xrx15ap.nasl - Type : ACT_GATHER_INFO |
2015-12-11 | Name : The remote multi-function device is affected by multiple vulnerabilities. File : xerox_xrx15av.nasl - Type : ACT_GATHER_INFO |
2015-12-11 | Name : The remote multi-function device is affected by multiple vulnerabilities. File : xerox_xrx15r.nasl - Type : ACT_GATHER_INFO |
2015-12-09 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-2216-1.nasl - Type : ACT_GATHER_INFO |
2015-12-04 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-2182-1.nasl - Type : ACT_GATHER_INFO |
2015-12-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-2166-1.nasl - Type : ACT_GATHER_INFO |
2015-12-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-2168-1.nasl - Type : ACT_GATHER_INFO |
2015-11-20 | Name : The remote host is running a remote management application that is affected b... File : solarwinds_dameware_mini_remote_control_v12_0_hotfix_2.nasl - Type : ACT_GATHER_INFO |
2015-11-03 | Name : The remote multi-function device is affected by multiple vulnerabilities. File : xerox_xrx15ao_colorqube.nasl - Type : ACT_GATHER_INFO |
2015-10-22 | Name : A web application running on the remote host is affected by multiple vulnerab... File : mysql_enterprise_monitor_3_0_23.nasl - Type : ACT_GATHER_INFO |
2015-10-19 | Name : The remote printer is affected by a security bypass vulnerability known as FR... File : lexmark_printer_TE701.nasl - Type : ACT_GATHER_INFO |
2015-10-16 | Name : The remote Fedora host is missing a security update. File : fedora_2015-9090.nasl - Type : ACT_GATHER_INFO |
2015-10-16 | Name : The remote Fedora host is missing a security update. File : fedora_2015-9110.nasl - Type : ACT_GATHER_INFO |
2015-10-06 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16321.nasl - Type : ACT_GATHER_INFO |
2015-10-06 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16323.nasl - Type : ACT_GATHER_INFO |
2015-10-05 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16139.nasl - Type : ACT_GATHER_INFO |
2015-10-05 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_11.nasl - Type : ACT_GATHER_INFO |
2015-10-02 | Name : The remote Mac OS X host has an application installed that is affected by mul... File : macosx_xcode_7_0.nasl - Type : ACT_GATHER_INFO |
2015-09-04 | Name : The remote Windows host has an application installed that is affected by mult... File : hp_version_control_repo_manager_7_5_0_0.nasl - Type : ACT_GATHER_INFO |
2015-09-04 | Name : The remote Linux host has an application installed that is affected by multip... File : hp_version_control_repo_manager_7_5_0_nix.nasl - Type : ACT_GATHER_INFO |
2015-08-21 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1410-1.nasl - Type : ACT_GATHER_INFO |
2015-08-03 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_4_1.nasl - Type : ACT_GATHER_INFO |
2015-07-27 | Name : The remote Debian host is missing a security update. File : debian_DLA-282.nasl - Type : ACT_GATHER_INFO |
2015-07-27 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-507.nasl - Type : ACT_GATHER_INFO |
2015-07-22 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_5.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The application installed on the remote host is affected by multiple vulnerab... File : oracle_secure_global_desktop_jul_2015_cpu.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201507-14.nasl - Type : ACT_GATHER_INFO |
2015-07-01 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_4.nasl - Type : ACT_GATHER_INFO |
2015-07-01 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-005.nasl - Type : ACT_GATHER_INFO |
2015-06-29 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1086-4.nasl - Type : ACT_GATHER_INFO |
2015-06-26 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1086-3.nasl - Type : ACT_GATHER_INFO |
2015-06-26 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1138-1.nasl - Type : ACT_GATHER_INFO |
2015-06-25 | Name : The remote device is affected by multiple vulnerabilities. File : bluecoat_proxy_sg_6_5_7_5.nasl - Type : ACT_GATHER_INFO |
2015-06-23 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1086-2.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV69768.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV73316.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV73319.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV73324.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV73416.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV73417.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV73418.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV73419.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV73973.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV73974.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV73975.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote AIX host is missing a security patch. File : aix_IV73976.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1085-1.nasl - Type : ACT_GATHER_INFO |
2015-06-19 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1086-1.nasl - Type : ACT_GATHER_INFO |
2015-06-16 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2015-0070.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0068.nasl - Type : ACT_GATHER_INFO |
2015-06-10 | Name : The remote AIX host has a version of Java SDK installed that is affected by m... File : aix_java_april2015_advisory.nasl - Type : ACT_GATHER_INFO |
2015-06-09 | Name : The remote Windows host has VPN client software installed that is affected by... File : smb_kb3062760.nasl - Type : ACT_GATHER_INFO |
2015-06-04 | Name : The remote web server is running an application that is affected by multiple ... File : splunk_618.nasl - Type : ACT_GATHER_INFO |
2015-05-27 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0946-1.nasl - Type : ACT_GATHER_INFO |
2015-05-26 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_384fc0b2014411e58fda002590263bf5.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0538-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0539-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1387-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1512-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1524-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0503-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0541-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0743-1.nasl - Type : ACT_GATHER_INFO |
2015-05-19 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20150310-ssl-nxos.nasl - Type : ACT_GATHER_INFO |
2015-05-19 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_7_0_60.nasl - Type : ACT_GATHER_INFO |
2015-05-19 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_8_0_21.nasl - Type : ACT_GATHER_INFO |
2015-05-15 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_6_0_44.nasl - Type : ACT_GATHER_INFO |
2015-05-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3253.nasl - Type : ACT_GATHER_INFO |
2015-05-05 | Name : The remote Fedora host is missing a security update. File : fedora_2015-6855.nasl - Type : ACT_GATHER_INFO |
2015-05-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-6951.nasl - Type : ACT_GATHER_INFO |
2015-05-01 | Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2015-0003.nasl - Type : ACT_GATHER_INFO |
2015-04-28 | Name : The remote host is missing a security update for OS X Server. File : macosx_server_4_1.nasl - Type : ACT_GATHER_INFO |
2015-04-22 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2015-111-09.nasl - Type : ACT_GATHER_INFO |
2015-04-21 | Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10679.nasl - Type : ACT_GATHER_INFO |
2015-04-21 | Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_jsa10679.nasl - Type : ACT_GATHER_INFO |
2015-04-20 | Name : The remote AIX host has a version of OpenSSL installed that is affected by mu... File : aix_openssl_advisory13.nasl - Type : ACT_GATHER_INFO |
2015-04-20 | Name : The remote web server is affected by multiple vulnerabilities. File : glassfish_cpu_apr_2015.nasl - Type : ACT_GATHER_INFO |
2015-04-20 | Name : The remote Windows host has an application installed that is affected by mult... File : vmware_vcenter_chargeback_manager_vmsa_2015_0003.nasl - Type : ACT_GATHER_INFO |
2015-04-16 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_apr_2015.nasl - Type : ACT_GATHER_INFO |
2015-04-16 | Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_apr_2015_unix.nasl - Type : ACT_GATHER_INFO |
2015-04-16 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_jrockit_cpu_apr_2015.nasl - Type : ACT_GATHER_INFO |
2015-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0800.nasl - Type : ACT_GATHER_INFO |
2015-04-15 | Name : The remote database server is affected by multiple denial of service vulnerab... File : mysql_5_6_23.nasl - Type : ACT_GATHER_INFO |
2015-04-14 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0800.nasl - Type : ACT_GATHER_INFO |
2015-04-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0800.nasl - Type : ACT_GATHER_INFO |
2015-04-14 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150413_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2015-04-13 | Name : The remote Windows host has an application installed that is affected by mult... File : vmware_horizon_view_VMSA-2015-0003.nasl - Type : ACT_GATHER_INFO |
2015-04-13 | Name : The remote host has a device management application installed that is affecte... File : vmware_workspace_portal_vmsa2015-0003.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_3.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-004.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-198.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote Linux host has a virtualization application installed that is miss... File : vcenter_operations_manager_vmsa_2015-0003-linux.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote host has a virtualization application installed that is missing a ... File : vcenter_operations_manager_vmsa_2015-0003-vapp.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote Windows host has a virtualization application installed that is mi... File : vcenter_operations_manager_vmsa_2015-0003-win.nasl - Type : ACT_GATHER_INFO |
2015-04-09 | Name : The remote device is affected by a security feature bypass vulnerability. File : bluecoat_proxy_sg_6_5_6_2.nasl - Type : ACT_GATHER_INFO |
2015-04-06 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16317.nasl - Type : ACT_GATHER_INFO |
2015-04-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0752.nasl - Type : ACT_GATHER_INFO |
2015-03-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-062.nasl - Type : ACT_GATHER_INFO |
2015-03-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-063.nasl - Type : ACT_GATHER_INFO |
2015-03-30 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libmysql55client18-150302.nasl - Type : ACT_GATHER_INFO |
2015-03-27 | Name : The remote Windows host has an application that is affected by the FREAK vuln... File : blackberry_es_freak_kb36811.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote host is affected by multiple vulnerabilities. File : cisco_anyconnect_3_1_7021.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-132.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-157.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-177.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-81.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote host is affected by multiple vulnerabilities. File : macosx_cisco_anyconnect_3_1_7021.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150324_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150324_openssl_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2015-03-25 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-498.nasl - Type : ACT_GATHER_INFO |
2015-03-25 | Name : The remote Fedora host is missing a security update. File : fedora_2015-4300.nasl - Type : ACT_GATHER_INFO |
2015-03-25 | Name : The remote Fedora host is missing a security update. File : fedora_2015-4303.nasl - Type : ACT_GATHER_INFO |
2015-03-25 | Name : The remote Fedora host is missing a security update. File : fedora_2015-4320.nasl - Type : ACT_GATHER_INFO |
2015-03-25 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2015-0039.nasl - Type : ACT_GATHER_INFO |
2015-03-25 | Name : The remote Windows host contains a program that is affected by multiple vulne... File : stunnel_5_12.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0715.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0716.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201503-11.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_0_9_8zf.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_0r.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_1m.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_2a.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0715.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0716.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0715.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0716.nasl - Type : ACT_GATHER_INFO |
2015-03-23 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-247.nasl - Type : ACT_GATHER_INFO |
2015-03-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-150317.nasl - Type : ACT_GATHER_INFO |
2015-03-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3197.nasl - Type : ACT_GATHER_INFO |
2015-03-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_9d15355bce7c11e49db0d050992ecde8.nasl - Type : ACT_GATHER_INFO |
2015-03-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0698.nasl - Type : ACT_GATHER_INFO |
2015-03-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-openssl097g-150317.nasl - Type : ACT_GATHER_INFO |
2015-03-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2537-1.nasl - Type : ACT_GATHER_INFO |
2015-03-18 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2015-0030.nasl - Type : ACT_GATHER_INFO |
2015-03-17 | Name : The remote Mac OS X host has a web browser installed that is affected by the ... File : macosx_opera_28_0_1750_40.nasl - Type : ACT_GATHER_INFO |
2015-03-17 | Name : The remote application server is affected by multiple vulnerabilities. File : websphere_7_0_0_37.nasl - Type : ACT_GATHER_INFO |
2015-03-13 | Name : The remote host is affected by multiple vulnerabilities. File : mcafee_firewall_enterprise_SB10102.nasl - Type : ACT_GATHER_INFO |
2015-03-13 | Name : The remote web server contains an application that is affected by multiple vu... File : splunk_622.nasl - Type : ACT_GATHER_INFO |
2015-03-12 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : ibm_rational_clearquest_8_0_1_3_01.nasl - Type : ACT_GATHER_INFO |
2015-03-12 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : ibm_rational_clearquest_8_0_1_6.nasl - Type : ACT_GATHER_INFO |
2015-03-10 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2015-0029.nasl - Type : ACT_GATHER_INFO |
2015-03-05 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_41_0_2272_76.nasl - Type : ACT_GATHER_INFO |
2015-03-05 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_6_0_43.nasl - Type : ACT_GATHER_INFO |
2015-03-05 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_7_0_57.nasl - Type : ACT_GATHER_INFO |
2015-03-05 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_8_0_15.nasl - Type : ACT_GATHER_INFO |
2015-03-04 | Name : The remote host supports a set of weak ciphers. File : ssl_rsa_export_supported_ciphers.nasl - Type : ACT_GATHER_INFO |
2015-02-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0264.nasl - Type : ACT_GATHER_INFO |
2015-02-24 | Name : The remote AIX host has a version of Java SDK installed that is affected by m... File : aix_java_feb2015_advisory.nasl - Type : ACT_GATHER_INFO |
2015-02-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-openjdk-150206.nasl - Type : ACT_GATHER_INFO |
2015-02-18 | Name : The remote AIX host has a version of OpenSSL installed that is affected by mu... File : aix_openssl_advisory12.nasl - Type : ACT_GATHER_INFO |
2015-02-18 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16126.nasl - Type : ACT_GATHER_INFO |
2015-02-18 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16135.nasl - Type : ACT_GATHER_INFO |
2015-02-18 | Name : The remote application server is affected by multiple vulnerabilities. File : websphere_8_0_0_10.nasl - Type : ACT_GATHER_INFO |
2015-02-13 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-480.nasl - Type : ACT_GATHER_INFO |
2015-02-12 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16123.nasl - Type : ACT_GATHER_INFO |
2015-02-09 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-033.nasl - Type : ACT_GATHER_INFO |
2015-02-09 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-116.nasl - Type : ACT_GATHER_INFO |
2015-02-06 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2015-0126.nasl - Type : ACT_GATHER_INFO |
2015-02-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-91.nasl - Type : ACT_GATHER_INFO |
2015-02-03 | Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2015-0001.nasl - Type : ACT_GATHER_INFO |
2015-02-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3147.nasl - Type : ACT_GATHER_INFO |
2015-02-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-openssl097g-150122.nasl - Type : ACT_GATHER_INFO |
2015-02-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-150112.nasl - Type : ACT_GATHER_INFO |
2015-01-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3144.nasl - Type : ACT_GATHER_INFO |
2015-01-29 | Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit... File : macosx_10_10_2.nasl - Type : ACT_GATHER_INFO |
2015-01-29 | Name : The remote host is missing a Mac OS X update that fixes multiple security iss... File : macosx_SecUpd2015-001.nasl - Type : ACT_GATHER_INFO |
2015-01-29 | Name : The remote VMware ESXi host is missing one or more security-related patches. File : vmware_VMSA-2015-0001.nasl - Type : ACT_GATHER_INFO |
2015-01-29 | Name : The remote VMware ESXi 5.5 host is affected by multiple vulnerabilities. File : vmware_esxi_5_5_build_2352327_remote.nasl - Type : ACT_GATHER_INFO |
2015-01-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2486-1.nasl - Type : ACT_GATHER_INFO |
2015-01-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2487-1.nasl - Type : ACT_GATHER_INFO |
2015-01-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0085.nasl - Type : ACT_GATHER_INFO |
2015-01-27 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0085.nasl - Type : ACT_GATHER_INFO |
2015-01-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0085.nasl - Type : ACT_GATHER_INFO |
2015-01-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0086.nasl - Type : ACT_GATHER_INFO |
2015-01-27 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150126_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2015-01-26 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-67.nasl - Type : ACT_GATHER_INFO |
2015-01-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-471.nasl - Type : ACT_GATHER_INFO |
2015-01-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-472.nasl - Type : ACT_GATHER_INFO |
2015-01-23 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_f9c388c5a25611e4992a7b2a515a1247.nasl - Type : ACT_GATHER_INFO |
2015-01-23 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2015-0005.nasl - Type : ACT_GATHER_INFO |
2015-01-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0079.nasl - Type : ACT_GATHER_INFO |
2015-01-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0080.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote caching server is affected by multiple vulnerabilities. File : apache_traffic_server_511.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_jan_2015.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_jan_2015_unix.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote host has a version of Oracle Secure Global Desktop that is affecte... File : oracle_secure_global_desktop_jan_2015_cpu.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote host has an application installed that is affected by multiple vul... File : oracle_virtualbox_jan_2015_cpu.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0067.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0068.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0069.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150121_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150121_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150121_java_1_8_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150121_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0066.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0067.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0068.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0069.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote Fedora host is missing a security update. File : fedora_2015-0601.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : A clustered file system on the remote host is affected by multiple vulnerabil... File : ibm_gpfs_isg3T1021546_windows.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_jrockit_cpu_jan_2015.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0066.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0066.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0067.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0068.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0069.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_openssl_20140623.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_openssl_20140731.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_openssl_20141014.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_openssl_20141104.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_wanboot_20141014.nasl - Type : ACT_GATHER_INFO |
2015-01-16 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_0_9_8zd.nasl - Type : ACT_GATHER_INFO |
2015-01-16 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_0p.nasl - Type : ACT_GATHER_INFO |
2015-01-16 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_1k.nasl - Type : ACT_GATHER_INFO |
2015-01-13 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-469.nasl - Type : ACT_GATHER_INFO |
2015-01-13 | Name : The remote Fedora host is missing a security update. File : fedora_2015-0512.nasl - Type : ACT_GATHER_INFO |
2015-01-13 | Name : An access and authorization control management system installed on the remote... File : tivoli_access_manager_ebiz_6_1_1_10.nasl - Type : ACT_GATHER_INFO |
2015-01-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2459-1.nasl - Type : ACT_GATHER_INFO |
2015-01-12 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2015-009-01.nasl - Type : ACT_GATHER_INFO |
2015-01-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3125.nasl - Type : ACT_GATHER_INFO |
2015-01-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-019.nasl - Type : ACT_GATHER_INFO |
2015-01-09 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4e536c14979111e4977dd050992ecde8.nasl - Type : ACT_GATHER_INFO |
2015-01-07 | Name : The remote application server is affected by multiple vulnerabilities. File : websphere_8_5_5_4.nasl - Type : ACT_GATHER_INFO |
2015-01-06 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-14237.nasl - Type : ACT_GATHER_INFO |
2015-01-06 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_suseRegister-141121.nasl - Type : ACT_GATHER_INFO |
2015-01-02 | Name : The remote Fedora host is missing a security update. File : fedora_2014-17576.nasl - Type : ACT_GATHER_INFO |
2015-01-02 | Name : The remote Fedora host is missing a security update. File : fedora_2014-17587.nasl - Type : ACT_GATHER_INFO |
2014-12-30 | Name : The remote application is affected by multiple denial of service vulnerabilit... File : securitycenter_openssl_1_0_1j.nasl - Type : ACT_GATHER_INFO |
2014-12-29 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15722.nasl - Type : ACT_GATHER_INFO |
2014-12-29 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15723.nasl - Type : ACT_GATHER_INFO |
2014-12-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-39.nasl - Type : ACT_GATHER_INFO |
2014-12-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10659.nasl - Type : ACT_GATHER_INFO |
2014-12-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-252.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-15379.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-15390.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-15411.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-11.nasl - Type : ACT_GATHER_INFO |
2014-12-05 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-openssl097g-141202.nasl - Type : ACT_GATHER_INFO |
2014-12-05 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_pure-ftpd-141120.nasl - Type : ACT_GATHER_INFO |
2014-12-04 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1948.nasl - Type : ACT_GATHER_INFO |
2014-12-04 | Name : A web application installed on the remote host is affected by an information ... File : hp_sitescope_hpsbmu03184.nasl - Type : ACT_GATHER_INFO |
2014-12-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141202_nss__nss_util__and_nss_softokn_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-12-04 | Name : The remote web server contains an application that is affected by multiple vu... File : splunk_5011.nasl - Type : ACT_GATHER_INFO |
2014-12-04 | Name : The remote web server contains an application that is affected by multiple vu... File : splunk_607.nasl - Type : ACT_GATHER_INFO |
2014-12-03 | Name : The remote device is missing a vendor-supplied security update. File : cisco-sa-20141015-poodle-wlc.nasl - Type : ACT_GATHER_INFO |
2014-12-03 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1948.nasl - Type : ACT_GATHER_INFO |
2014-12-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1948.nasl - Type : ACT_GATHER_INFO |
2014-12-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-141119.nasl - Type : ACT_GATHER_INFO |
2014-12-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-141121.nasl - Type : ACT_GATHER_INFO |
2014-11-28 | Name : The remote AIX host has a version of Java SDK installed that is affected by m... File : aix_java_oct2014_advisory.nasl - Type : ACT_GATHER_INFO |
2014-11-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_evolution-data-server-141114.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote printer service is potentially affected by an information disclosu... File : cups_2_0_1.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0007.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0008.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0032.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0037.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2014-0038.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0039.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0040.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2014-0041.nasl - Type : ACT_GATHER_INFO |
2014-11-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201411-10.nasl - Type : ACT_GATHER_INFO |
2014-11-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-218.nasl - Type : ACT_GATHER_INFO |
2014-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1880.nasl - Type : ACT_GATHER_INFO |
2014-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1881.nasl - Type : ACT_GATHER_INFO |
2014-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1882.nasl - Type : ACT_GATHER_INFO |
2014-11-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1876.nasl - Type : ACT_GATHER_INFO |
2014-11-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1877.nasl - Type : ACT_GATHER_INFO |
2014-11-19 | Name : The remote host is affected by a security bypass vulnerability. File : ibm_tem_9_1_1117_0.nasl - Type : ACT_GATHER_INFO |
2014-11-19 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libwsman-devel-141021.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-671.nasl - Type : ACT_GATHER_INFO |
2014-11-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-647.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote device is affected by a man-in-the-middle (MitM) information discl... File : cisco-sa-20141015-poodle-cucm.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13777.nasl - Type : ACT_GATHER_INFO |
2014-11-11 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-13647.nasl - Type : ACT_GATHER_INFO |
2014-11-11 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-14217.nasl - Type : ACT_GATHER_INFO |
2014-11-11 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-14234.nasl - Type : ACT_GATHER_INFO |
2014-11-11 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-640.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0377.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0378.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0396.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0416.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0627.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0628.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0629.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1692.nasl - Type : ACT_GATHER_INFO |
2014-11-07 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13764.nasl - Type : ACT_GATHER_INFO |
2014-11-07 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-13781.nasl - Type : ACT_GATHER_INFO |
2014-11-07 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13794.nasl - Type : ACT_GATHER_INFO |
2014-11-06 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-141024.nasl - Type : ACT_GATHER_INFO |
2014-11-05 | Name : The remote device is affected by multiple vulnerabilities. File : appletv_7_0_1.nasl - Type : ACT_GATHER_INFO |
2014-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-12951.nasl - Type : ACT_GATHER_INFO |
2014-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13399.nasl - Type : ACT_GATHER_INFO |
2014-11-03 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_0dad911460cc11e49e840022156e8794.nasl - Type : ACT_GATHER_INFO |
2014-10-31 | Name : The remote AIX host has a version of OpenSSL installed that is affected by mu... File : aix_openssl_advisory11.nasl - Type : ACT_GATHER_INFO |
2014-10-30 | Name : The remote device is affected by a man-in-the-middle (MitM) information discl... File : cisco-sa-20141015-poodle-asa.nasl - Type : ACT_GATHER_INFO |
2014-10-30 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-605.nasl - Type : ACT_GATHER_INFO |
2014-10-24 | Name : The remote host is affected by an information disclosure vulnerability. File : cisco_anyconnect_3_1_5187.nasl - Type : ACT_GATHER_INFO |
2014-10-24 | Name : The remote host is affected by an information disclosure vulnerability. File : macosx_cisco_anyconnect_3_1_5187.nasl - Type : ACT_GATHER_INFO |
2014-10-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-203.nasl - Type : ACT_GATHER_INFO |
2014-10-22 | Name : A telephony application running on the remote host is affected by an informat... File : asterisk_ast_2014_011.nasl - Type : ACT_GATHER_INFO |
2014-10-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_76c7a0f5592811e4adc7001999f8d30b.nasl - Type : ACT_GATHER_INFO |
2014-10-21 | Name : The remote host is missing a security update for OS X Server. File : macosx_server_2_2_5.nasl - Type : ACT_GATHER_INFO |
2014-10-21 | Name : The remote host is missing a security update for OS X Server. File : macosx_server_3_2_2.nasl - Type : ACT_GATHER_INFO |
2014-10-21 | Name : The remote host is missing a security update for OS X Server. File : macosx_server_4_0.nasl - Type : ACT_GATHER_INFO |
2014-10-21 | Name : The remote host is affected by multiple vulnerabilities. File : oracle_eids_cpu_oct_2014.nasl - Type : ACT_GATHER_INFO |
2014-10-20 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-429.nasl - Type : ACT_GATHER_INFO |
2014-10-20 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13069.nasl - Type : ACT_GATHER_INFO |
2014-10-20 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13012.nasl - Type : ACT_GATHER_INFO |
2014-10-20 | Name : The remote host is affected by a man-in-the-middle vulnerability. File : palo_alto_PAN-SA-2014-0003.nasl - Type : ACT_GATHER_INFO |
2014-10-20 | Name : The remote Windows host contains a program that is affected by multiple vulne... File : stunnel_5_06.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1652.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1653.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3053.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit... File : macosx_10_10.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote host is missing a Mac OS X update that fixes multiple security iss... File : macosx_SecUpd2014-005.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_0_9_8zc.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_0o.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_1j.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1652.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1653.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1652.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1653.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141016_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141016_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2385-1.nasl - Type : ACT_GATHER_INFO |
2014-10-16 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-288-01.nasl - Type : ACT_GATHER_INFO |
2014-10-16 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-426.nasl - Type : ACT_GATHER_INFO |
2014-10-16 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-427.nasl - Type : ACT_GATHER_INFO |
2014-10-16 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_03175e62549411e49cc1bc5ff4fb5e7b.nasl - Type : ACT_GATHER_INFO |
2014-10-15 | Name : The remote host is affected by a remote information disclosure vulnerability. File : smb_kb3009008.nasl - Type : ACT_GATHER_INFO |
2014-10-15 | Name : It is possible to obtain sensitive information from the remote host with SSL/... File : ssl_poodle.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-349.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-350.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-351.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15159.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15325.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15328.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15329.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15343.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15356.nasl - Type : ACT_GATHER_INFO |
2014-10-09 | Name : The remote printer is affected by a security bypass vulnerability. File : hp_laserjet_hpsbpi03107.nasl - Type : ACT_GATHER_INFO |
2014-10-09 | Name : The remote HP OfficeJet printer is affected by a security bypass vulnerability. File : hp_officejet_hpsbpi03107.nasl - Type : ACT_GATHER_INFO |
2014-10-02 | Name : The remote host has a virtualization appliance installed that is affected by ... File : vmware_vsphere_replication_vmsa_2014_0006.nasl - Type : ACT_GATHER_INFO |
2014-09-23 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : ibm_domino_9_0_1_fp2.nasl - Type : ACT_GATHER_INFO |
2014-09-18 | Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit... File : macosx_10_9_5.nasl - Type : ACT_GATHER_INFO |
2014-09-18 | Name : The remote host is missing a Mac OS X update that fixes multiple security iss... File : macosx_SecUpd2014-004.nasl - Type : ACT_GATHER_INFO |
2014-09-12 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_6_20.nasl - Type : ACT_GATHER_INFO |
2014-09-11 | Name : The remote host is affected by multiple vulnerabilities. File : emc_documentum_content_server_ESA-2014-079.nasl - Type : ACT_GATHER_INFO |
2014-09-02 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_7_0_55.nasl - Type : ACT_GATHER_INFO |
2014-09-02 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_8_0_11.nasl - Type : ACT_GATHER_INFO |
2014-08-29 | Name : The remote host has software installed that is affected by an information dis... File : kaspersky_internet_security_heartbleed.nasl - Type : ACT_GATHER_INFO |
2014-08-29 | Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_5_5_3.nasl - Type : ACT_GATHER_INFO |
2014-08-26 | Name : The remote web server has an application installed that is affected by multip... File : pivotal_webserver_5_4_1.nasl - Type : ACT_GATHER_INFO |
2014-08-20 | Name : A web application on the remote host is affected by multiple vulnerabilities. File : puppet_enterprise_330.nasl - Type : ACT_GATHER_INFO |
2014-08-20 | Name : The remote Mac OS X host has an application installed that is affected by mul... File : macosx_vmware_ovftool_vmsa_2014_0006.nasl - Type : ACT_GATHER_INFO |
2014-08-20 | Name : The remote Windows host has an application installed that is affected by mult... File : vmware_ovftool_vmsa_2014-0006.nasl - Type : ACT_GATHER_INFO |
2014-08-19 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2232-4.nasl - Type : ACT_GATHER_INFO |
2014-08-15 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140813_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-08-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1053.nasl - Type : ACT_GATHER_INFO |
2014-08-14 | Name : The remote host is affected by a vulnerability that could allow sensitive dat... File : openssl_ccs_1_0_1.nasl - Type : ACT_ATTACK |
2014-08-14 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1053.nasl - Type : ACT_GATHER_INFO |
2014-08-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1053.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote host contains software that is affected by multiple vulnerabilitie... File : hp_vca_SSRT101614-rhel.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote host contains software that is affected by multiple vulnerabilitie... File : hp_vca_SSRT101614-sles.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote host contains software that is affected by multiple vulnerabilitie... File : hp_vca_SSRT101614.nasl - Type : ACT_GATHER_INFO |
2014-08-10 | Name : The remote Fedora host is missing a security update. File : fedora_2014-9301.nasl - Type : ACT_GATHER_INFO |
2014-08-10 | Name : The remote Fedora host is missing a security update. File : fedora_2014-9308.nasl - Type : ACT_GATHER_INFO |
2014-08-07 | Name : The remote host is missing a vendor-supplied security patch. File : fireeye_os_SB001.nasl - Type : ACT_GATHER_INFO |
2014-08-07 | Name : The remote Windows host has an application that is affected by an information... File : hp_loadrunner_12_00_1.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote Windows host contains software that is affected by multiple vulner... File : hp_systems_insight_manager_73_hotfix_34.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote host contains software that is affected by an information disclosu... File : hp_vca_SSRT101531-rhel.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote host contains software that is affected by an information disclosu... File : hp_vca_SSRT101531-sles.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote host contains software that is affected by an information disclosu... File : hp_vca_SSRT101531.nasl - Type : ACT_GATHER_INFO |
2014-08-06 | Name : The remote host contains software that is affected by an information disclosu... File : hp_vcrm_SSRT101531.nasl - Type : ACT_GATHER_INFO |
2014-08-05 | Name : The FTP server installed on the remote Windows host is affected by multiple O... File : cerberus_ftp_7_0_0_3.nasl - Type : ACT_GATHER_INFO |
2014-08-05 | Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10629.nasl - Type : ACT_GATHER_INFO |
2014-08-04 | Name : The remote host has a support tool installed that is affected by multiple vul... File : vmware_vcenter_support_assistant_2014-0006.nasl - Type : ACT_GATHER_INFO |
2014-08-04 | Name : The remote application server is affected by multiple vulnerabilities. File : websphere_8_0_0_9.nasl - Type : ACT_GATHER_INFO |
2014-08-01 | Name : The remote Mac OS X host has a virtual desktop solution that is affected by m... File : macosx_vmware_horizon_view_client_vmsa_2014_0006.nasl - Type : ACT_GATHER_INFO |
2014-08-01 | Name : The remote host has a virtual desktop solution that is affected by multiple v... File : vmware_horizon_view_client_vmsa_2014_0006.nasl - Type : ACT_GATHER_INFO |
2014-07-31 | Name : The remote Windows host has an application installed that is affected by mult... File : vmware_horizon_view_VMSA-2014-0006.nasl - Type : ACT_GATHER_INFO |
2014-07-31 | Name : The remote host has an application installed that is affected by multiple vul... File : vmware_vcenter_converter_2014-0006.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0679.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0680.nasl - Type : ACT_GATHER_INFO |
2014-07-28 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201407-05.nasl - Type : ACT_GATHER_INFO |
2014-07-24 | Name : The remote host has an application installed that is affected by multiple Ope... File : hp_oneview_1_10.nasl - Type : ACT_GATHER_INFO |
2014-07-24 | Name : The remote host is running software that is affected by multiple vulnerabilit... File : hp_sum_6_4_1.nasl - Type : ACT_GATHER_INFO |
2014-07-24 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0679.nasl - Type : ACT_GATHER_INFO |
2014-07-24 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2014-0680.nasl - Type : ACT_GATHER_INFO |
2014-07-18 | Name : The remote host has a web application installed that is affected by multiple ... File : oracle_e-business_cpu_jul_2014.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote host is affected by multiple vulnerabilities related to the includ... File : mcafee_email_gateway_SB10075.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote host is affected by multiple vulnerabilities. File : mcafee_vsel_SB10075.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote host has a version of Oracle Secure Global Desktop that is affecte... File : oracle_secure_global_desktop_jul_2014_cpu.nasl - Type : ACT_GATHER_INFO |
2014-07-16 | Name : The remote Windows host is affected by a security bypass vulnerability. File : forticlient_5_0_10.nasl - Type : ACT_GATHER_INFO |
2014-07-16 | Name : The remote web server contains an application that is affected by multiple Op... File : splunk_605.nasl - Type : ACT_GATHER_INFO |
2014-07-15 | Name : The remote host is affected by an information disclosure vulnerability. File : hp_onboard_admin_heartbleed_versions.nasl - Type : ACT_GATHER_INFO |
2014-07-15 | Name : The remote host contains an application that is affected by an information di... File : libreoffice_423.nasl - Type : ACT_GATHER_INFO |
2014-07-15 | Name : The remote host contains an application that is affected by an information di... File : macosx_libreoffice_423.nasl - Type : ACT_GATHER_INFO |
2014-07-14 | Name : The remote host is affected by multiple vulnerabilities. File : cisco_anyconnect_3_1_5170.nasl - Type : ACT_GATHER_INFO |
2014-07-14 | Name : The remote host is affected by multiple vulnerabilities related to OpenSSL. File : fortinet_FG-IR-14-018.nasl - Type : ACT_GATHER_INFO |
2014-07-14 | Name : The remote mail server is potentially affected by multiple vulnerabilities. File : ipswitch_imail_12_4_1_15.nasl - Type : ACT_GATHER_INFO |
2014-07-14 | Name : The remote host is affected by multiple vulnerabilities. File : macosx_cisco_anyconnect_3_1_5170.nasl - Type : ACT_GATHER_INFO |
2014-07-14 | Name : The remote host has a virtualization appliance installed that is affected by ... File : vmware_vcenter_server_appliance_2014-0006.nasl - Type : ACT_GATHER_INFO |
2014-07-10 | Name : The remote Windows host has migration software installed that is affected by ... File : hp_insight_control_server_migration_7_3_2.nasl - Type : ACT_GATHER_INFO |
2014-07-10 | Name : A VMware product installed on the remote host is affected by multiple vulnera... File : macosx_fusion_6_0_4.nasl - Type : ACT_GATHER_INFO |
2014-07-10 | Name : The remote host contains software that is affected by multiple vulnerabilities. File : vmware_player_linux_6_0_3.nasl - Type : ACT_GATHER_INFO |
2014-07-10 | Name : The remote host contains software that is affected by multiple vulnerabilities. File : vmware_player_multiple_vmsa_2014-0006.nasl - Type : ACT_GATHER_INFO |
2014-07-10 | Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2014-0006.nasl - Type : ACT_GATHER_INFO |
2014-07-10 | Name : The remote host has a virtualization application that is affected by multiple... File : vmware_workstation_linux_10_0_3.nasl - Type : ACT_GATHER_INFO |
2014-07-10 | Name : The remote host has a virtualization application that is affected by multiple... File : vmware_workstation_multiple_vmsa_2014_0006.nasl - Type : ACT_GATHER_INFO |
2014-07-09 | Name : A clustered file system on the remote host is affected by a security vulnerab... File : ibm_gpfs_isg3t1020948_windows.nasl - Type : ACT_GATHER_INFO |
2014-07-09 | Name : The remote Windows host has an application installed that is affected by mult... File : vmware_vcenter_chargeback_manager_2601.nasl - Type : ACT_GATHER_INFO |
2014-07-08 | Name : The remote mail server is affected by the Heartbleed vulnerability File : kerio_connect_824.nasl - Type : ACT_GATHER_INFO |
2014-07-07 | Name : The remote Windows host has an application installed that is affected by mult... File : hp_version_control_repo_manager_hpsbmu03056.nasl - Type : ACT_GATHER_INFO |
2014-07-04 | Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_0_build_1918656_remote.nasl - Type : ACT_GATHER_INFO |
2014-07-03 | Name : The remote server is affected by a remote information disclosure vulnerability. File : hp_onboard_admin_4_22.nasl - Type : ACT_GATHER_INFO |
2014-07-03 | Name : The remote host has a virtualization appliance installed that is affected by ... File : vmware_vcenter_operations_manager_vmsa_2014-0006.nasl - Type : ACT_GATHER_INFO |
2014-07-03 | Name : The remote host has an update manager installed that is affected by multiple ... File : vmware_vcenter_update_mgr_vmsa-2014-0006.nasl - Type : ACT_GATHER_INFO |
2014-07-03 | Name : The remote host has a virtualization client application installed that is aff... File : vsphere_client_vmsa_2014-0006.nasl - Type : ACT_GATHER_INFO |
2014-07-02 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_3_3_1.nasl - Type : ACT_GATHER_INFO |
2014-06-30 | Name : An application on the remote host is affected by an information disclosure vu... File : attachmate_reflection_heartbleed.nasl - Type : ACT_GATHER_INFO |
2014-06-26 | Name : The remote device is affected by a security bypass vulnerability. File : bluecoat_proxy_sg_6_4_6_4.nasl - Type : ACT_GATHER_INFO |
2014-06-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2232-3.nasl - Type : ACT_GATHER_INFO |
2014-06-24 | Name : The remote VMware ESXi 5.1 host is affected by multiple vulnerabilities. File : vmware_esxi_5_1_build_1900470_remote.nasl - Type : ACT_GATHER_INFO |
2014-06-20 | Name : The remote device is potentially affected by a security bypass vulnerability. File : bluecoat_proxy_sg_4_x_openssl.nasl - Type : ACT_GATHER_INFO |
2014-06-20 | Name : The remote device is potentially affected by a security bypass vulnerability. File : bluecoat_proxy_sg_6_2_15_6.nasl - Type : ACT_GATHER_INFO |
2014-06-20 | Name : The remote device is potentially affected by multiple vulnerabilities. File : bluecoat_proxy_sg_6_5_4_4.nasl - Type : ACT_GATHER_INFO |
2014-06-20 | Name : The remote Windows host has an application that may be affected by multiple v... File : winscp_5_5_4.nasl - Type : ACT_GATHER_INFO |
2014-06-19 | Name : The remote host is affected by multiple vulnerabilities. File : mcafee_epo_sb10075.nasl - Type : ACT_GATHER_INFO |
2014-06-19 | Name : The remote host is affected by multiple vulnerabilities. File : mcafee_web_gateway_sb10075.nasl - Type : ACT_GATHER_INFO |
2014-06-18 | Name : The remote host is affected by a man-in-the-middle vulnerability. File : cisco-CSCup22544-ace.nasl - Type : ACT_GATHER_INFO |
2014-06-18 | Name : The remote host is affected by multiple vulnerabilities. File : cisco_asa_CSCup22532.nasl - Type : ACT_GATHER_INFO |
2014-06-18 | Name : The remote host is affected by multiple vulnerabilities. File : cisco_jabber_client_CSCup23913.nasl - Type : ACT_GATHER_INFO |
2014-06-18 | Name : The remote host is affected by multiple vulnerabilities. File : cisco_ons_CSCup24077.nasl - Type : ACT_GATHER_INFO |
2014-06-18 | Name : The remote host is affected by multiple vulnerabilities. File : cisco_telepresence_mcu_CSCup23994.nasl - Type : ACT_GATHER_INFO |
2014-06-18 | Name : The remote host is affected by multiple vulnerabilities. File : cisco_telepresence_supervisor_8050_mse_CSCup22635.nasl - Type : ACT_GATHER_INFO |
2014-06-18 | Name : The remote device is missing a vendor-supplied security patch. File : junos_pulse_jsa10629.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote AIX host has a version of OpenSSL installed that is potentially af... File : aix_openssl_advisory9.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-269.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-277.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-318.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-325.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-359.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-360.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-398.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-410.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2232-2.nasl - Type : ACT_GATHER_INFO |
2014-06-12 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2014-123.nasl - Type : ACT_GATHER_INFO |
2014-06-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3040.nasl - Type : ACT_GATHER_INFO |
2014-06-12 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140605_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-06-11 | Name : The remote AIX host has a vulnerable version of OpenSSL. File : aix_openssl_advisory8.nasl - Type : ACT_GATHER_INFO |
2014-06-11 | Name : The remote VMware ESXi host is missing one or more security-related patches. File : vmware_VMSA-2014-0006.nasl - Type : ACT_GATHER_INFO |
2014-06-11 | Name : The remote VMware ESXi 5.5 host is affected by multiple vulnerabilities. File : vmware_esxi_5_5_build_1881737_remote.nasl - Type : ACT_GATHER_INFO |
2014-06-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-106.nasl - Type : ACT_GATHER_INFO |
2014-06-10 | Name : The remote Windows host contains a program that is affected by multiple vulne... File : stunnel_5_02.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-156-03.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0624.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0625.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0626.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2950.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Fedora host is missing a security update. File : fedora_2014-7101.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Fedora host is missing a security update. File : fedora_2014-7102.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_5ac53801ec2e11e39cf33c970e169bc2.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_0_9_8za.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_1h.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0624.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0625.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0626.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0624.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0625.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0626.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140605_openssl097a_and_openssl098e_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140605_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-140604.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2232-1.nasl - Type : ACT_GATHER_INFO |
2014-06-05 | Name : The remote host is potentially affected by a vulnerability that could allow s... File : openssl_ccs.nasl - Type : ACT_ATTACK |
2014-06-03 | Name : The remote Windows host has a library installed that is affected by multiple ... File : ibm_gskit_8_0_50_20.nasl - Type : ACT_GATHER_INFO |
2014-06-03 | Name : The remote Linux host has a library installed that is affected by multiple vu... File : ibm_gskit_8_0_50_20_linux.nasl - Type : ACT_GATHER_INFO |
2014-06-02 | Name : The remote HP OfficeJet printer is affected by an information disclosure vuln... File : hp_officejet_pro_heartbleed.nasl - Type : ACT_GATHER_INFO |
2014-06-02 | Name : The remote web server hosts a virtual appliance that is affected by multiple ... File : wd_arkeia_10_1_19_ver_check.nasl - Type : ACT_GATHER_INFO |
2014-05-27 | Name : An application on the remote host is affected by an information disclosure vu... File : attachmate_reflection_x_heartbleed.nasl - Type : ACT_GATHER_INFO |
2014-05-20 | Name : A clustered file system on the remote host is affected by multiple vulnerabil... File : ibm_gpfs_isg3T1020683.nasl - Type : ACT_GATHER_INFO |
2014-05-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2931.nasl - Type : ACT_GATHER_INFO |
2014-05-19 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-090.nasl - Type : ACT_GATHER_INFO |
2014-05-16 | Name : The host is affected by an information disclosure vulnerability. File : bluecoat_proxy_av_3_5_1_9.nasl - Type : ACT_GATHER_INFO |
2014-05-14 | Name : The version of Cisco TelePresence Video Communication Server installed on the... File : cisco-vcs-CSCuo16472.nasl - Type : ACT_GATHER_INFO |
2014-05-12 | Name : An application on the remote host is affected by an information disclosure vu... File : attachmate_reflection_secure_it_for_win_client_heartbleed.nasl - Type : ACT_GATHER_INFO |
2014-05-12 | Name : The version of Symantec Endpoint Protection Manager installed on the remote h... File : symantec_endpoint_prot_mgr_12_1_ru4_mp1a.nasl - Type : ACT_GATHER_INFO |
2014-05-09 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-080.nasl - Type : ACT_GATHER_INFO |
2014-05-08 | Name : The remote VMware ESXi 5.5 host is potentially affected by multiple vulnerabi... File : vmware_esxi_5_5_build_1746974_remote.nasl - Type : ACT_GATHER_INFO |
2014-05-07 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_1959e847d4f011e384b00018fe623f2b.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2192-1.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote host has a device management application installed that is affecte... File : vmware_horizon_workspace_vmsa2014-0004.nasl - Type : ACT_GATHER_INFO |
2014-05-05 | Name : The remote host has VPN client software installed that is affected by an info... File : smb_kb2962393.nasl - Type : ACT_GATHER_INFO |
2014-05-03 | Name : The remote host is affected by an information disclosure vulnerability. File : mcafee_vsel_SB10071.nasl - Type : ACT_GATHER_INFO |
2014-05-03 | Name : The remote VMware ESXi host is missing one or more security-related patches. File : vmware_VMSA-2014-0004.nasl - Type : ACT_GATHER_INFO |
2014-05-02 | Name : The remote host is affected by an information disclosure vulnerability. File : mcafee_email_gateway_SB10071.nasl - Type : ACT_GATHER_INFO |
2014-05-02 | Name : The remote host is affected by an information disclosure vulnerability. File : mcafee_epo_sb10071.nasl - Type : ACT_GATHER_INFO |
2014-05-02 | Name : The remote host is affected by an information disclosure vulnerability. File : mcafee_firewall_enterprise_SB10071.nasl - Type : ACT_GATHER_INFO |
2014-05-02 | Name : The remote host is affected by an information disclosure vulnerability. File : mcafee_ngfw_SB10071.nasl - Type : ACT_GATHER_INFO |
2014-05-02 | Name : The remote host is affected by an information disclosure vulnerability. File : mcafee_web_gateway_SB10071.nasl - Type : ACT_GATHER_INFO |
2014-04-30 | Name : The remote Fedora host is missing a security update. File : fedora_2014-5321.nasl - Type : ACT_GATHER_INFO |
2014-04-30 | Name : The remote Fedora host is missing a security update. File : fedora_2014-5337.nasl - Type : ACT_GATHER_INFO |
2014-04-29 | Name : The remote host has an email security application installed that is affected ... File : websense_email_security_heartbleed.nasl - Type : ACT_GATHER_INFO |
2014-04-29 | Name : The remote host contains a web application that is affected by an information... File : websense_web_security_heartbleed.nasl - Type : ACT_GATHER_INFO |
2014-04-29 | Name : The remote Windows host has an application that is affected by an information... File : blackberry_es_UDS_kb35882.nasl - Type : ACT_GATHER_INFO |
2014-04-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_0b8d7194ca8811e39d8dc80aa9043978.nasl - Type : ACT_GATHER_INFO |
2014-04-22 | Name : An application on the remote host is affected by an information disclosure vu... File : openvpn_2_3_3_0.nasl - Type : ACT_GATHER_INFO |
2014-04-21 | Name : The remote FTP server is affected by an information disclosure vulnerability. File : filezilla_server_0944.nasl - Type : ACT_GATHER_INFO |
2014-04-21 | Name : The remote host has a virtualization application that is affected by multiple... File : macosx_fusion_6_0_3.nasl - Type : ACT_GATHER_INFO |
2014-04-21 | Name : The remote host contains software that is affected by multiple vulnerabilities. File : vmware_player_linux_6_0_2.nasl - Type : ACT_GATHER_INFO |
2014-04-21 | Name : The remote host contains software that is affected by multiple vulnerabilities. File : vmware_player_multiple_vmsa_2014-0004.nasl - Type : ACT_GATHER_INFO |
2014-04-21 | Name : The remote host has a virtualization application that is affected by multiple... File : vmware_workstation_linux_10_0_2.nasl - Type : ACT_GATHER_INFO |
2014-04-21 | Name : The remote host has a virtualization application that is affected by multiple... File : vmware_workstation_multiple_vmsa_2014_0004.nasl - Type : ACT_GATHER_INFO |
2014-04-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2908.nasl - Type : ACT_GATHER_INFO |
2014-04-18 | Name : The remote Windows host has an application that is affected by multiple vulne... File : winscp_5_5_3.nasl - Type : ACT_GATHER_INFO |
2014-04-18 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_3_2.nasl - Type : ACT_GATHER_INFO |
2014-04-18 | Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10623.nasl - Type : ACT_GATHER_INFO |
2014-04-18 | Name : The remote device is affected by an information disclosure vulnerability. File : junos_pulse_jsa10623.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-140327.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4999.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote web server contains an application that is affected by multiple Op... File : splunk_603.nasl - Type : ACT_GATHER_INFO |
2014-04-15 | Name : The remote device is potentially affected by an information disclosure vulner... File : bluecoat_proxy_sg_6_5_3_6.nasl - Type : ACT_GATHER_INFO |
2014-04-15 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4982.nasl - Type : ACT_GATHER_INFO |
2014-04-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_7ccd4defc1be11e39d09000c2980a9f3.nasl - Type : ACT_GATHER_INFO |
2014-04-14 | Name : The remote service is affected by an information disclosure vulnerability. File : openvpn_heartbleed.nasl - Type : ACT_ATTACK |
2014-04-14 | Name : The remote Windows host contains a program that is affected by an information... File : stunnel_5_01.nasl - Type : ACT_GATHER_INFO |
2014-04-11 | Name : The remote AIX host is running a vulnerable version of OpenSSL. File : aix_openssl_advisory7.nasl - Type : ACT_GATHER_INFO |
2014-04-11 | Name : The remote host is affected by an information disclosure vulnerability. File : fortinet_FG-IR-14-011.nasl - Type : ACT_GATHER_INFO |
2014-04-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-067.nasl - Type : ACT_GATHER_INFO |
2014-04-09 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-320.nasl - Type : ACT_GATHER_INFO |
2014-04-09 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4879.nasl - Type : ACT_GATHER_INFO |
2014-04-09 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4910.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-098-01.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0376.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2896.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_5631ae98be9e11e3b5e3c80aa9043978.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201404-07.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_0m.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote service may be affected by multiple vulnerabilities. File : openssl_1_0_1g.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote service is affected by an information disclosure vulnerability. File : openssl_heartbleed.nasl - Type : ACT_ATTACK |
2014-04-08 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0376.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0376.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140408_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2165-1.nasl - Type : ACT_GATHER_INFO |
2013-06-05 | Name : The remote host is missing Sun Security Patch number 150383-19 File : solaris10_150383.nasl - Type : ACT_GATHER_INFO |
2013-06-02 | Name : The remote host is missing Sun Security Patch number 148071-19 File : solaris10_148071.nasl - Type : ACT_GATHER_INFO |
2013-06-02 | Name : The remote host is missing Sun Security Patch number 148072-19 File : solaris10_x86_148072.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-02-19 21:28:47 |
|
2016-02-17 21:30:26 |
|
2016-02-12 09:28:59 |
|
2016-01-22 09:26:26 |
|
2015-03-31 13:29:25 |
|
2015-03-27 13:25:48 |
|