Executive Summary

Summary
Title mozilla security update
Informations
Name RHSA-2005:323 First vendor Publication 2005-03-23
Vendor RedHat Last vendor Modification 2005-03-23
Severity (Vendor) Critical Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated mozilla packages that fix various bugs are now available.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.

A buffer overflow bug was found in the way Mozilla processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0399 to this issue.

A bug was found in the way Mozilla displays dialog windows. It is possible that a malicious web page which is being displayed in a background tab could present the user with a dialog window appearing to come from the active page. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1380 to this issue.

A bug was found in the way Firefox allowed plug-ins to load privileged content into a frame. It is possible that a malicious webpage could trick a user into clicking in certain places to modify configuration settings or execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0232 to this issue.

A bug was found in the way Mozilla Mail handles cookies when loading content over HTTP regardless of the user's preference. It is possible that a particular user could be tracked through the use of malicious mail messages which load content over HTTP. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0149 to this issue.

A bug was found in the way Mozilla responds to proxy auth requests. It is possible for a malicious webserver to steal credentials from a victims browser by issuing a 407 proxy authentication request. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0147 to this issue.

A bug was found in the way Mozilla handles certain start tags followed by a NULL character. A malicious web page could cause Mozilla to crash when viewed by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1613 to this issue.

A bug was found in the way Mozilla sets file permissions when installing XPI packages. It is possible for an XPI package to install some files world readable or writable, allowing a malicious local user to steal information or execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0906 to this issue.

A bug was found in the way Mozilla loads links in a new tab which are middle clicked. A malicious web page could read local files or modify privileged chrom settings. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0141 to this issue.

A bug was found in the way Mozilla displays the secure site icon. A malicious web page can use a view-source URL targetted at a secure page, while loading an insecure page, yet the secure site icon shows the previous secure state. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0144 to this issue.

Users of Mozilla are advised to upgrade to this updated package which contains Mozilla version 1.4.4 and additional backported patches to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

145597 - CAN-2005-0141 Link opened in new tab can load a local file 145609 - CAN-2005-0144 Secure site lock can be spoofed with view-source: 145610 - CAN-2004-1380 Input stealing from other tabs (CAN-2004-1381) 145614 - CAN-2005-0147 Browser responds to proxy auth request from non-proxy server (ssl/https) 145615 - CAN-2005-0149 Mail responds to cookie requests 151209 - 151492 - CAN-2004-1613 Mozilla start tag NULL character DoS 151494 - CAN-2004-0906 Mozilla XPI installer insecure file creation 151496 - CAN-2005-0232 fireflashing vulnerability (CAN-2005-0527)

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2005-323.html

CWE : Common Weakness Enumeration

% Id Name

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:100028
 
Oval ID: oval:org.mitre.oval:def:100028
Title: Mozilla GIF Heap Overflow
Description: Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.
Family: windows Class: vulnerability
Reference(s): CVE-2005-0399
 Version: 5
Platform(s): Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): mozilla
Mozilla Firefox
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:100031
 
Oval ID: oval:org.mitre.oval:def:100031
Title: Mozilla Privileged Content Loading Vulnerability
Description: Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling."
Family: windows Class: vulnerability
Reference(s): CVE-2005-0527
 Version: 5
Platform(s): Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): mozilla
Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:100047
 
Oval ID: oval:org.mitre.oval:def:100047
Title: Mozilla Mail News Cookie Security Bypass Vulnerability
Description: Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers bypass the user's intended privacy and security policy by using cookies in e-mail messages.
Family: windows Class: vulnerability
Reference(s): CVE-2005-0149
 Version: 5
Platform(s): Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:100049
 
Oval ID: oval:org.mitre.oval:def:100049
Title: Mozilla 407 Proxy Information Disclosure Vulnerability
Description: Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials.
Family: windows Class: vulnerability
Reference(s): CVE-2005-0147
 Version: 5
Platform(s): Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): mozilla
Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:100050
 
Oval ID: oval:org.mitre.oval:def:100050
Title: Mozilla Inactive Tab Dialog Box Vulnerability
Description: Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-1380
 Version: 5
Platform(s): Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): Mozilla Firefox
mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:100053
 
Oval ID: oval:org.mitre.oval:def:100053
Title: Mozilla Inactive Tab Form Data Theft Vulnerability
Description: Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks.
Family: windows Class: vulnerability
Reference(s): CVE-2004-1381
 Version: 5
Platform(s): Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): mozilla
Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:100054
 
Oval ID: oval:org.mitre.oval:def:100054
Title: Mozilla SSL Lock Image Spoofing via "View Source"
Description: Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.
Family: windows Class: vulnerability
Reference(s): CVE-2005-0144
 Version: 5
Platform(s): Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): mozilla
Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:100057
 
Oval ID: oval:org.mitre.oval:def:100057
Title: Mozilla Local File Loading Vulnerability
Description: Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.
Family: windows Class: vulnerability
Reference(s): CVE-2005-0141
 Version: 4
Platform(s): Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10211
 
Oval ID: oval:org.mitre.oval:def:10211
Title: Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."
Description: Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."
Family: unix Class: vulnerability
Reference(s): CVE-2004-1380
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10227
 
Oval ID: oval:org.mitre.oval:def:10227
Title: Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
Description: Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1613
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10756
 
Oval ID: oval:org.mitre.oval:def:10756
Title: Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."
Description: Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.
Family: unix Class: vulnerability
Reference(s): CVE-2005-0141
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10967
 
Oval ID: oval:org.mitre.oval:def:10967
Title: Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."
Description: Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain screen position, aka "Fireflashing."
Family: unix Class: vulnerability
Reference(s): CVE-2005-0232
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11016
 
Oval ID: oval:org.mitre.oval:def:11016
Title: Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."
Description: Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.
Family: unix Class: vulnerability
Reference(s): CVE-2005-0144
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11377
 
Oval ID: oval:org.mitre.oval:def:11377
Title: The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265.
Description: Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.
Family: unix Class: vulnerability
Reference(s): CVE-2005-0399
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11407
 
Oval ID: oval:org.mitre.oval:def:11407
Title: Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers bypass the user's intended privacy and security policy by using cookies in e-mail messages.
Description: Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers bypass the user's intended privacy and security policy by using cookies in e-mail messages.
Family: unix Class: vulnerability
Reference(s): CVE-2005-0149
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11668
 
Oval ID: oval:org.mitre.oval:def:11668
Title: The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary files or execute arbitrary code.
Description: The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary files or execute arbitrary code.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0906
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11772
 
Oval ID: oval:org.mitre.oval:def:11772
Title: Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling."
Description: Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling."
Family: unix Class: vulnerability
Reference(s): CVE-2005-0527
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9578
 
Oval ID: oval:org.mitre.oval:def:9578
Title: Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
Description: Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials.
Family: unix Class: vulnerability
Reference(s): CVE-2005-0147
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 10
Application 53
Application 14
Application 1
Os 6
Os 1
Os 2
Os 4
Os 1

SAINT Exploits

Description Link
Mozilla Firefox GIF processing buffer overflow More info here

OpenVAS Exploits

Date Description
2009-10-10 Name : SLES9: Security update for Mozilla
File : nvt/sles9p5012017.nasl
2009-05-05 Name : HP-UX Update for Mozilla remote HPSBUX01133
File : nvt/gb_hp_ux_HPSBUX01133.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200409-26 (Mozilla)
File : nvt/glsa_200409_26.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200503-10 (Firefox)
File : nvt/glsa_200503_10.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200503-30 (Mozilla)
File : nvt/glsa_200503_30.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200503-31 (Firefox)
File : nvt/glsa_200503_31.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200503-32 (Thunderbird)
File : nvt/glsa_200503_32.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox5.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox7.nasl
2005-11-03 Name : Mozilla/Firefox default installation file permission flaw
File : nvt/mozilla_default_perms.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
15382 Mozilla Multiple Malformed HTML Tag Null Dereference DoS
14937 Mozilla Multiple Browser GIF Processing Overflow
14197 Mozilla Browsers XPCOM Scrollbar Arbitrary Code Execution

Firefox contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when downloading a malformed HTML document that includes Firefox XPCOM code to perform actions that are triggered by scrollbar actions. It is possible that the flaw may allow writing to an arbitrary local file.
13612 Multiple Browser -moz-opacity Configuration Modification
13339 Mozilla Multiple Products network.cookie.disableCookieForMailNews Email Secur...
13338 Mozilla Multiple Products Proxy Auth Request NTLM or SPNEGO Credential Theft
13336 Mozilla Multiple Products view-source: URL Reference Lock Icon Weakness
13334 Multiple Mozilla Product Custom getter / toString Method Arbitrary File Access
10984 Multiple Browser Cross Tab Form Focus

Mozilla Web Browser, Firefox, Netscape, Maxthon and Avant Browser contain a flaw that may allow a malicious user to gain confidential data by shifting focus on forms from an active tab to an inactive tab. The issue is triggered when a user visits a specially crafted URL that may allow inactive tabs to gain focus from form fields on web sites in another tab resulting in a loss of confidentiality.
10983 Multiple Browser Cross Tab Dialog Box Spoofing

Multiple web browsers contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered by an attacker creating a specially-crafted web page that would produce an inactive tab or window to launch a dialog box that appears to come from a trusted source, which could disclose sensitive information resulting in a loss of confidentiality.
10559 Mozilla Multiple Products XPInstall Arbitrary File Overwrite

Snort® IPS/IDS

Date Description
2014-01-10 Mozilla GIF multipacket heap overflow - ANIMEXTS1.0
RuleID : 6503 - Revision : 9 - Type : WEB-CLIENT
2014-01-10 Mozilla GIF single packet heap overflow - ANIMEXTS1.0
RuleID : 6502 - Revision : 15 - Type : FILE-IMAGE
2014-01-10 Mozilla GIF multipacket heap overflow - NETSCAPE2.0
RuleID : 3536 - Revision : 13 - Type : WEB-CLIENT
2014-01-10 Mozilla GIF single packet heap overflow - NETSCAPE2.0
RuleID : 3534 - Revision : 26 - Type : FILE-IMAGE
2014-01-10 Mozilla Firefox plugin access control bypass attempt
RuleID : 17265 - Revision : 13 - Type : BROWSER-FIREFOX

Nessus® Vulnerability Scanner

Date Description
2006-07-05 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2005-384.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-149-3.nasl - Type : ACT_GATHER_INFO
2005-10-24 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2005_016.nasl - Type : ACT_GATHER_INFO
2005-09-12 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-246.nasl - Type : ACT_GATHER_INFO
2005-09-12 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-249.nasl - Type : ACT_GATHER_INFO
2005-09-12 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-247.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_7d2aac529c6b11d999a7000a95bc6fae.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_cbfde1cd87eb11d9aa180001020eed82.nasl - Type : ACT_GATHER_INFO
2005-05-19 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-248.nasl - Type : ACT_GATHER_INFO
2005-05-17 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2005-088.nasl - Type : ACT_GATHER_INFO
2005-04-29 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-384.nasl - Type : ACT_GATHER_INFO
2005-03-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200503-30.nasl - Type : ACT_GATHER_INFO
2005-03-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200503-31.nasl - Type : ACT_GATHER_INFO
2005-03-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200503-32.nasl - Type : ACT_GATHER_INFO
2005-03-25 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2005-337.nasl - Type : ACT_GATHER_INFO
2005-03-25 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2005-336.nasl - Type : ACT_GATHER_INFO
2005-03-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-335.nasl - Type : ACT_GATHER_INFO
2005-03-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-323.nasl - Type : ACT_GATHER_INFO
2005-03-23 Name : A web browser installed on the remote host contains multiple vulnerabilities.
File : mozilla_176.nasl - Type : ACT_GATHER_INFO
2005-03-23 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_102.nasl - Type : ACT_GATHER_INFO
2005-03-23 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_102.nasl - Type : ACT_GATHER_INFO
2005-03-06 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200503-10.nasl - Type : ACT_GATHER_INFO
2005-03-02 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2005-176.nasl - Type : ACT_GATHER_INFO
2005-02-22 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2005-094.nasl - Type : ACT_GATHER_INFO
2004-11-13 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_img.nasl - Type : ACT_GATHER_INFO
2004-10-20 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2004-107.nasl - Type : ACT_GATHER_INFO
2004-10-08 Name : The remote Windows host has a web browser installed that has file permissions...
File : mozilla_default_perms.nasl - Type : ACT_GATHER_INFO
2004-09-21 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200409-26.nasl - Type : ACT_GATHER_INFO
2004-09-15 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_multiple_flaws.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 11:49:12
  • Multiple Updates
2013-05-11 12:22:56
  • Multiple Updates