Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title OpenSSL vulnerability
Informations
Name USN-1428-1 First vendor Publication 2012-04-24
Vendor Ubuntu Last vendor Modification 2012-04-24
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS

Summary:

An application using OpenSSL could be made to crash or run programs if it opened a specially crafted file.

Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools

Details:

It was discovered that the fix for CVE-2012-2110 was incomplete for OpenSSL 0.9.8. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. Ubuntu 11.10 was not affected by this issue. (CVE-2012-2131)

The original upstream fix for CVE-2012-2110 would cause BUF_MEM_grow_clean() to sometimes return the wrong error condition. This update fixes the problem.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.10:
libssl1.0.0 1.0.0e-2ubuntu4.5

Ubuntu 11.04:
libssl0.9.8 0.9.8o-5ubuntu1.5

Ubuntu 10.04 LTS:
libssl0.9.8 0.9.8k-7ubuntu8.11

Ubuntu 8.04 LTS:
libssl0.9.8 0.9.8g-4ubuntu3.18

After a standard system update you need to reboot your computer to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1428-1
CVE-2012-2131

Package Information:
https://launchpad.net/ubuntu/+source/openssl/1.0.0e-2ubuntu4.5
https://launchpad.net/ubuntu/+source/openssl/0.9.8o-5ubuntu1.5
https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.11
https://launchpad.net/ubuntu/+source/openssl/0.9.8g-4ubuntu3.18

Original Source

Url : http://www.ubuntu.com/usn/USN-1428-1

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-189 Numeric Errors (CWE/SANS Top 25)
50 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17402
 
Oval ID: oval:org.mitre.oval:def:17402
Title: USN-1428-1 -- openssl vulnerability
Description: An application using OpenSSL could be made to crash or run programs if it opened a specially crafted file.
Family: unix Class: patch
Reference(s): USN-1428-1
CVE-2012-2110
CVE-2012-2131
 Version: 7
Platform(s): Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.04
Ubuntu 8.04
 Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17928
 
Oval ID: oval:org.mitre.oval:def:17928
Title: USN-1424-1 -- openssl vulnerabilities
Description: An application using OpenSSL could be made to crash or run programs if it opened a specially crafted file.
Family: unix Class: patch
Reference(s): USN-1424-1
CVE-2006-7250
CVE-2012-1165
CVE-2012-2110
 Version: 7
Platform(s): Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.04
Ubuntu 8.04
 Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19495
 
Oval ID: oval:org.mitre.oval:def:19495
Title: HP-UX Running OpenSSL, Remote Denial of Service (DoS)
Description: Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.
Family: unix Class: vulnerability
Reference(s): CVE-2012-2131
 Version: 11
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19592
 
Oval ID: oval:org.mitre.oval:def:19592
Title: HP-UX Running OpenSSL, Remote Denial of Service (DoS)
Description: The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
Family: unix Class: vulnerability
Reference(s): CVE-2012-2110
 Version: 11
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19831
 
Oval ID: oval:org.mitre.oval:def:19831
Title: VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues.
Description: The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
Family: unix Class: vulnerability
Reference(s): CVE-2012-2110
 Version: 4
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20716
 
Oval ID: oval:org.mitre.oval:def:20716
Title: VMware vSphere and vCOps updates to third party libraries
Description: The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
Family: unix Class: vulnerability
Reference(s): CVE-2012-2110
 Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21031
 
Oval ID: oval:org.mitre.oval:def:21031
Title: Multiple OpenSSL vulnerabilities
Description: Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.
Family: unix Class: vulnerability
Reference(s): CVE-2012-2131
 Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21032
 
Oval ID: oval:org.mitre.oval:def:21032
Title: Multiple OpenSSL vulnerabilities
Description: The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
Family: unix Class: vulnerability
Reference(s): CVE-2012-2110
 Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21366
 
Oval ID: oval:org.mitre.oval:def:21366
Title: RHSA-2012:0518: openssl security update (Important)
Description: The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
Family: unix Class: patch
Reference(s): RHSA-2012:0518-02
CESA-2012:0518
CVE-2012-2110
 Version: 4
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
 Product(s): openssl
openssl097a
openssl098e
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23304
 
Oval ID: oval:org.mitre.oval:def:23304
Title: DEPRECATED: ELSA-2012:0518: openssl security update (Important)
Description: The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
Family: unix Class: patch
Reference(s): ELSA-2012:0518-02
CVE-2012-2110
 Version: 7
Platform(s): Oracle Linux 6
Oracle Linux 5
 Product(s): openssl
openssl097a
openssl098e
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23704
 
Oval ID: oval:org.mitre.oval:def:23704
Title: ELSA-2012:0518: openssl security update (Important)
Description: The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
Family: unix Class: patch
Reference(s): ELSA-2012:0518-02
CVE-2012-2110
 Version: 6
Platform(s): Oracle Linux 6
Oracle Linux 5
 Product(s): openssl
openssl097a
openssl098e
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24750
 
Oval ID: oval:org.mitre.oval:def:24750
Title: OpenSSL vulnerability in 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a, allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact
Description: The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
Family: windows Class: vulnerability
Reference(s): CVE-2012-2110
 Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
 Product(s): OpenSSL
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25018
 
Oval ID: oval:org.mitre.oval:def:25018
Title: OpenSSL vulnerability in before 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact
Description: Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.
Family: windows Class: vulnerability
Reference(s): CVE-2012-2131
 Version: 4
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
 Product(s): OpenSSL
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27811
 
Oval ID: oval:org.mitre.oval:def:27811
Title: DEPRECATED: ELSA-2012-0518 -- openssl security update (important)
Description: openssl: [1.0.0-20.4] - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185) openssl098e: [0.9.8e-17.el6_2.2] - Updated the description [0.9.8e-17.2] - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185)
Family: unix Class: patch
Reference(s): ELSA-2012-0518
CVE-2012-2110
 Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
 Product(s): openssl
openssl097a
openssl098e
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 272
Application 3

ExploitDB Exploits

id Description
2012-04-19 OpenSSL ASN1 BIO Memory Corruption Vulnerability

OpenVAS Exploits

Date Description
2012-08-31 Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.
File : nvt/gb_VMSA-2012-0013.nasl
2012-08-30 Name : Fedora Update for openssl FEDORA-2012-6343
File : nvt/gb_fedora_2012_6343_openssl_fc17.nasl
2012-08-10 Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD19.nasl
2012-08-03 Name : Mandriva Update for openssl0.9.8 MDVSA-2012:064 (openssl0.9.8)
File : nvt/gb_mandriva_MDVSA_2012_064.nasl
2012-08-03 Name : Mandriva Update for openssl MDVSA-2012:060 (openssl)
File : nvt/gb_mandriva_MDVSA_2012_060.nasl
2012-07-30 Name : CentOS Update for openssl097a CESA-2012:0518 centos5
File : nvt/gb_CESA-2012_0518_openssl097a_centos5.nasl
2012-07-30 Name : CentOS Update for openssl098e CESA-2012:0518 centos6
File : nvt/gb_CESA-2012_0518_openssl098e_centos6.nasl
2012-06-04 Name : Fedora Update for openssl FEDORA-2012-8024
File : nvt/gb_fedora_2012_8024_openssl_fc15.nasl
2012-06-04 Name : Fedora Update for openssl FEDORA-2012-8014
File : nvt/gb_fedora_2012_8014_openssl_fc16.nasl
2012-05-11 Name : Fedora Update for openssl FEDORA-2012-6395
File : nvt/gb_fedora_2012_6395_openssl_fc15.nasl
2012-04-30 Name : Debian Security Advisory DSA 2454-2 (openssl)
File : nvt/deb_2454_2.nasl
2012-04-30 Name : Fedora Update for openssl FEDORA-2012-6403
File : nvt/gb_fedora_2012_6403_openssl_fc16.nasl
2012-04-30 Name : FreeBSD Ports: openssl
File : nvt/freebsd_openssl7.nasl
2012-04-30 Name : Debian Security Advisory DSA 2454-1 (openssl)
File : nvt/deb_2454_1.nasl
2012-04-26 Name : RedHat Update for openssl RHSA-2012:0518-01
File : nvt/gb_RHSA-2012_0518-01_openssl.nasl
2012-04-26 Name : Ubuntu Update for openssl USN-1428-1
File : nvt/gb_ubuntu_USN_1428_1.nasl
2012-04-20 Name : Ubuntu Update for openssl USN-1424-1
File : nvt/gb_ubuntu_USN_1424_1.nasl

Information Assurance Vulnerability Management (IAVM)

Date Description
2013-09-19 IAVM : 2013-A-0181 - Multiple Vulnerabilities in Junos Pulse Secure Access Service (IVE)
Severity : Category I - VMSKEY : V0040371
2013-09-19 IAVM : 2013-A-0180 - Multiple Vulnerabilities in Juniper Networks Junos Pulse Access Service Acces...
Severity : Category I - VMSKEY : V0040372
2013-02-28 IAVM : 2013-A-0056 - VMware ESXi 3.5 and ESX 3.5 Memory Corruption Vulnerability
Severity : Category I - VMSKEY : V0037066
2012-09-27 IAVM : 2012-A-0153 - Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity : Category I - VMSKEY : V0033884

Nessus® Vulnerability Scanner

Date Description
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_esx_VMSA-2013-0003_remote.nasl - Type : ACT_GATHER_INFO
2016-02-29 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2012-0013_remote.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16285.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_openssl_20120626.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa10659.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2014-0008.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2014-0007.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-153.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-308.nasl - Type : ACT_GATHER_INFO
2014-04-16 Name : The remote AIX host is running a vulnerable version of OpenSSL.
File : aix_openssl_advisory4.nasl - Type : ACT_GATHER_INFO
2013-12-03 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201312-03.nasl - Type : ACT_GATHER_INFO
2013-09-19 Name : The remote device is missing a vendor-supplied security patch.
File : junos_pulse_jsa10591.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-73.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-72.nasl - Type : ACT_GATHER_INFO
2013-07-23 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_2_1_0.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-2011.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0518.nasl - Type : ACT_GATHER_INFO
2013-06-05 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_8_4.nasl - Type : ACT_GATHER_INFO
2013-06-05 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2013-002.nasl - Type : ACT_GATHER_INFO
2013-02-22 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2013-0003.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_compat-openssl097g-120830.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libopenssl-devel-120503.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0522.nasl - Type : ACT_GATHER_INFO
2012-11-26 Name : The remote Fedora host is missing a security update.
File : fedora_2012-18035.nasl - Type : ACT_GATHER_INFO
2012-09-12 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_compat-openssl097g-8262.nasl - Type : ACT_GATHER_INFO
2012-08-31 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0013.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120424_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-07-17 Name : The remote router has a memory corruption vulnerability.
File : juniper_psn-2012-07-645.nasl - Type : ACT_GATHER_INFO
2012-06-28 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_2ae114dec06411e1b5e0000c299b62e1.nasl - Type : ACT_GATHER_INFO
2012-05-23 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_openssl-8112.nasl - Type : ACT_GATHER_INFO
2012-05-11 Name : The remote Fedora host is missing a security update.
File : fedora_2012-6395.nasl - Type : ACT_GATHER_INFO
2012-04-30 Name : The remote Fedora host is missing a security update.
File : fedora_2012-6403.nasl - Type : ACT_GATHER_INFO
2012-04-27 Name : The remote Fedora host is missing a security update.
File : fedora_2012-6343.nasl - Type : ACT_GATHER_INFO
2012-04-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1428-1.nasl - Type : ACT_GATHER_INFO
2012-04-25 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0518.nasl - Type : ACT_GATHER_INFO
2012-04-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0518.nasl - Type : ACT_GATHER_INFO
2012-04-25 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-064.nasl - Type : ACT_GATHER_INFO
2012-04-24 Name : The remote host may be affected by a memory corruption vulnerability.
File : openssl_0_9_8v.nasl - Type : ACT_GATHER_INFO
2012-04-23 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_7184f92e8bb811e18d7b003067b2972c.nasl - Type : ACT_GATHER_INFO
2012-04-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1424-1.nasl - Type : ACT_GATHER_INFO
2012-04-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-060.nasl - Type : ACT_GATHER_INFO
2012-04-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2454.nasl - Type : ACT_GATHER_INFO
2012-04-19 Name : The remote host may be affected by a memory corruption vulnerability.
File : openssl_1_0_1a.nasl - Type : ACT_GATHER_INFO
2012-04-19 Name : The remote host may be affected by a memory corruption vulnerability.
File : openssl_1_0_0i.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 12:00:00
  • Multiple Updates