Executive Summary
Summary | |
---|---|
Title | GnuTLS vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-809-1 | First vendor Publication | 2009-08-19 |
Vendor | Ubuntu | Last vendor Modification | 2009-08-19 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 8.04 LTS: Ubuntu 8.10: Ubuntu 9.04: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Moxie Marlinspike and Dan Kaminsky independently discovered that GnuTLS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2009-2730) Dan Kaminsky discovered GnuTLS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This issue only affected Ubuntu 6.06 LTS and Ubuntu 8.10. (CVE-2009-2409) USN-678-1 fixed a vulnerability and USN-678-2 a regression in GnuTLS. The Original advisory details: Martin von Gagern discovered that GnuTLS did not properly verify |
Original Source
Url : http://www.ubuntu.com/usn/USN-809-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-310 | Cryptographic Issues |
33 % | CWE-295 | Certificate Issues |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10778 | |||
Oval ID: | oval:org.mitre.oval:def:10778 | ||
Title: | libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | ||
Description: | libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2730 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11650 | |||
Oval ID: | oval:org.mitre.oval:def:11650 | ||
Title: | The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN). | ||
Description: | The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4989 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12790 | |||
Oval ID: | oval:org.mitre.oval:def:12790 | ||
Title: | DSA-1719-1 gnutls13 -- design flaw | ||
Description: | Martin von Gagern discovered that GNUTLS, an implementation of the TLS/SSL protocol, handles verification of X.509 certificate chains incorrectly if a self-signed certificate is configured as a trusted certificate. This could cause clients to accept forged server certificates as genuine. In addition, this update tightens the checks for X.509v1 certificates which causes GNUTLS to reject certain certificate chains it accepted before. For the stable distribution, this problem has been fixed in version 1.4.4-3+etch3. For the unstable distribution, this problem has been fixed in version 2.4.2-3 of the gnutls26 package. We recommend that you upgrade your gnutls13 packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1719-1 CVE-2008-4989 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | gnutls13 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13409 | |||
Oval ID: | oval:org.mitre.oval:def:13409 | ||
Title: | USN-830-1 -- openssl vulnerability | ||
Description: | Dan Kaminsky discovered OpenSSL would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-830-1 CVE-2009-2409 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 9.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13629 | |||
Oval ID: | oval:org.mitre.oval:def:13629 | ||
Title: | DSA-1719-2 gnutls13, gnutls26 -- design flaw | ||
Description: | Changes in DSA-1719-1 caused GNUTLS to reject X.509v1 certificates as CA root certificates by default, as originally described in the documentation. However, it turned out that there is still significant use of historic X.509v1 CA root certificates, so this constitutes an unacceptable regression. This update reverses this part of the changes in DSA-1719-1. Note that the X.509v1 certificate format does not distinguish between server and CA certificates, which means that an X.509v1 server certificates is implicitly converted into a CA certificate when added to the trust store. The current stable distribution was released with the changes in DSA-1719-1 already applied, and this update reverses the changes concerning X.509v1 CA certificates for this distribution, too. For the old stable distribution, this problem has been fixed in version 1.4.4-3+etch4. For the stable distribution, this problem has been fixed in version 2.4.2-6+lenny1. We recommend that you upgrade your GNUTLS packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1719-2 CVE-2008-4989 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | gnutls13 gnutls26 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13737 | |||
Oval ID: | oval:org.mitre.oval:def:13737 | ||
Title: | DSA-1874-1 nss -- several | ||
Description: | Several vulnerabilities have been discovered in the Network Security Service libraries. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2404 Moxie Marlinspike discovered that a buffer overflow in the regular expression parser could lead to the execution of arbitrary code. CVE-2009-2408 Dan Kaminsky discovered that NULL characters in certificate names could lead to man-in-the-middle attacks by tricking the user into accepting a rogue certificate. CVE-2009-2409 Certificates with MD2 hash signatures are no longer accepted since they’re no longer considered cryptographically secure. The old stable distribution doesn’t contain nss. For the stable distribution, these problems have been fixed in version 3.12.3.1-0lenny1. For the unstable distribution, these problems have been fixed in version 3.12.3.1-1. We recommend that you upgrade your nss packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1874-1 CVE-2009-2404 CVE-2009-2408 CVE-2009-2409 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13780 | |||
Oval ID: | oval:org.mitre.oval:def:13780 | ||
Title: | USN-810-2 -- nspr update | ||
Description: | USN-810-1 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service or execute arbitrary code as the user invoking the program. Moxie Marlinspike and Dan Kaminsky independently discovered that NSS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Dan Kaminsky discovered NSS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site | ||
Family: | unix | Class: | patch |
Reference(s): | USN-810-2 CVE-2009-2404 CVE-2009-2408 CVE-2009-2409 | Version: | 5 |
Platform(s): | Ubuntu 8.10 Ubuntu 8.04 Ubuntu 9.04 | Product(s): | nspr |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13825 | |||
Oval ID: | oval:org.mitre.oval:def:13825 | ||
Title: | USN-809-1 -- gnutls12, gnutls13, gnutls26 vulnerabilities | ||
Description: | Moxie Marlinspike and Dan Kaminsky independently discovered that GnuTLS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Dan Kaminsky discovered GnuTLS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This issue only affected Ubuntu 6.06 LTS and Ubuntu 8.10. USN-678-1 fixed a vulnerability and USN-678-2 a regression in GnuTLS. The upstream patches introduced a regression when validating certain certificate chains that would report valid certificates as untrusted. This update fixes the problem, and only affected Ubuntu 6.06 LTS and Ubuntu 8.10 . In an effort to maintain a strong security stance and address all known regressions, this update deprecates X.509 validation chains using MD2 and MD5 signatures. To accomodate sites which must still use a deprected RSA-MD5 certificate, GnuTLS has been updated to stop looking when it has found a trusted intermediary certificate. This new handling of intermediary certificates is in accordance with other SSL implementations. Original advisory details: Martin von Gagern discovered that GnuTLS did not properly verify certificate chains when the last certificate in the chain was self-signed. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information | ||
Family: | unix | Class: | patch |
Reference(s): | USN-809-1 CVE-2009-2730 CVE-2009-2409 CVE-2008-4989 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 9.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | gnutls12 gnutls13 gnutls26 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13850 | |||
Oval ID: | oval:org.mitre.oval:def:13850 | ||
Title: | USN-810-1 -- nss vulnerabilities | ||
Description: | Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service or execute arbitrary code as the user invoking the program. Moxie Marlinspike and Dan Kaminsky independently discovered that NSS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Dan Kaminsky discovered NSS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site | ||
Family: | unix | Class: | patch |
Reference(s): | USN-810-1 CVE-2009-2404 CVE-2009-2408 CVE-2009-2409 | Version: | 5 |
Platform(s): | Ubuntu 8.10 Ubuntu 8.04 Ubuntu 9.04 | Product(s): | nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17801 | |||
Oval ID: | oval:org.mitre.oval:def:17801 | ||
Title: | USN-678-2 -- gnutls12, gnutls13, gnutls26 regression | ||
Description: | USN-678-1 fixed a vulnerability in GnuTLS. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-678-2 CVE-2008-4989 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 Ubuntu 8.10 | Product(s): | gnutls12 gnutls13 gnutls26 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17875 | |||
Oval ID: | oval:org.mitre.oval:def:17875 | ||
Title: | USN-678-1 -- gnutls12, gnutls13, gnutls26 vulnerability | ||
Description: | Martin von Gagern discovered that GnuTLS did not properly verify certificate chains when the last certificate in the chain was self-signed. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-678-1 CVE-2008-4989 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 Ubuntu 8.10 | Product(s): | gnutls12 gnutls13 gnutls26 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20167 | |||
Oval ID: | oval:org.mitre.oval:def:20167 | ||
Title: | DSA-1935-1 gnutls13 gnutls26 - SSL certificate | ||
Description: | Dan Kaminsky and Moxie Marlinspike discovered that gnutls, an implementation of the TLS/SSL protocol, does not properly handle a '\0' character in a domain name in the subject's Common Name or Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. (<a href="http://security-tracker.debian.org/tracker/CVE-2009-2730">CVE-2009-2730</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1935-1 CVE-2009-2409 CVE-2009-2730 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 Debian GNU/Linux 5.0 | Product(s): | gnutls13 gnutls26 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22412 | |||
Oval ID: | oval:org.mitre.oval:def:22412 | ||
Title: | ELSA-2009:1186: nspr and nss security, bug fix, and enhancement update (Critical) | ||
Description: | The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1186-01 CVE-2009-2404 CVE-2009-2408 CVE-2009-2409 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | nspr nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22748 | |||
Oval ID: | oval:org.mitre.oval:def:22748 | ||
Title: | ELSA-2009:1232: gnutls security update (Moderate) | ||
Description: | libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1232-01 CVE-2009-2730 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | gnutls |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22750 | |||
Oval ID: | oval:org.mitre.oval:def:22750 | ||
Title: | ELSA-2008:0982: gnutls security update (Moderate) | ||
Description: | The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN). | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0982-01 CVE-2008-4989 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | gnutls |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25180 | |||
Oval ID: | oval:org.mitre.oval:def:25180 | ||
Title: | Vulnerability in OpenSSL 0.9.8 through 0.9.8k, might allow remote attackers to spoof certificates | ||
Description: | The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2409 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28253 | |||
Oval ID: | oval:org.mitre.oval:def:28253 | ||
Title: | DEPRECATED: ELSA-2010-0054 -- openssl security update (moderate) | ||
Description: | [0.9.8e-12.1] - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables (#510197) - fix CVE-2009-4355 - do not leak memory when CRYPTO_cleanup_all_ex_data() is called prematurely by application (#546707) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0054 CVE-2009-4355 CVE-2009-2409 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29020 | |||
Oval ID: | oval:org.mitre.oval:def:29020 | ||
Title: | RHSA-2008:0982 -- gnutls security update (Moderate) | ||
Description: | Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). Martin von Gagern discovered a flaw in the way GnuTLS verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications using the GnuTLS library to trust invalid certificates. (CVE-2008-4989) Users of GnuTLS are advised to upgrade to these updated packages, which contain a backported patch that corrects this issue. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0982 CESA-2008:0982-CentOS 5 CVE-2008-4989 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gnutls |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29071 | |||
Oval ID: | oval:org.mitre.oval:def:29071 | ||
Title: | USN-810-3 -- NSS regression | ||
Description: | USN-810-1 fixed vulnerabilities in NSS. Jozsef Kadlecsik noticed that the new libraries on amd64 did not correctly set stack memory flags, and caused applications using NSS (e.g. Firefox) to have an executable stack. This reduced the effectiveness of some defensive security protections. This update fixes the problem. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-810-3 CVE-2009-2404 CVE-2009-2408 CVE-2009-2409 | Version: | 3 |
Platform(s): | Ubuntu 9.04 Ubuntu 8.10 Ubuntu 8.04 | Product(s): | nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29169 | |||
Oval ID: | oval:org.mitre.oval:def:29169 | ||
Title: | RHSA-2009:1186 -- nspr and nss security, bug fix, and enhancement update (Critical) | ||
Description: | Updated nspr and nss packages that fix security issues, bugs, and add an enhancement are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1186 CVE-2009-2404 CVE-2009-2408 CVE-2009-2409 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | nspr nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29281 | |||
Oval ID: | oval:org.mitre.oval:def:29281 | ||
Title: | RHSA-2009:1232 -- gnutls security update (Moderate) | ||
Description: | Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1232 CVE-2009-2730 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 | Product(s): | gnutls |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6631 | |||
Oval ID: | oval:org.mitre.oval:def:6631 | ||
Title: | Network Security Services Library Supports Certificates With Weak MD2 Hash Signatures | ||
Description: | The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2409 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7155 | |||
Oval ID: | oval:org.mitre.oval:def:7155 | ||
Title: | VMware ESX, Service Console update for OpenSSL, GnuTLS, NSS and NSPR. | ||
Description: | The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2409 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7938 | |||
Oval ID: | oval:org.mitre.oval:def:7938 | ||
Title: | DSA-1719 gnutls13 -- design flaw | ||
Description: | Martin von Gagern discovered that GNUTLS, an implementation of the TLS/SSL protocol, handles verification of X.509 certificate chains incorrectly if a self-signed certificate is configured as a trusted certificate. This could cause clients to accept forged server certificates as genuine. (CVE-2008-4989) In addition, this update tightens the checks for X.509v1 certificates which causes GNUTLS to reject certain certificate chains it accepted before. (In certificate chain processing, GNUTLS does not recognize X.509v1 certificates as valid unless explicitly requested by the application.) | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1719 CVE-2008-4989 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | gnutls13 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8111 | |||
Oval ID: | oval:org.mitre.oval:def:8111 | ||
Title: | DSA-1874 nss -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the Network Security Service libraries. The Common Vulnerabilities and Exposures project identifies the following problems: Moxie Marlinspike discovered that a buffer overflow in the regular expression parser could lead to the execution of arbitrary code. Dan Kaminsky discovered that NULL characters in certificate names could lead to man-in-the-middle attacks by tricking the user into accepting a rogue certificate. Certificates with MD2 hash signatures are no longer accepted since they're no longer considered cryptographically secure. The old stable distribution (etch) doesn't contain nss. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1874 CVE-2009-2404 CVE-2009-2408 CVE-2009-2409 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8289 | |||
Oval ID: | oval:org.mitre.oval:def:8289 | ||
Title: | DSA-1935 gnutls13 gnutls26 -- several vulnerabilities | ||
Description: | Dan Kaminsky and Moxie Marlinspike discovered that gnutls, an implementation of the TLS/SSL protocol, does not properly handle a "\0" character in a domain name in the subject's Common Name or Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. (CVE-2009-2730) In addition, with this update, certificates with MD2 hash signatures are no longer accepted since they're no longer considered cryptographically secure. It only affects the oldstable distribution (etch).(CVE-2009-2409) | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1935 CVE-2009-2409 CVE-2009-2730 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | gnutls13 gnutls26 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8409 | |||
Oval ID: | oval:org.mitre.oval:def:8409 | ||
Title: | VMware GnuTLS vulnerability | ||
Description: | libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2730 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8594 | |||
Oval ID: | oval:org.mitre.oval:def:8594 | ||
Title: | VMware Network Security Services (NSS) certificate spoofing vulnerability by using MD2 design flaw | ||
Description: | The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2409 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-18 (GnuTLS) File : nvt/glsa_201206_18.nasl |
2012-04-16 | Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates File : nvt/gb_VMSA-2010-0009.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-05 (gnutls) File : nvt/glsa_201110_05.nasl |
2011-08-09 | Name : CentOS Update for gnutls CESA-2010:0166 centos5 i386 File : nvt/gb_CESA-2010_0166_gnutls_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for openssl CESA-2010:0054 centos5 i386 File : nvt/gb_CESA-2010_0054_openssl_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for java CESA-2009:1584 centos5 i386 File : nvt/gb_CESA-2009_1584_java_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1432 centos3 i386 File : nvt/gb_CESA-2009_1432_seamonkey_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for gnutls CESA-2009:1232 centos4 i386 File : nvt/gb_CESA-2009_1232_gnutls_centos4_i386.nasl |
2010-05-12 | Name : Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006 File : nvt/macosx_upd_10_6_2_secupd_2009-006.nasl |
2010-04-30 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2010:084 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2010_084.nasl |
2010-03-31 | Name : RedHat Update for gnutls RHSA-2010:0166-01 File : nvt/gb_RHSA-2010_0166-01_gnutls.nasl |
2010-03-31 | Name : RedHat Update for openssl RHSA-2010:0163-01 File : nvt/gb_RHSA-2010_0163-01_openssl.nasl |
2010-03-31 | Name : CentOS Update for openssl CESA-2010:0163 centos4 i386 File : nvt/gb_CESA-2010_0163_openssl_centos4_i386.nasl |
2010-03-31 | Name : CentOS Update for openssl CESA-2010:0163 centos3 i386 File : nvt/gb_CESA-2010_0163_openssl_centos3_i386.nasl |
2010-03-02 | Name : Mandriva Update for x11-driver-video-ati MDVA-2010:084 (x11-driver-video-ati) File : nvt/gb_mandriva_MDVA_2010_084.nasl |
2010-01-20 | Name : RedHat Update for openssl RHSA-2010:0054-01 File : nvt/gb_RHSA-2010_0054-01_openssl.nasl |
2009-12-14 | Name : Gentoo Security Advisory GLSA 200912-01 (openssl) File : nvt/glsa_200912_01.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:308 (gnutls) File : nvt/mdksa_2009_308.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:310 (openssl) File : nvt/mdksa_2009_310.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:197-3 (nss) File : nvt/mdksa_2009_197_3.nasl |
2009-11-23 | Name : Debian Security Advisory DSA 1935-1 (gnutls13 gnutls26) File : nvt/deb_1935_1.nasl |
2009-11-23 | Name : CentOS Security Advisory CESA-2009:1584 (java-1.6.0-openjdk) File : nvt/ovcesa2009_1584.nasl |
2009-11-17 | Name : Fedora Core 11 FEDORA-2009-11486 (java-1.6.0-openjdk) File : nvt/fcore_2009_11486.nasl |
2009-11-17 | Name : Fedora Core 12 FEDORA-2009-11489 (java-1.6.0-openjdk) File : nvt/fcore_2009_11489.nasl |
2009-11-17 | Name : Fedora Core 10 FEDORA-2009-11490 (java-1.6.0-openjdk) File : nvt/fcore_2009_11490.nasl |
2009-11-17 | Name : RedHat Security Advisory RHSA-2009:1584 File : nvt/RHSA_2009_1584.nasl |
2009-11-17 | Name : RedHat Security Advisory RHSA-2009:1571 File : nvt/RHSA_2009_1571.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1560 File : nvt/RHSA_2009_1560.nasl |
2009-10-13 | Name : Mandrake Security Advisory MDVSA-2009:258 (openssl) File : nvt/mdksa_2009_258.nasl |
2009-10-13 | Name : SLES10: Security update for GnuTLS File : nvt/sles10_gnutls0.nasl |
2009-10-13 | Name : SLES10: Security update for GnuTLS File : nvt/sles10_gnutls2.nasl |
2009-10-11 | Name : SLES11: Security update for GnuTLS File : nvt/sles11_gnutls0.nasl |
2009-10-11 | Name : SLES11: Security update for GnuTLS File : nvt/sles11_gnutls.nasl |
2009-10-10 | Name : SLES9: Security update for GnuTLS File : nvt/sles9p5057720.nasl |
2009-09-28 | Name : Fedora Core 10 FEDORA-2009-8622 (gnutls) File : nvt/fcore_2009_8622.nasl |
2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:237 (openssl) File : nvt/mdksa_2009_237.nasl |
2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:238 (openssl) File : nvt/mdksa_2009_238.nasl |
2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:239 (openssl) File : nvt/mdksa_2009_239.nasl |
2009-09-28 | Name : Fedora Core 11 FEDORA-2009-8565 (gnutls) File : nvt/fcore_2009_8565.nasl |
2009-09-23 | Name : Solaris Update for GNU Transport Layer Security Library 123939-02 File : nvt/gb_solaris_123939_02.nasl |
2009-09-23 | Name : Solaris Update for GNOME 2.6.0 123938-02 File : nvt/gb_solaris_123938_02.nasl |
2009-09-21 | Name : Debian Security Advisory DSA 1888-1 (openssl, openssl097) File : nvt/deb_1888_1.nasl |
2009-09-21 | Name : SuSE Security Summary SUSE-SR:2009:015 File : nvt/suse_sr_2009_015.nasl |
2009-09-15 | Name : Mandrake Security Advisory MDVSA-2009:197-2 (nss) File : nvt/mdksa_2009_197_2.nasl |
2009-09-15 | Name : CentOS Security Advisory CESA-2009:1432 (seamonkey) File : nvt/ovcesa2009_1432.nasl |
2009-09-15 | Name : Ubuntu USN-830-1 (openssl) File : nvt/ubuntu_830_1.nasl |
2009-09-15 | Name : RedHat Security Advisory RHSA-2009:1432 File : nvt/RHSA_2009_1432.nasl |
2009-09-02 | Name : Mandrake Security Advisory MDVSA-2009:210 (gnutls) File : nvt/mdksa_2009_210.nasl |
2009-09-02 | Name : Debian Security Advisory DSA 1874-1 (nss) File : nvt/deb_1874_1.nasl |
2009-09-02 | Name : CentOS Security Advisory CESA-2009:1232 (gnutls) File : nvt/ovcesa2009_1232.nasl |
2009-09-02 | Name : RedHat Security Advisory RHSA-2009:1232 File : nvt/RHSA_2009_1232.nasl |
2009-09-02 | Name : FreeBSD Ports: gnutls File : nvt/freebsd_gnutls5.nasl |
2009-09-02 | Name : Mandrake Security Advisory MDVSA-2009:216 (mozilla-thunderbird) File : nvt/mdksa_2009_216.nasl |
2009-09-02 | Name : Ubuntu USN-809-1 (gnutls26) File : nvt/ubuntu_809_1.nasl |
2009-08-17 | Name : Ubuntu USN-810-1 (nss) File : nvt/ubuntu_810_1.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:197 (nss) File : nvt/mdksa_2009_197.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1186 File : nvt/RHSA_2009_1186.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1190 File : nvt/RHSA_2009_1190.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1207 File : nvt/RHSA_2009_1207.nasl |
2009-08-17 | Name : Ubuntu USN-810-2 (fixed) File : nvt/ubuntu_810_2.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1184 File : nvt/RHSA_2009_1184.nasl |
2009-08-05 | Name : Firefox SSL Server Spoofing Vulnerability (Win) File : nvt/gb_firefox_ssl_spoof_vuln_win.nasl |
2009-08-05 | Name : OpenSSL/GnuTLS SSL Server Spoofing Vulnerability (Win) File : nvt/gb_openssl_n_gnutls_ssl_spoof_vuln_win.nasl |
2009-04-28 | Name : SuSE Security Summary SUSE-SR:2009:009 File : nvt/suse_sr_2009_009.nasl |
2009-04-09 | Name : Mandriva Update for gnutls MDVSA-2008:227 (gnutls) File : nvt/gb_mandriva_MDVSA_2008_227.nasl |
2009-04-09 | Name : Mandriva Update for gnutls MDVSA-2008:227-1 (gnutls) File : nvt/gb_mandriva_MDVSA_2008_227_1.nasl |
2009-03-23 | Name : Ubuntu Update for gnutls12, gnutls13, gnutls26 regression USN-678-2 File : nvt/gb_ubuntu_USN_678_2.nasl |
2009-03-23 | Name : Ubuntu Update for gnutls12, gnutls13, gnutls26 vulnerability USN-678-1 File : nvt/gb_ubuntu_USN_678_1.nasl |
2009-03-20 | Name : Debian Security Advisory DSA 1719-2 (gnutls13, gnutls26) File : nvt/deb_1719_2.nasl |
2009-03-06 | Name : RedHat Update for gnutls RHSA-2008:0982-01 File : nvt/gb_RHSA-2008_0982-01_gnutls.nasl |
2009-02-17 | Name : Fedora Update for gnutls FEDORA-2008-9530 File : nvt/gb_fedora_2008_9530_gnutls_fc9.nasl |
2009-02-17 | Name : Fedora Update for gnutls FEDORA-2008-9600 File : nvt/gb_fedora_2008_9600_gnutls_fc8.nasl |
2009-02-16 | Name : Fedora Update for gnutls FEDORA-2008-10000 File : nvt/gb_fedora_2008_10000_gnutls_fc10.nasl |
2009-02-13 | Name : Debian Security Advisory DSA 1719-1 (gnutls13) File : nvt/deb_1719_1.nasl |
2009-01-20 | Name : Gentoo Security Advisory GLSA 200901-10 (gnutls) File : nvt/glsa_200901_10.nasl |
2008-11-19 | Name : FreeBSD Ports: gnutls File : nvt/freebsd_gnutls3.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-315-01 gnutls File : nvt/esoft_slk_ssa_2008_315_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-290-01 gnutls File : nvt/esoft_slk_ssa_2009_290_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
56960 | GnuTLS libgnutls X.509 Certificate Multiple Fields NULL Character Spoofing SS... |
56752 | Network Security Services (NSS) Library X.509 Certificate MD2 Hash Collision ... |
49851 | GnuTLS libgnutls lib/x509/verify.c _gnutls_x509_verify_certificate Function X... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0001_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-08 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0015_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0019_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0007.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0008.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15663.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0982.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1184.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1232.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1584.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0054.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0163.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0166.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1584.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-810-3.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1190.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1207.nasl - Type : ACT_GATHER_INFO |
2012-09-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-10162.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081111_gnutls_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090731_nspr_and_nss_for_SL_4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090731_nspr_and_nss_for_SL_5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090826_gnutls_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090909_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091109_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100119_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100325_gnutls_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100325_openssl_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-06-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-18.nasl - Type : ACT_GATHER_INFO |
2012-01-04 | Name : The remote server is affected by multiple vulnerabilities. File : openssl_0_9_8l.nasl - Type : ACT_GATHER_INFO |
2011-10-12 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-05.nasl - Type : ACT_GATHER_INFO |
2011-04-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1662.nasl - Type : ACT_GATHER_INFO |
2010-12-08 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0019.nasl - Type : ACT_GATHER_INFO |
2010-10-04 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0015.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-239.nasl - Type : ACT_GATHER_INFO |
2010-06-01 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0163.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0166.nasl - Type : ACT_GATHER_INFO |
2010-04-29 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-084.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0166.nasl - Type : ACT_GATHER_INFO |
2010-03-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0163.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1874.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1888.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1935.nasl - Type : ACT_GATHER_INFO |
2010-02-15 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_gnutls-100208.nasl - Type : ACT_GATHER_INFO |
2010-01-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0054.nasl - Type : ACT_GATHER_INFO |
2010-01-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0054.nasl - Type : ACT_GATHER_INFO |
2010-01-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0001.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0982.nasl - Type : ACT_GATHER_INFO |
2009-12-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-308.nasl - Type : ACT_GATHER_INFO |
2009-12-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-310.nasl - Type : ACT_GATHER_INFO |
2009-12-02 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200912-01.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_6_0-openjdk-091125.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_6_0-openjdk-091125.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_java-1_6_0-openjdk-091127.nasl - Type : ACT_GATHER_INFO |
2009-11-23 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO |
2009-11-18 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200911-02.nasl - Type : ACT_GATHER_INFO |
2009-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1584.nasl - Type : ACT_GATHER_INFO |
2009-11-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11486.nasl - Type : ACT_GATHER_INFO |
2009-11-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11489.nasl - Type : ACT_GATHER_INFO |
2009-11-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11490.nasl - Type : ACT_GATHER_INFO |
2009-11-16 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-859-1.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1571.nasl - Type : ACT_GATHER_INFO |
2009-11-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1560.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_2.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-006.nasl - Type : ACT_GATHER_INFO |
2009-10-19 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-290-01.nasl - Type : ACT_GATHER_INFO |
2009-10-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-258.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_gnutls-6471.nasl - Type : ACT_GATHER_INFO |
2009-09-28 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8565.nasl - Type : ACT_GATHER_INFO |
2009-09-28 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8622.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12501.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gnutls-090317.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gnutls-090901.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gnutls-5851.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gnutls-6073.nasl - Type : ACT_GATHER_INFO |
2009-09-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-238.nasl - Type : ACT_GATHER_INFO |
2009-09-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-830-1.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2009-09-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_gnutls-090901.nasl - Type : ACT_GATHER_INFO |
2009-09-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_gnutls-090901.nasl - Type : ACT_GATHER_INFO |
2009-08-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1232.nasl - Type : ACT_GATHER_INFO |
2009-08-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1232.nasl - Type : ACT_GATHER_INFO |
2009-08-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-210.nasl - Type : ACT_GATHER_INFO |
2009-08-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_856a6f848b3011de806200e0815b8da8.nasl - Type : ACT_GATHER_INFO |
2009-08-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-809-1.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-197.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-810-1.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-810-2.nasl - Type : ACT_GATHER_INFO |
2009-07-31 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1184.nasl - Type : ACT_GATHER_INFO |
2009-07-31 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1186.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_gnutls-081204.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_gnutls-090313.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_gnutls-090313.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-227.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-678-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-678-2.nasl - Type : ACT_GATHER_INFO |
2009-04-21 | Name : The remote openSUSE host is missing a security update. File : suse_gnutls-6079.nasl - Type : ACT_GATHER_INFO |
2009-02-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1719.nasl - Type : ACT_GATHER_INFO |
2009-01-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200901-10.nasl - Type : ACT_GATHER_INFO |
2008-12-10 | Name : The remote openSUSE host is missing a security update. File : suse_gnutls-5844.nasl - Type : ACT_GATHER_INFO |
2008-11-17 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_45298931b3bf11dd80f8001cc0377035.nasl - Type : ACT_GATHER_INFO |
2008-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9530.nasl - Type : ACT_GATHER_INFO |
2008-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9600.nasl - Type : ACT_GATHER_INFO |
2008-11-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0982.nasl - Type : ACT_GATHER_INFO |
2008-11-11 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-315-01.nasl - Type : ACT_GATHER_INFO |
2007-02-18 | Name : The remote host is missing Sun Security Patch number 123938-05 File : solaris10_123938.nasl - Type : ACT_GATHER_INFO |
2007-02-18 | Name : The remote host is missing Sun Security Patch number 123939-05 File : solaris10_x86_123939.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:06:08 |
|