Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues |
| Informations | |||
|---|---|---|---|
| Name | VMSA-2009-0014 | First vendor Publication | 2009-10-16 |
| Vendor | VMware | Last vendor Modification | 2009-10-16 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| a. Service Console update for DHCP and third party library update for DHCP client. DHCP is an Internet-standard protocol by which a computer can be connected to a local network, ask to be given configuration information, and receive from a server enough information to configure itself as a member of that network. A stack-based buffer overflow in the script_write_params method in ISC DHCP dhclient allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0692 to this issue. An insecure temporary file use flaw was discovered in the DHCP daemon's init script ("/etc/init.d/dhcpd"). A local attacker could use this flaw to overwrite an arbitrary file with the output of the "dhcpd -t" command via a symbolic link attack, if a system administrator executed the DHCP init script with the "configtest", "restart", or "reload" option. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1893 to this issue. b. Updated Service Console package kernel Service Console package kernel update to version kernel-2.4.21-58.EL. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-4210, CVE-2008-3275, CVE-2008-0598, CVE-2008-2136, CVE-2008-2812, CVE-2007-6063, CVE-2008-3525 to the security issues fixed in kernel-2.4.21-58.EL c. JRE Security Update JRE update to version 1.5.0_18, which addresses multiple security issues that existed in earlier releases of JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_17: CVE-2008-2086, CVE-2008-5347, CVE-2008-5348, CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5352, CVE-2008-5353, CVE-2008-5354, CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, CVE-2008-5359, CVE-2008-5360, CVE-2008-5339, CVE-2008-5342, CVE-2008-5344, CVE-2008-5345, CVE-2008-5346, CVE-2008-5340, CVE-2008-5341, CVE-2008-5343, and CVE-2008-5355. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107. |
Original Source
| Url : http://www.vmware.com/security/advisories/VMSA-2009-0014.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 27 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 15 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 15 % | CWE-200 | Information Exposure |
| 12 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
| 6 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 6 % | CWE-16 | Configuration |
| 3 % | CWE-476 | NULL Pointer Dereference |
| 3 % | CWE-399 | Resource Management Errors |
| 3 % | CWE-287 | Improper Authentication |
| 3 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
| 3 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 3 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10124 | |||
| Oval ID: | oval:org.mitre.oval:def:10124 | ||
| Title: | Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers. | ||
| Description: | Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1095 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10152 | |||
| Oval ID: | oval:org.mitre.oval:def:10152 | ||
| Title: | Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to cause a denial of service (probably resource consumption) for a JAX-WS service endpoint via a connection without any data, which triggers a file descriptor "leak." | ||
| Description: | Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to cause a denial of service (probably resource consumption) for a JAX-WS service endpoint via a connection without any data, which triggers a file descriptor "leak." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1101 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10300 | |||
| Oval ID: | oval:org.mitre.oval:def:10300 | ||
| Title: | Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation." | ||
| Description: | Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1102 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10758 | |||
| Oval ID: | oval:org.mitre.oval:def:10758 | ||
| Title: | Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. | ||
| Description: | Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-0692 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:11064 | |||
| Oval ID: | oval:org.mitre.oval:def:11064 | ||
| Title: | Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data. | ||
| Description: | Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1094 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:11241 | |||
| Oval ID: | oval:org.mitre.oval:def:11241 | ||
| Title: | Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997. | ||
| Description: | Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1097 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:11343 | |||
| Oval ID: | oval:org.mitre.oval:def:11343 | ||
| Title: | LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to cause a denial of service (LDAP service hang). | ||
| Description: | LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to cause a denial of service (LDAP service hang). | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1093 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:11597 | |||
| Oval ID: | oval:org.mitre.oval:def:11597 | ||
| Title: | The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command. | ||
| Description: | The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1893 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12418 | |||
| Oval ID: | oval:org.mitre.oval:def:12418 | ||
| Title: | USN-803-2 -- dhcp3 vulnerability | ||
| Description: | USN-803-1 fixed a vulnerability in Dhcp. Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 8.10 and higher. Even with the patch improperly applied, the default compiler options reduced the vulnerability to a denial of service. Additionally, in Ubuntu 9.04 and higher, users were also protected by the AppArmor dhclient3 profile. This update fixes the problem. Original advisory details: It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service or execute arbitrary code as the user invoking the program, typically the "dhcp" user. For users running Ubuntu 8.10 or 9.04, a remote attacker should only be able to cause a denial of service in the DHCP client. In Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3 profile. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-803-2 CVE-2009-0692 | Version: | 5 |
| Platform(s): | Ubuntu 8.10 Ubuntu 9.10 Ubuntu 9.04 | Product(s): | dhcp3 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13310 | |||
| Oval ID: | oval:org.mitre.oval:def:13310 | ||
| Title: | USN-748-1 -- openjdk-6 vulnerabilities | ||
| Description: | It was discovered that font creation could leak temporary files. If a user were tricked into loading a malicious program or applet, a remote attacker could consume disk space, leading to a denial of service. It was discovered that the lightweight HttpServer did not correctly close files on dataless connections. A remote attacker could send specially crafted requests, leading to a denial of service. Certain 64bit Java actions would crash an application. A local attacker might be able to cause a denial of service. It was discovered that LDAP connections did not close correctly. A remote attacker could send specially crafted requests, leading to a denial of service. Java LDAP routines did not unserialize certain data correctly. A remote attacker could send specially crafted requests that could lead to arbitrary code execution. Java did not correctly check certain JAR headers. If a user or automated system were tricked into processing a malicious JAR file, a remote attacker could crash the application, leading to a denial of service. It was discovered that PNG and GIF decoding in Java could lead to memory corruption. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could crash the application, leading to a denial of service | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-748-1 CVE-2006-2426 CVE-2009-1100 CVE-2009-1101 CVE-2009-1102 CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 | Version: | 5 |
| Platform(s): | Ubuntu 8.10 | Product(s): | openjdk-6 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13408 | |||
| Oval ID: | oval:org.mitre.oval:def:13408 | ||
| Title: | USN-713-1 -- openjdk-6 vulnerabilities | ||
| Description: | It was discovered that Java did not correctly handle untrusted applets. If a user were tricked into running a malicious applet, a remote attacker could gain user privileges, or list directory contents. It was discovered that Kerberos authentication and RSA public key processing were not correctly handled in Java. A remote attacker could exploit these flaws to cause a denial of service. It was discovered that Java accepted UTF-8 encodings that might be handled incorrectly by certain applications. A remote attacker could bypass string filters, possible leading to other exploits. Overflows were discovered in Java JAR processing. If a user or automated system were tricked into processing a malicious JAR file, a remote attacker could crash the application, leading to a denial of service. It was discovered that Java calendar objects were not unserialized safely. If a user or automated system were tricked into processing a specially crafted calendar object, a remote attacker could execute arbitrary code with user privileges. It was discovered that the Java image handling code could lead to memory corruption. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could crash the application, leading to a denial of service. It was discovered that temporary files created by Java had predictable names. If a user or automated system were tricked into processing a specially crafted JAR file, a remote attacker could overwrite sensitive information | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-713-1 CVE-2008-5347 CVE-2008-5350 CVE-2008-5348 CVE-2008-5349 CVE-2008-5351 CVE-2008-5352 CVE-2008-5354 CVE-2008-5353 CVE-2008-5358 CVE-2008-5359 CVE-2008-5360 | Version: | 5 |
| Platform(s): | Ubuntu 8.10 | Product(s): | openjdk-6 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13469 | |||
| Oval ID: | oval:org.mitre.oval:def:13469 | ||
| Title: | DSA-1769-1 openjdk-6 -- several | ||
| Description: | Several vulnerabilities have been identified in OpenJDK, an implementation of the Java SE platform. Creation of large, temporary fonts could use up available disk space, leading to a denial of service condition. Several vulnerabilities existed in the embedded LittleCMS library, exploitable through crafted images: a memory leak, resulting in a denial of service condition, heap-based buffer overflows, potentially allowing arbitrary code execution, and a null-pointer dereference, leading to denial of service. The LDAP server implementation did not properly close sockets if an error was encountered, leading to a denial-of-service condition. The LDAP client implementation allowed malicious LDAP servers to execute arbitrary code on the client. The HTTP server implementation contained an unspecified denial of service vulnerability. Several issues in Java Web Start have been addressed. The Debian packages currently do not support Java Web Start, so these issues are not directly exploitable, but the relevant code has been updated nevertheless. For the stable distribution, these problems have been fixed in version 9.1+lenny2. We recommend that you upgrade your openjdk-6 packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1769-1 CVE-2006-2426 CVE-2009-0581 CVE-2009-0723 CVE-2009-0733 CVE-2009-0793 CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1101 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | openjdk-6 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18465 | |||
| Oval ID: | oval:org.mitre.oval:def:18465 | ||
| Title: | DSA-1630-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities | ||
| Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1630-1 CVE-2007-6282 CVE-2008-0598 CVE-2008-2729 CVE-2008-2812 CVE-2008-2826 CVE-2008-2931 CVE-2008-3272 CVE-2008-3275 | Version: | 9 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | fai-kernels user-mode-linux linux-2.6 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:21833 | |||
| Oval ID: | oval:org.mitre.oval:def:21833 | ||
| Title: | ELSA-2009:0392: java-1.6.0-sun security update (Critical) | ||
| Description: | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a "Swing JLabel HTML parsing vulnerability," aka CR 6782871. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2009:0392-01 CVE-2006-2426 CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1099 CVE-2009-1100 CVE-2009-1101 CVE-2009-1102 CVE-2009-1103 CVE-2009-1104 CVE-2009-1105 CVE-2009-1106 CVE-2009-1107 | Version: | 69 |
| Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-sun |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22708 | |||
| Oval ID: | oval:org.mitre.oval:def:22708 | ||
| Title: | ELSA-2009:0394: java-1.5.0-sun security update (Critical) | ||
| Description: | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a "Swing JLabel HTML parsing vulnerability," aka CR 6782871. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2009:0394-01 CVE-2006-2426 CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1098 CVE-2009-1099 CVE-2009-1100 CVE-2009-1103 CVE-2009-1104 CVE-2009-1107 | Version: | 49 |
| Platform(s): | Oracle Linux 5 | Product(s): | java-1.5.0-sun |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22718 | |||
| Oval ID: | oval:org.mitre.oval:def:22718 | ||
| Title: | ELSA-2009:0377: java-1.6.0-openjdk security update (Important) | ||
| Description: | Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation." | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2009:0377-01 CVE-2006-2426 CVE-2009-0581 CVE-2009-0723 CVE-2009-0733 CVE-2009-0793 CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1101 CVE-2009-1102 | Version: | 57 |
| Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28983 | |||
| Oval ID: | oval:org.mitre.oval:def:28983 | ||
| Title: | RHSA-2008:0612 -- kernel security and bug fix update (Important) | ||
| Description: | Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2008:0612 CESA-2008:0612-CentOS 5 CVE-2008-1294 CVE-2008-2136 CVE-2008-2812 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:29129 | |||
| Oval ID: | oval:org.mitre.oval:def:29129 | ||
| Title: | RHSA-2008:0885 -- kernel security and bug fix update (Important) | ||
| Description: | Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2008:0885 CESA-2008:0885-CentOS 5 CVE-2007-6417 CVE-2007-6716 CVE-2008-2931 CVE-2008-3272 CVE-2008-3275 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:29277 | |||
| Oval ID: | oval:org.mitre.oval:def:29277 | ||
| Title: | RHSA-2009:0377 -- java-1.6.0-openjdk security update (Important) | ||
| Description: | Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE) contains the software and tools that users need to run applications written using the Java programming language. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2009:0377 CESA-2009:0377-CentOS 5 CVE-2006-2426 CVE-2009-0581 CVE-2009-0723 CVE-2009-0733 CVE-2009-0793 CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1101 CVE-2009-1102 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.6.0-openjdk |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:5601 | |||
| Oval ID: | oval:org.mitre.oval:def:5601 | ||
| Title: | Java Web Start Bugs Let Remote Users Read/Write Files, Execute Arbitrary Code, and Establish Network Connections | ||
| Description: | Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka "Java Web Start File Inclusion" and CR 6694892. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-2086 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:5633 | |||
| Oval ID: | oval:org.mitre.oval:def:5633 | ||
| Title: | Sun Java Runtime Environment JAX-WS and JAXB Lets Remote Applets Gain Elevated Privileges | ||
| Description: | Multiple unspecified vulnerabilities in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the (1) JAX-WS and (2) JAXB packages. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5347 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:5664 | |||
| Oval ID: | oval:org.mitre.oval:def:5664 | ||
| Title: | Sun Java Runtime Environment Java Update Fails to Validate Digital Signatures | ||
| Description: | The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not verify the signature of the JRE that is downloaded, which allows remote attackers to execute arbitrary code via DNS man-in-the-middle attacks. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5355 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:5671 | |||
| Oval ID: | oval:org.mitre.oval:def:5671 | ||
| Title: | Linux Kernel SBNI WAN Driver Privilege Check Bugs May Let Local Users Gain Elevated Privileges | ||
| Description: | The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-3525 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:5726 | |||
| Oval ID: | oval:org.mitre.oval:def:5726 | ||
| Title: | Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) | ||
| Description: | Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1099 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:5841 | |||
| Oval ID: | oval:org.mitre.oval:def:5841 | ||
| Title: | Sun Java Runtime Environment image processing code buffer overflow | ||
| Description: | Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the Java AWT library. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5359 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:5843 | |||
| Oval ID: | oval:org.mitre.oval:def:5843 | ||
| Title: | Sun Java Runtime Environment RSA Public Key Processing Bug Lets Remote Users Deny Service | ||
| Description: | Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5349 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:5924 | |||
| Oval ID: | oval:org.mitre.oval:def:5924 | ||
| Title: | Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability | ||
| Description: | Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR" and CR 6707535. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5343 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:5941 | |||
| Oval ID: | oval:org.mitre.oval:def:5941 | ||
| Title: | DHCP dhclient Stack Overflow in script_write_params() Lets Remote Users Execute Arbitrary Code | ||
| Description: | Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-0692 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6008 | |||
| Oval ID: | oval:org.mitre.oval:def:6008 | ||
| Title: | Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) with Processing Image Files and Fonts may Allow Privileges to be Escalated | ||
| Description: | Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1098 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6059 | |||
| Oval ID: | oval:org.mitre.oval:def:6059 | ||
| Title: | Sun Java Runtime Environment (JRE) Lets Remote Users Access 'localhost' | ||
| Description: | Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make unauthorized connections to localhost via unknown vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5345 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6201 | |||
| Oval ID: | oval:org.mitre.oval:def:6201 | ||
| Title: | Linux Kernel copy_user() IA32 Emulation Bug Discloses Information to Local Users | ||
| Description: | Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-0598 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6212 | |||
| Oval ID: | oval:org.mitre.oval:def:6212 | ||
| Title: | Java Runtime Environment UTF-8 Decoding Bug May Let Users Bypass Access Restrictions | ||
| Description: | Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier accepts UTF-8 encodings that are not the "shortest" form, which makes it easier for attackers to bypass protection mechanisms for other applications that rely on shortest-form UTF-8 encodings. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5351 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6224 | |||
| Oval ID: | oval:org.mitre.oval:def:6224 | ||
| Title: | Java Runtime Environment (JRE) Flaws in Storing and Processing Temporary Font Files Let Remote Users Deny Service | ||
| Description: | Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) "limits on Font creation," aka CR 6522586, and (2) another unspecified vector, aka CR 6632886. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1100 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6249 | |||
| Oval ID: | oval:org.mitre.oval:def:6249 | ||
| Title: | Sun Java Web Start and Java Plug-in applet class security bypass | ||
| Description: | Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors related to applet classloading, aka 6716217. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5344 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6288 | |||
| Oval ID: | oval:org.mitre.oval:def:6288 | ||
| Title: | Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and Fonts Lets Remote Users Gain Privileges on the Target System | ||
| Description: | Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1097 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6319 | |||
| Oval ID: | oval:org.mitre.oval:def:6319 | ||
| Title: | Sun Java Runtime Environment GIF images code execution | ||
| Description: | Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5358 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6359 | |||
| Oval ID: | oval:org.mitre.oval:def:6359 | ||
| Title: | Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in | ||
| Description: | Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors, aka 6767668. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5342 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6383 | |||
| Oval ID: | oval:org.mitre.oval:def:6383 | ||
| Title: | Sun Java Runtime Environment Buffer Overflow in unpack200 Utility Lets Remote Users Execute Arbitrary Code | ||
| Description: | Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5352 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6386 | |||
| Oval ID: | oval:org.mitre.oval:def:6386 | ||
| Title: | Linux Kernel 'truncate()' Local Privilege Escalation Vulnerability | ||
| Description: | fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-4210 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6409 | |||
| Oval ID: | oval:org.mitre.oval:def:6409 | ||
| Title: | Multiple Security Vulnerabilities in Java Web Start and Java Plug-in May Allow Privilege Escalation | ||
| Description: | Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka CR 6727079. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5339 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6412 | |||
| Oval ID: | oval:org.mitre.oval:def:6412 | ||
| Title: | Java Runtime Environment (JRE) HTTP Server Bug Lets Remote Users Deny Service | ||
| Description: | Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to cause a denial of service (probably resource consumption) for a JAX-WS service endpoint via a connection without any data, which triggers a file descriptor "leak." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1101 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6424 | |||
| Oval ID: | oval:org.mitre.oval:def:6424 | ||
| Title: | Sun Java Runtime Environment Lets Remote Users View Directory Contents | ||
| Description: | Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applications and applets to list the contents of the operating user's directory via unknown vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5350 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6440 | |||
| Oval ID: | oval:org.mitre.oval:def:6440 | ||
| Title: | Red Hat dhcpd init Script Symlink Flaw Lets Local Users Gain Elevated Privileges | ||
| Description: | The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1893 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6494 | |||
| Oval ID: | oval:org.mitre.oval:def:6494 | ||
| Title: | Sun Java Runtime Environment TrueType font buffer overflow | ||
| Description: | Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5356 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6503 | |||
| Oval ID: | oval:org.mitre.oval:def:6503 | ||
| Title: | Linux Kernel Memory Leak in SIT Code ipip6_rcv() Lets Remote Users Deny Service | ||
| Description: | Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-2136 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6505 | |||
| Oval ID: | oval:org.mitre.oval:def:6505 | ||
| Title: | Sun Java Runtime Environment TrueType font integer overflow | ||
| Description: | Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, which triggers a heap-based buffer overflow. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5357 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6511 | |||
| Oval ID: | oval:org.mitre.oval:def:6511 | ||
| Title: | Sun Java Runtime Environment 'Calendar.readObject' Bug Lets Remote Applets Gain Elevated Privileges | ||
| Description: | The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by "deserializing Calendar objects". | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5353 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6514 | |||
| Oval ID: | oval:org.mitre.oval:def:6514 | ||
| Title: | Linux Kernel ISDN_Net.C Local Buffer Overflow Vulnerability | ||
| Description: | Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2007-6063 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6529 | |||
| Oval ID: | oval:org.mitre.oval:def:6529 | ||
| Title: | Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and Fonts Lets Remote Users Gain Privileges on the Target System | ||
| Description: | Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5341 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6537 | |||
| Oval ID: | oval:org.mitre.oval:def:6537 | ||
| Title: | Sun Java Runtime Environment JAR Main-Class manifest entry buffer overflow | ||
| Description: | Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with a long Main-Class manifest entry. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5354 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6542 | |||
| Oval ID: | oval:org.mitre.oval:def:6542 | ||
| Title: | Java Plug-in Bugs Lets Remote Users Gain Privileges | ||
| Description: | Unspecified vulnerability in the Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "deserializing applets," aka CR 6646860. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1103 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6549 | |||
| Oval ID: | oval:org.mitre.oval:def:6549 | ||
| Title: | Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities | ||
| Description: | Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service (OS resource consumption) via unknown vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5348 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6551 | |||
| Oval ID: | oval:org.mitre.oval:def:6551 | ||
| Title: | Linux Kernel UBIFS Orphan Inode Local Denial of Service Vulnerability | ||
| Description: | The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-3275 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6584 | |||
| Oval ID: | oval:org.mitre.oval:def:6584 | ||
| Title: | Sun Java Runtime Environment Java Plug-in Javascript code unauthorized access | ||
| Description: | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; and 1.4.2_19 and earlier does not prevent Javascript that is loaded from the localhost from connecting to other ports on the system, which allows user-assisted attackers to bypass intended access restrictions via LiveConnect, aka CR 6724331. NOTE: this vulnerability can be leveraged with separate cross-site scripting (XSS) vulnerabilities for remote attack vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1104 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6585 | |||
| Oval ID: | oval:org.mitre.oval:def:6585 | ||
| Title: | Sun Java Runtime Environment Java Plug-in signed applet unauthorized access | ||
| Description: | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a "Swing JLabel HTML parsing vulnerability," aka CR 6782871. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1107 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6596 | |||
| Oval ID: | oval:org.mitre.oval:def:6596 | ||
| Title: | Sun Java Runtime Environment temporary files weak security | ||
| Description: | Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknown vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5360 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6598 | |||
| Oval ID: | oval:org.mitre.oval:def:6598 | ||
| Title: | Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities | ||
| Description: | Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1094 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6619 | |||
| Oval ID: | oval:org.mitre.oval:def:6619 | ||
| Title: | Sun Java Runtime Environment Java Plug-in crossdomain.xml information disclosure | ||
| Description: | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors, aka CR 6798948. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1106 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6627 | |||
| Oval ID: | oval:org.mitre.oval:def:6627 | ||
| Title: | Sun Java Multiple Code Execution and Security Bypass Vulnerabilities | ||
| Description: | Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to gain privileges to access local files or applications via unknown vectors, aka 6727081. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5340 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6629 | |||
| Oval ID: | oval:org.mitre.oval:def:6629 | ||
| Title: | Sun Java Runtime Environment zip File Processing Bug Lets Remote Users Read Memory Locations | ||
| Description: | Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5346 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6633 | |||
| Oval ID: | oval:org.mitre.oval:def:6633 | ||
| Title: | Linux Kernel TTY Operations NULL Pointer Dereference Denial of Service Vulnerabilities | ||
| Description: | The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-2812 | Version: | 1 |
| Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6642 | |||
| Oval ID: | oval:org.mitre.oval:def:6642 | ||
| Title: | Sun Java Runtime Environment Java Plug-in weak security | ||
| Description: | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1105 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6643 | |||
| Oval ID: | oval:org.mitre.oval:def:6643 | ||
| Title: | Java Runtime Environment Buffer Overflows in unpack200 Utility Lets Remote Users Execute Arbitrary Code | ||
| Description: | Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1095 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6659 | |||
| Oval ID: | oval:org.mitre.oval:def:6659 | ||
| Title: | Integer and Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) "unpack200" JAR Unpacking Utility May Lead to Escalation of Privileges | ||
| Description: | Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1096 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6676 | |||
| Oval ID: | oval:org.mitre.oval:def:6676 | ||
| Title: | Java Runtime Environment LDAP Implementation Bugs Lets Remote Users Deny Service and Execute Arbitrary Code | ||
| Description: | LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to cause a denial of service (LDAP service hang). | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1093 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6722 | |||
| Oval ID: | oval:org.mitre.oval:def:6722 | ||
| Title: | Java Runtime Environment (JRE) Virtual Machine Lets Remote Users Read/Write Files and Execute Local Applications | ||
| Description: | Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1102 | Version: | 3 |
| Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:8037 | |||
| Oval ID: | oval:org.mitre.oval:def:8037 | ||
| Title: | DSA-1769 openjdk-6 -- several vulnerabilities | ||
| Description: | Several vulnerabilities have been identified in OpenJDK, an implementation of the Java SE platform. Creation of large, temporary fonts could use up available disk space, leading to a denial of service condition. Several vulnerabilities existed in the embedded LittleCMS library, exploitable through crafted images: a memory leak, resulting in a denial of service condition (CVE-2009-0581), heap-based buffer overflows, potentially allowing arbitrary code execution (CVE-2009-0723, CVE-2009-0733), and a null-pointer dereference, leading to denial of service (CVE-2009-0793). The LDAP server implementation (in com.sun.jdni.ldap) did not properly close sockets if an error was encountered, leading to a denial-of-service condition. The LDAP client implementation (in com.sun.jdni.ldap) allowed malicious LDAP servers to execute arbitrary code on the client. The HTTP server implementation (sun.net.httpserver) contained an unspecified denial of service vulnerability. Several issues in Java Web Start have been addressed. The Debian packages currently do not support Java Web Start, so these issues are not directly exploitable, but the relevant code has been updated | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1769 CVE-2006-2426 CVE-2009-0581 CVE-2009-0723 CVE-2009-0733 CVE-2009-0793 CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1101 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | openjdk-6 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:8844 | |||
| Oval ID: | oval:org.mitre.oval:def:8844 | ||
| Title: | Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers. | ||
| Description: | Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1096 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:9364 | |||
| Oval ID: | oval:org.mitre.oval:def:9364 | ||
| Title: | The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. | ||
| Description: | The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-3525 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:9956 | |||
| Oval ID: | oval:org.mitre.oval:def:9956 | ||
| Title: | Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998. | ||
| Description: | Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1098 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
SAINT Exploits
| Description | Link |
|---|---|
| Java Runtime Environment JAR manifest Main Class buffer overflow | More info here |
ExploitDB Exploits
| id | Description |
|---|---|
| 2011-01-08 | Signed Applet Social Engineering Code Exec |
| 2010-09-20 | Sun Java Calendar Deserialization Exploit |
| 2009-11-10 | ISC DHCP 'dhclient' 'script_write_params()' Stack Buffer Overflow Vulnerability |
| 2008-12-03 | Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserializati... |
| 2009-07-27 | ISC DHCP dhclient < 3.1.2p1 Remote Buffer Overflow PoC |
| 2009-05-20 | Mac OS X Java applet Remote Deserialization Remote PoC (updated) |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-08-09 | Name : CentOS Update for kernel CESA-2009:0001-01 centos2 i386 File : nvt/gb_CESA-2009_0001-01_kernel_centos2_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2009:0014 centos4 i386 File : nvt/gb_CESA-2009_0014_kernel_centos4_i386.nasl |
| 2011-08-09 | Name : CentOS Update for java CESA-2009:0377 centos5 i386 File : nvt/gb_CESA-2009_0377_java_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for dhclient CESA-2009:1154 centos3 i386 File : nvt/gb_CESA-2009_1154_dhclient_centos3_i386.nasl |
| 2010-09-10 | Name : SuSE Update for kernel SUSE-SA:2010:036 File : nvt/gb_suse_2010_036.nasl |
| 2010-06-25 | Name : Fedora Update for dhcp FEDORA-2010-10083 File : nvt/gb_fedora_2010_10083_dhcp_fc11.nasl |
| 2010-05-28 | Name : Java for Mac OS X 10.5 Update 3 File : nvt/macosx_java_for_10_5_upd_3.nasl |
| 2010-05-28 | Name : Java for Mac OS X 10.5 Update 4 File : nvt/macosx_java_for_10_5_upd_4.nasl |
| 2010-05-28 | Name : Java for Mac OS X 10.6 Update 2 File : nvt/macosx_java_for_10_6_upd_2.nasl |
| 2010-01-29 | Name : Ubuntu Update for dhcp3 vulnerability USN-803-2 File : nvt/gb_ubuntu_USN_803_2.nasl |
| 2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:312 (dhcp) File : nvt/mdksa_2009_312.nasl |
| 2009-12-03 | Name : SLES10: Security update for IBM Java 1.4.2 File : nvt/sles10_java-1_4_2-ibm4.nasl |
| 2009-12-03 | Name : SLES11: Security update for IBM Java 1.4.2 File : nvt/sles11_java-1_4_2-ibm1.nasl |
| 2009-12-03 | Name : SLES9: Security update for IBM Java2 and SDK File : nvt/sles9p5063230.nasl |
| 2009-11-17 | Name : Fedora Core 11 FEDORA-2009-9075 (dhcp) File : nvt/fcore_2009_9075.nasl |
| 2009-10-27 | Name : SuSE Security Summary SUSE-SR:2009:017 File : nvt/suse_sr_2009_017.nasl |
| 2009-10-19 | Name : RedHat Security Advisory RHSA-2009:1505 File : nvt/RHSA_2009_1505.nasl |
| 2009-10-19 | Name : SuSE Security Summary SUSE-SR:2009:016 File : nvt/suse_sr_2009_016.nasl |
| 2009-10-13 | Name : SLES10: Security update for dhclient File : nvt/sles10_dhcp.nasl |
| 2009-10-13 | Name : SLES10: Security update for IBM Java 1.4.2 File : nvt/sles10_java-1_4_2-ibm.nasl |
| 2009-10-13 | Name : SLES10: Security update for IBM Java 1.4.2 File : nvt/sles10_java-1_4_2-ibm0.nasl |
| 2009-10-13 | Name : SLES10: Security update for Sun Java 1.4.2 File : nvt/sles10_java-1_4_2-sun.nasl |
| 2009-10-13 | Name : SLES10: Security update for IBM Java 5 File : nvt/sles10_java-1_5_0-ibm1.nasl |
| 2009-10-13 | Name : SLES10: Security update for IBM Java 1.5.0 File : nvt/sles10_java-1_5_0-ibm2.nasl |
| 2009-10-13 | Name : SLES10: Security update for Linux kernel File : nvt/sles10_kernel0.nasl |
| 2009-10-13 | Name : SLES10: Security update for Linux kernel File : nvt/sles10_kernel3.nasl |
| 2009-10-13 | Name : SLES10: Security update for Linux kernel File : nvt/sles10_kernel6.nasl |
| 2009-10-13 | Name : SLES10: Security update for Linux Kernel (x86) File : nvt/sles10_kernel7.nasl |
| 2009-10-11 | Name : SLES11: Security update for dhcp-client File : nvt/sles11_dhcp-client.nasl |
| 2009-10-11 | Name : SLES11: Security update for IBM Java 1.4.2 File : nvt/sles11_java-1_4_2-ibm.nasl |
| 2009-10-11 | Name : SLES11: Security update for IBM Java 1.4.2 File : nvt/sles11_java-1_4_2-ibm0.nasl |
| 2009-10-11 | Name : SLES11: Security update for IBM Java 1.6.0 File : nvt/sles11_java-1_6_0-ibm.nasl |
| 2009-10-11 | Name : SLES11: Security update for IBM Java 1.6.0 File : nvt/sles11_java-1_6_0-ibm0.nasl |
| 2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5036146.nasl |
| 2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5039274.nasl |
| 2009-10-10 | Name : SLES9: Security update for Sun Java File : nvt/sles9p5040565.nasl |
| 2009-10-10 | Name : SLES9: Security update for IBM Java5 JRE and SDK File : nvt/sles9p5041763.nasl |
| 2009-10-10 | Name : SLES9: Security update for IBM Java2 JRE and SDK File : nvt/sles9p5046860.nasl |
| 2009-10-10 | Name : SLES9: Security update for IBM Java 5 JRE and IBM Java 5 SDK File : nvt/sles9p5050060.nasl |
| 2009-10-10 | Name : SLES9: Security update for dhcp-client File : nvt/sles9p5053652.nasl |
| 2009-10-10 | Name : SLES9: Security update for IBM Java2 JRE and SDK File : nvt/sles9p5059500.nasl |
| 2009-09-02 | Name : Debian Security Advisory DSA 1833-2 (dhcp3) File : nvt/deb_1833_2.nasl |
| 2009-09-02 | Name : Fedora Core 10 FEDORA-2009-8344 (dhcp) File : nvt/fcore_2009_8344.nasl |
| 2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1198 File : nvt/RHSA_2009_1198.nasl |
| 2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:162 (java-1.6.0-openjdk) File : nvt/mdksa_2009_162.nasl |
| 2009-07-29 | Name : RedHat Security Advisory RHSA-2009:1136 File : nvt/RHSA_2009_1136.nasl |
| 2009-07-29 | Name : RedHat Security Advisory RHSA-2009:1154 File : nvt/RHSA_2009_1154.nasl |
| 2009-07-29 | Name : Debian Security Advisory DSA 1833-1 (dhcp3) File : nvt/deb_1833_1.nasl |
| 2009-07-29 | Name : FreeBSD Ports: isc-dhcp31-client File : nvt/freebsd_isc-dhcp31-client.nasl |
| 2009-07-29 | Name : Gentoo Security Advisory GLSA 200907-12 (dhcp) File : nvt/glsa_200907_12.nasl |
| 2009-07-29 | Name : Mandrake Security Advisory MDVSA-2009:151 (dhcp) File : nvt/mdksa_2009_151.nasl |
| 2009-07-29 | Name : CentOS Security Advisory CESA-2009:1154 (dhcp) File : nvt/ovcesa2009_1154.nasl |
| 2009-07-29 | Name : SuSE Security Advisory SUSE-SA:2009:037 (dhcp-client) File : nvt/suse_sa_2009_037.nasl |
| 2009-07-29 | Name : Ubuntu USN-803-1 (dhcp3) File : nvt/ubuntu_803_1.nasl |
| 2009-07-23 | Name : ISC DHCP Client Buffer Overflow Vulnerability File : nvt/secpod_isc_dhcp_client_bof_vuln.nasl |
| 2009-06-30 | Name : Fedora Core 9 FEDORA-2009-6846 (kernel) File : nvt/fcore_2009_6846.nasl |
| 2009-06-23 | Name : Mandrake Security Advisory MDVSA-2009:137 (java-1.6.0-openjdk) File : nvt/mdksa_2009_137.nasl |
| 2009-06-15 | Name : SuSE Security Summary SUSE-SR:2009:011 File : nvt/suse_sr_2009_011.nasl |
| 2009-06-05 | Name : Fedora Core 9 FEDORA-2009-5383 (kernel) File : nvt/fcore_2009_5383.nasl |
| 2009-06-05 | Name : Ubuntu USN-743-1 (gs-gpl) File : nvt/ubuntu_743_1.nasl |
| 2009-06-05 | Name : Ubuntu USN-744-1 (lcms) File : nvt/ubuntu_744_1.nasl |
| 2009-06-01 | Name : HP-UX Update for Java HPSBUX02429 File : nvt/gb_hp_ux_HPSBUX02429.nasl |
| 2009-05-20 | Name : RedHat Security Advisory RHSA-2009:1038 File : nvt/RHSA_2009_1038.nasl |
| 2009-05-20 | Name : SuSE Security Summary SUSE-SR:2009:010 File : nvt/suse_sr_2009_010.nasl |
| 2009-05-05 | Name : HP-UX Update for Java HPSBUX02411 File : nvt/gb_hp_ux_HPSBUX02411.nasl |
| 2009-04-28 | Name : RedHat Security Advisory RHSA-2009:0445 File : nvt/RHSA_2009_0445.nasl |
| 2009-04-23 | Name : Sun Java JRE Multiple Vulnerabilities (Linux) File : nvt/gb_sun_java_jre_dos_vuln_lin.nasl |
| 2009-04-23 | Name : Sun Java JDK/JRE Multiple Vulnerabilities (Win) File : nvt/gb_sun_java_jre_dos_vuln_win.nasl |
| 2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0377 File : nvt/RHSA_2009_0377.nasl |
| 2009-04-15 | Name : Debian Security Advisory DSA 1769-1 (openjdk-6) File : nvt/deb_1769_1.nasl |
| 2009-04-15 | Name : CentOS Security Advisory CESA-2009:0377 (java-1.6.0-openjdk) File : nvt/ovcesa2009_0377.nasl |
| 2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:112 (kernel) File : nvt/gb_mandriva_MDVSA_2008_112.nasl |
| 2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:167 (kernel) File : nvt/gb_mandriva_MDVSA_2008_167.nasl |
| 2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:223 (kernel) File : nvt/gb_mandriva_MDVSA_2008_223.nasl |
| 2009-04-06 | Name : SuSE Security Advisory SUSE-SA:2009:016 (Sun Java 5 and 6) File : nvt/suse_sa_2009_016.nasl |
| 2009-04-06 | Name : Ubuntu USN-746-1 (xine-lib) File : nvt/ubuntu_746_1.nasl |
| 2009-04-06 | Name : Ubuntu USN-747-1 (icu) File : nvt/ubuntu_747_1.nasl |
| 2009-04-06 | Name : Ubuntu USN-748-1 (openjdk-6) File : nvt/ubuntu_748_1.nasl |
| 2009-03-31 | Name : RedHat Security Advisory RHSA-2009:0369 File : nvt/RHSA_2009_0369.nasl |
| 2009-03-31 | Name : RedHat Security Advisory RHSA-2009:0392 File : nvt/RHSA_2009_0392.nasl |
| 2009-03-31 | Name : RedHat Security Advisory RHSA-2009:0394 File : nvt/RHSA_2009_0394.nasl |
| 2009-03-23 | Name : Ubuntu Update for linux-source-2.6.17/20/22 vulnerabilities USN-574-1 File : nvt/gb_ubuntu_USN_574_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-578-1 File : nvt/gb_ubuntu_USN_578_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-625-1 File : nvt/gb_ubuntu_USN_625_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-637-1 File : nvt/gb_ubuntu_USN_637_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-659-1 File : nvt/gb_ubuntu_USN_659_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-679-1 File : nvt/gb_ubuntu_USN_679_1.nasl |
| 2009-03-13 | Name : SuSE Security Summary SUSE-SR:2009:006 File : nvt/suse_sr_2009_006.nasl |
| 2009-03-13 | Name : Ubuntu USN-731-1 (apache2) File : nvt/ubuntu_731_1.nasl |
| 2009-03-13 | Name : Ubuntu USN-732-1 (dash) File : nvt/ubuntu_732_1.nasl |
| 2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0055-01 File : nvt/gb_RHSA-2008_0055-01_kernel.nasl |
| 2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0154-01 File : nvt/gb_RHSA-2008_0154-01_kernel.nasl |
| 2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0508-01 File : nvt/gb_RHSA-2008_0508-01_kernel.nasl |
| 2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0519-01 File : nvt/gb_RHSA-2008_0519-01_kernel.nasl |
| 2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0607-01 File : nvt/gb_RHSA-2008_0607-01_kernel.nasl |
| 2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0612-01 File : nvt/gb_RHSA-2008_0612-01_kernel.nasl |
| 2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0885-01 File : nvt/gb_RHSA-2008_0885-01_kernel.nasl |
| 2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0957-02 File : nvt/gb_RHSA-2008_0957-02_kernel.nasl |
| 2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0972-01 File : nvt/gb_RHSA-2008_0972-01_kernel.nasl |
| 2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0973-03 File : nvt/gb_RHSA-2008_0973-03_kernel.nasl |
| 2009-02-27 | Name : CentOS Update for kernel CESA-2008:0055 centos4 i386 File : nvt/gb_CESA-2008_0055_kernel_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for kernel CESA-2008:0055 centos4 x86_64 File : nvt/gb_CESA-2008_0055_kernel_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for kernel CESA-2008:0508 centos4 i386 File : nvt/gb_CESA-2008_0508_kernel_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for kernel CESA-2008:0508 centos4 x86_64 File : nvt/gb_CESA-2008_0508_kernel_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for kernel CESA-2008:0972 centos4 i386 File : nvt/gb_CESA-2008_0972_kernel_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for kernel CESA-2008:0972 centos4 x86_64 File : nvt/gb_CESA-2008_0972_kernel_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for kernel CESA-2008:0973 centos3 i386 File : nvt/gb_CESA-2008_0973_kernel_centos3_i386.nasl |
| 2009-02-27 | Name : CentOS Update for kernel CESA-2008:0973 centos3 x86_64 File : nvt/gb_CESA-2008_0973_kernel_centos3_x86_64.nasl |
| 2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-3949 File : nvt/gb_fedora_2008_3949_kernel_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-8929 File : nvt/gb_fedora_2008_8929_kernel_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-8980 File : nvt/gb_fedora_2008_8980_kernel_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2008-10860 File : nvt/gb_fedora_2008_10860_java-1.6.0-openjdk_fc9.nasl |
| 2009-02-16 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2008-10913 File : nvt/gb_fedora_2008_10913_java-1.6.0-openjdk_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for kernel FEDORA-2008-11618 File : nvt/gb_fedora_2008_11618_kernel_fc9.nasl |
| 2009-02-10 | Name : CentOS Security Advisory CESA-2009:0001-01 (kernel) File : nvt/ovcesa2009_0001_01.nasl |
| 2009-02-02 | Name : Fedora Core 9 FEDORA-2009-0816 (kernel) File : nvt/fcore_2009_0816.nasl |
| 2009-02-02 | Name : Ubuntu USN-710-1 (xine-lib) File : nvt/ubuntu_710_1.nasl |
| 2009-02-02 | Name : Ubuntu USN-711-1 (ktorrent) File : nvt/ubuntu_711_1.nasl |
| 2009-02-02 | Name : Ubuntu USN-712-1 (vim) File : nvt/ubuntu_712_1.nasl |
| 2009-02-02 | Name : Ubuntu USN-713-1 (openjdk-6) File : nvt/ubuntu_713_1.nasl |
| 2009-01-28 | Name : SuSE Update for kernel SUSE-SA:2007:064 File : nvt/gb_suse_2007_064.nasl |
| 2009-01-26 | Name : RedHat Security Advisory RHSA-2009:0009 File : nvt/RHSA_2009_0009.nasl |
| 2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:030 File : nvt/gb_suse_2008_030.nasl |
| 2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:032 File : nvt/gb_suse_2008_032.nasl |
| 2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:037 File : nvt/gb_suse_2008_037.nasl |
| 2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:044 File : nvt/gb_suse_2008_044.nasl |
| 2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:047 File : nvt/gb_suse_2008_047.nasl |
| 2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:048 File : nvt/gb_suse_2008_048.nasl |
| 2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:051 File : nvt/gb_suse_2008_051.nasl |
| 2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:052 File : nvt/gb_suse_2008_052.nasl |
| 2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:053 File : nvt/gb_suse_2008_053.nasl |
| 2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:056 File : nvt/gb_suse_2008_056.nasl |
| 2009-01-20 | Name : RedHat Security Advisory RHSA-2009:0014 File : nvt/RHSA_2009_0014.nasl |
| 2009-01-20 | Name : RedHat Security Advisory RHSA-2009:0015 File : nvt/RHSA_2009_0015.nasl |
| 2009-01-20 | Name : RedHat Security Advisory RHSA-2009:0016 File : nvt/RHSA_2009_0016.nasl |
| 2009-01-20 | Name : CentOS Security Advisory CESA-2009:0014 (kernel) File : nvt/ovcesa2009_0014.nasl |
| 2009-01-13 | Name : RedHat Security Advisory RHSA-2009:0001 File : nvt/RHSA_2009_0001.nasl |
| 2009-01-13 | Name : SuSE Security Advisory SUSE-SA:2009:001 (Sun Java) File : nvt/suse_sa_2009_001.nasl |
| 2009-01-07 | Name : RedHat Security Advisory RHSA-2008:0787 File : nvt/RHSA_2008_0787.nasl |
| 2008-11-01 | Name : Debian Security Advisory DSA 1653-1 (linux-2.6) File : nvt/deb_1653_1.nasl |
| 2008-11-01 | Name : Debian Security Advisory DSA 1655-1 (linux-2.6.24) File : nvt/deb_1655_1.nasl |
| 2008-09-17 | Name : Debian Security Advisory DSA 1636-1 (linux-2.6.24) File : nvt/deb_1636_1.nasl |
| 2008-09-04 | Name : Debian Security Advisory DSA 1630-1 (linux-2.6) File : nvt/deb_1630_1.nasl |
| 2008-06-11 | Name : Debian Security Advisory DSA 1588-1 (linux-2.6) File : nvt/deb_1588_1.nasl |
| 2008-06-11 | Name : Debian Security Advisory DSA 1588-2 (linux-2.6) File : nvt/deb_1588_2.nasl |
| 2008-03-11 | Name : Debian Security Advisory DSA 1503-2 (kernel-source-2.4.27 (2.4.27-10sarge7)) File : nvt/deb_1503_2.nasl |
| 2008-02-28 | Name : Debian Security Advisory DSA 1503-1 (kernel-source-2.4.27 (2.4.27-10sarge6)) File : nvt/deb_1503_1.nasl |
| 2008-02-28 | Name : Debian Security Advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1)) File : nvt/deb_1504_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 1436-1 (linux-2.6) File : nvt/deb_1436_1.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2009-195-01 dhcp File : nvt/esoft_slk_ssa_2009_195_01.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 56464 | Red Hat Linux DHCP dhcpd configtest Function Symlink Arbitrary File Overwrite |
| 55819 | ISC DHCP client/dhclient.c script_write_params() Function Remote Overflow |
| 53178 | Sun Java JDK / JRE Java Plug-in Swing JLabel HTML Parsing Signed Applet Trust... |
| 53177 | Sun Java JDK / JRE Java Plug-in crossdomain.xml Parsing Restriction Bypass |
| 53176 | Sun Java JDK / JRE Java Plug-in Applet Execution Version Regression Weakness |
| 53175 | Sun Java JDK / JRE Java Plug-in LiveConnect Localhost Restriction Bypass |
| 53174 | Sun Java JDK / JRE Java Plug-in Deserializing Applets Unspecified Remote Priv... |
| 53173 | Sun Java JDK / JRE Virtual Machine Code Generation Unspecified Remote Privile... |
| 53172 | Sun Java JDK / JRE Lightweight HTTP Server Implementation JAX-WS Service Endp... |
| 53171 | Sun Java JDK / JRE Temporary Font File Unspecified Disk Consumption DoS (6632... |
| 53170 | Sun Java JDK / JRE Temporary Font File Creation Limit Unspecified Disk Consum... |
| 53169 | Sun Java JDK / JRE Type1 Font Glyph Description Handling Overflow |
| 53168 | Sun Java JDK / JRE GIF Image Handling Overflows |
| 53167 | Sun Java JDK / JRE Splash Screen PNG Image Handling Overflow |
| 53166 | Sun Java JDK / JRE unpack200 JAR File Pack200 Header Handling Multiple Overflows |
| 53165 | Sun Java JDK / JRE LDAP Implementation Serialized Data Unspecified Arbitrary ... |
| 53164 | Sun Java JDK / JRE LDAP Service LdapCtx Connection Persistence Remote DoS |
| 50517 | Sun Java JDK / JRE TrueType Font Processing Integer Overflow |
| 50516 | Sun Java JDK / JRE TrueType Font Processing Heap Overflow |
| 50515 | Sun Java JDK / JRE GIF Image Decoding Memory Corruption |
| 50514 | Sun Java JDK / JRE Java Web Start BasicService Arbitrary File Access |
| 50513 | Sun Java JDK / JRE Applet Classloading Privilege Escalation |
| 50512 | Sun Java JDK / JRE Jave Web Start / Plug-in HTTP Session Hijacking |
| 50511 | Sun Java JDK / JRE Java Web Start SingleInstanceImpl Class SI_FILEDIR Propert... |
| 50510 | Sun Java JDK / JRE Java Web Start (JWS) JNLP File System Properties Override ... |
| 50509 | Sun Java JDK / JRE Java Web Start Application file: Protocol Arbitrary File A... |
| 50508 | Sun Java JRE LocalHost Network Access Restriction Bypass |
| 50507 | Sun Java JDK / JRE ZIP File Parsing Arbitrary Memory Disclosure |
| 50506 | Sun Java JDK / JRE JAX-WS / JAXB Packages Internal Classes Applet Privilege E... |
| 50505 | Sun Java JDK / JRE Kerberos Authentication Unspecified Remote DoS |
| 50504 | Sun Java JDK / JRE RSA Public Key Processing Resource Consumption DoS |
| 50503 | Sun Java JDK / JRE Untrusted Applet User Home Directory Content Listing |
| 50502 | Sun Java JDK / JRE UTF-8 Decoder Non-shortest Form Sequence Handling Weakness |
| 50501 | Sun Java JDK / JRE Unpack200 JAR Utility Privilege Escalation |
| 50500 | Sun Java JDK / JRE Deserializing Calendar Object Privilege Escalation A security vulnerability in the Java Runtime Environment (JRE) related to deserializing calendar objects may allow an untrusted applet or application to escalate privileges. For example, an untrusted applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. |
| 50499 | Sun Java JDK / JRE Command Line Application Overflow |
| 50498 | Sun Java JDK / JRE Java Update Mechanism Digital Signature Verification Weakness |
| 50497 | Sun Java JDK / JRE Java Web Start Application JNLP File Handling Socket Restr... |
| 50496 | Sun Java JDK / JRE Java AWT Library ConvolveOp Operation Image Handling Overflow |
| 50495 | Sun Java JDK / JRE Environment Temporary File Name Prediction Weakness |
| 49081 | Linux Kernel fs/open.c (f)truncate Function Local Privilege Escalation |
| 48781 | Linux Kernel Bit Emulation Crafted Binary Unspecified Local Memory Disclosure |
| 48432 | Linux Kernel wan Subsystem drivers/net/wan/sbni.c sbni_ioctl Function Local C... |
| 47788 | Linux Kernel VFS fs/namei.c Multiple Function Local DoS |
| 46926 | Linux Kernel drivers/net/wireless/strip.c TTY Operations Function Pointers NU... |
| 46925 | Linux Kernel drivers/net/wan/x25_asy.c TTY Operations Function Pointers NULL ... |
| 46924 | Linux Kernel drivers/net/slip.c TTY Operations Function Pointers NULL Derefer... |
| 46923 | Linux Kernel drivers/net/ppp_synctty.c TTY Operations Function Pointers NULL ... |
| 46922 | Linux Kernel drivers/net/ppp_async.c TTY Operations Function Pointers NULL De... |
| 46921 | Linux Kernel drivers/net/irda/irtty-sir.c TTY Operations Function Pointers NU... |
| 46920 | Linux Kernel drivers/net/hamradio/mkiss.c TTY Operations Function Pointers NU... |
| 46918 | Linux Kernel drivers/net/hamradio/6pack.c TTY Operations Function Pointers NU... |
| 45421 | Linux Kernel net/ipv6/sit.c ipip6_rcv function Simple Internet Transition Tun... |
| 39240 | Linux Kernel isdn_net.c isdn_net_setcfg() Function Local Overflow |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2009-10-22 | IAVM : 2009-A-0105 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0021867 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | IPv6 packets encapsulated in IPv4 RuleID : 8446 - Revision : 8 - Type : POLICY-OTHER |
| 2014-01-10 | Multiple Operating Systems invalid DHCP option attempt RuleID : 7196 - Revision : 13 - Type : OS-OTHER |
| 2017-08-01 | multiple products PNG processing buffer overflow attempt RuleID : 43399 - Revision : 2 - Type : FILE-IMAGE |
| 2014-01-10 | (ipv6)IPV6tunneledoverIPv4,IPv6headertruncated,possibleLinuxkernelattack RuleID : 291 - Revision : 2 - Type : |
| 2014-01-10 | Phoenix exploit kit post-compromise behavior RuleID : 21860 - Revision : 5 - Type : MALWARE-CNC |
| 2014-01-10 | Phoenix exploit kit landing page RuleID : 21640 - Revision : 6 - Type : EXPLOIT-KIT |
| 2014-01-10 | Oracle Java GIF LZW minimum code size overflow attempt RuleID : 20239 - Revision : 6 - Type : FILE-JAVA |
| 2014-01-10 | Oracle Java calendar deserialize vulnerability RuleID : 20238 - Revision : 5 - Type : SERVER-OTHER |
| 2014-01-10 | Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt RuleID : 17624 - Revision : 10 - Type : FILE-JAVA |
| 2014-01-10 | Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt RuleID : 17623 - Revision : 16 - Type : FILE-JAVA |
| 2014-01-10 | Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow RuleID : 17563 - Revision : 12 - Type : FILE-JAVA |
| 2014-01-10 | Oracle Java Runtime Environment Pack200 Decompression Integer Overflow attempt RuleID : 17562 - Revision : 13 - Type : FILE-JAVA |
| 2014-01-10 | Oracle Java Runtime Environment Pack200 Decompression Integer Overflow RuleID : 17522 - Revision : 12 - Type : FILE-JAVA |
| 2014-01-10 | Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt RuleID : 17395 - Revision : 14 - Type : FILE-IMAGE |
| 2014-01-10 | multiple products PNG processing buffer overflow attempt RuleID : 16716 - Revision : 17 - Type : FILE-IMAGE |
| 2014-01-10 | dhclient subnet mask option buffer overflow attempt RuleID : 15700 - Revision : 3 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0002_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0014_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2005.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2006.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0055.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0154.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0508.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0519.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0607.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0612.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0957.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0377.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1136.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1154.nasl - Type : ACT_GATHER_INFO |
| 2013-02-22 | Name : The remote Unix host contains a runtime environment that is affected by multi... File : sun_java_jre_244986_unix.nasl - Type : ACT_GATHER_INFO |
| 2013-02-22 | Name : The remote Unix host contains a runtime environment that is affected by multi... File : sun_java_jre_254569_unix.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080131_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080305_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080625_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080625_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080723_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080804_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080924_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081104_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081119_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081216_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090114_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090117_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090326_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090714_dhcp_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4745.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5239.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5370.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5477.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5608.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5667.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5735.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7063.nasl - Type : ACT_GATHER_INFO |
| 2011-04-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1662.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-6523.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-6647.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7059.nasl - Type : ACT_GATHER_INFO |
| 2010-08-27 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12636.nasl - Type : ACT_GATHER_INFO |
| 2010-05-19 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update2.nasl - Type : ACT_GATHER_INFO |
| 2010-03-31 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0002.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1833.nasl - Type : ACT_GATHER_INFO |
| 2010-01-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-803-2.nasl - Type : ACT_GATHER_INFO |
| 2010-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0043.nasl - Type : ACT_GATHER_INFO |
| 2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0466.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0154.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0519.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0607.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0612.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0957.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0377.nasl - Type : ACT_GATHER_INFO |
| 2009-12-14 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_40374.nasl - Type : ACT_GATHER_INFO |
| 2009-12-14 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_40375.nasl - Type : ACT_GATHER_INFO |
| 2009-12-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-312.nasl - Type : ACT_GATHER_INFO |
| 2009-11-30 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12531.nasl - Type : ACT_GATHER_INFO |
| 2009-11-30 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-091106.nasl - Type : ACT_GATHER_INFO |
| 2009-11-30 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-6648.nasl - Type : ACT_GATHER_INFO |
| 2009-11-23 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO |
| 2009-11-18 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200911-02.nasl - Type : ACT_GATHER_INFO |
| 2009-11-11 | Name : The remote Fedora host is missing a security update. File : fedora_2009-9075.nasl - Type : ACT_GATHER_INFO |
| 2009-10-19 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
| 2009-10-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1505.nasl - Type : ACT_GATHER_INFO |
| 2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_dhcp-6336.nasl - Type : ACT_GATHER_INFO |
| 2009-10-02 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-6508.nasl - Type : ACT_GATHER_INFO |
| 2009-10-01 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12511.nasl - Type : ACT_GATHER_INFO |
| 2009-10-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-090924.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12321.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12336.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12387.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12422.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12447.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_dhcp-client-090626.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-090405.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-090405.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-090629.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-sun-090327.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_dhcp-6335.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-sun-5852.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-5960.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-6253.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5235.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5473.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5668.nasl - Type : ACT_GATHER_INFO |
| 2009-08-26 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8344.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-1018.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-1025.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0015.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0016.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0369.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0392.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0394.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0445.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1038.nasl - Type : ACT_GATHER_INFO |
| 2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1198.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_dhcp-090626.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_5_0-sun-081217.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_5_0-sun-090327.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_6_0-sun-081217.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_6_0-sun-090327.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-080721.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-080822.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-081022.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_dhcp-090626.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_5_0-sun-081217.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_5_0-sun-090328.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_6_0-openjdk-090303.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_6_0-sun-081217.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_6_0-sun-090328.nasl - Type : ACT_GATHER_INFO |
| 2009-07-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1154.nasl - Type : ACT_GATHER_INFO |
| 2009-07-16 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c444c8b7716911de9ab7000c29a67389.nasl - Type : ACT_GATHER_INFO |
| 2009-07-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-151.nasl - Type : ACT_GATHER_INFO |
| 2009-07-15 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-195-01.nasl - Type : ACT_GATHER_INFO |
| 2009-07-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200907-12.nasl - Type : ACT_GATHER_INFO |
| 2009-07-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1136.nasl - Type : ACT_GATHER_INFO |
| 2009-07-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1154.nasl - Type : ACT_GATHER_INFO |
| 2009-07-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-803-1.nasl - Type : ACT_GATHER_INFO |
| 2009-07-09 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_rel9.nasl - Type : ACT_GATHER_INFO |
| 2009-06-21 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-137.nasl - Type : ACT_GATHER_INFO |
| 2009-06-17 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_5_update4.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2008-10913.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-112.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-167.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-223.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-659-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-679-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-713-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-748-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1769.nasl - Type : ACT_GATHER_INFO |
| 2009-04-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0377.nasl - Type : ACT_GATHER_INFO |
| 2009-04-01 | Name : The remote openSUSE host is missing a security update. File : suse_java-1_5_0-sun-6125.nasl - Type : ACT_GATHER_INFO |
| 2009-04-01 | Name : The remote openSUSE host is missing a security update. File : suse_java-1_6_0-sun-6128.nasl - Type : ACT_GATHER_INFO |
| 2009-03-27 | Name : The remote Windows host contains a runtime environment that is affected by mu... File : sun_java_jre_254569.nasl - Type : ACT_GATHER_INFO |
| 2009-02-13 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_5_update3.nasl - Type : ACT_GATHER_INFO |
| 2009-02-13 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_rel8.nasl - Type : ACT_GATHER_INFO |
| 2009-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
| 2009-01-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0001.nasl - Type : ACT_GATHER_INFO |
| 2009-01-07 | Name : The remote openSUSE host is missing a security update. File : suse_java-1_5_0-sun-5875.nasl - Type : ACT_GATHER_INFO |
| 2009-01-07 | Name : The remote openSUSE host is missing a security update. File : suse_java-1_6_0-sun-5876.nasl - Type : ACT_GATHER_INFO |
| 2008-12-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
| 2008-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
| 2008-12-08 | Name : The remote Fedora host is missing a security update. File : fedora_2008-10860.nasl - Type : ACT_GATHER_INFO |
| 2008-12-04 | Name : The remote Windows host contains a runtime environment that is affected by mu... File : sun_java_jre_244986.nasl - Type : ACT_GATHER_INFO |
| 2008-12-03 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5734.nasl - Type : ACT_GATHER_INFO |
| 2008-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
| 2008-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5751.nasl - Type : ACT_GATHER_INFO |
| 2008-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0957.nasl - Type : ACT_GATHER_INFO |
| 2008-10-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8929.nasl - Type : ACT_GATHER_INFO |
| 2008-10-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8980.nasl - Type : ACT_GATHER_INFO |
| 2008-10-21 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5700.nasl - Type : ACT_GATHER_INFO |
| 2008-10-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1655.nasl - Type : ACT_GATHER_INFO |
| 2008-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1653.nasl - Type : ACT_GATHER_INFO |
| 2008-10-02 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5566.nasl - Type : ACT_GATHER_INFO |
| 2008-09-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
| 2008-09-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1636.nasl - Type : ACT_GATHER_INFO |
| 2008-08-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-637-1.nasl - Type : ACT_GATHER_INFO |
| 2008-08-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1630.nasl - Type : ACT_GATHER_INFO |
| 2008-08-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0612.nasl - Type : ACT_GATHER_INFO |
| 2008-07-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0665.nasl - Type : ACT_GATHER_INFO |
| 2008-07-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0607.nasl - Type : ACT_GATHER_INFO |
| 2008-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-625-1.nasl - Type : ACT_GATHER_INFO |
| 2008-07-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5375.nasl - Type : ACT_GATHER_INFO |
| 2008-07-02 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0508.nasl - Type : ACT_GATHER_INFO |
| 2008-07-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0508.nasl - Type : ACT_GATHER_INFO |
| 2008-07-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0519.nasl - Type : ACT_GATHER_INFO |
| 2008-06-24 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5336.nasl - Type : ACT_GATHER_INFO |
| 2008-06-24 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5339.nasl - Type : ACT_GATHER_INFO |
| 2008-05-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1588.nasl - Type : ACT_GATHER_INFO |
| 2008-05-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3949.nasl - Type : ACT_GATHER_INFO |
| 2008-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0154.nasl - Type : ACT_GATHER_INFO |
| 2008-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1503.nasl - Type : ACT_GATHER_INFO |
| 2008-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1504.nasl - Type : ACT_GATHER_INFO |
| 2008-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-578-1.nasl - Type : ACT_GATHER_INFO |
| 2008-02-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0055.nasl - Type : ACT_GATHER_INFO |
| 2008-02-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-574-1.nasl - Type : ACT_GATHER_INFO |
| 2008-02-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0055.nasl - Type : ACT_GATHER_INFO |
| 2008-02-01 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4929.nasl - Type : ACT_GATHER_INFO |
| 2008-01-08 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4752.nasl - Type : ACT_GATHER_INFO |
| 2007-12-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1436.nasl - Type : ACT_GATHER_INFO |
| 2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4741.nasl - Type : ACT_GATHER_INFO |
| 2007-10-12 | Name : The remote host is missing Sun Security Patch number 125137-97 File : solaris10_125137.nasl - Type : ACT_GATHER_INFO |
| 2007-10-12 | Name : The remote host is missing Sun Security Patch number 125139-97 File : solaris10_x86_125139.nasl - Type : ACT_GATHER_INFO |
| 2007-10-12 | Name : The remote host is missing Sun Security Patch number 125137-97 File : solaris8_125137.nasl - Type : ACT_GATHER_INFO |
| 2007-10-12 | Name : The remote host is missing Sun Security Patch number 125139-97 File : solaris8_x86_125139.nasl - Type : ACT_GATHER_INFO |
| 2007-10-12 | Name : The remote host is missing Sun Security Patch number 125137-97 File : solaris9_125137.nasl - Type : ACT_GATHER_INFO |
| 2007-10-12 | Name : The remote host is missing Sun Security Patch number 125139-97 File : solaris9_x86_125139.nasl - Type : ACT_GATHER_INFO |
| 2005-09-06 | Name : The remote host is missing Sun Security Patch number 118669-86 File : solaris10_x86_118669.nasl - Type : ACT_GATHER_INFO |
| 2005-09-06 | Name : The remote host is missing Sun Security Patch number 118669-86 File : solaris8_x86_118669.nasl - Type : ACT_GATHER_INFO |
| 2005-09-06 | Name : The remote host is missing Sun Security Patch number 118669-86 File : solaris9_x86_118669.nasl - Type : ACT_GATHER_INFO |
| 2005-08-18 | Name : The remote host is missing Sun Security Patch number 118667-86 File : solaris10_118667.nasl - Type : ACT_GATHER_INFO |
| 2005-08-18 | Name : The remote host is missing Sun Security Patch number 118667-86 File : solaris8_118667.nasl - Type : ACT_GATHER_INFO |
| 2005-08-18 | Name : The remote host is missing Sun Security Patch number 118667-86 File : solaris9_118667.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2016-03-04 13:26:25 |
|
| 2014-11-27 13:28:43 |
|
| 2014-02-17 12:07:13 |
|
| 2013-11-11 12:41:38 |
|
