Executive Summary

Summary
Title SNMPv3 improper HMAC validation allows authentication bypass
Informations
Name VU#878044 First vendor Publication 2008-06-10
Vendor VU-CERT Last vendor Modification 2008-06-25
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#878044

SNMPv3 improper HMAC validation allows authentication bypass

Overview

A vulnerability in the way implementations of SNMPv3 handle specially crafted packets may allow authentication bypass.

I. Description

SNMP can be configured to utilize version 3, which is the current standard version of SNMP. SNMPv3 incorporates security features such as authentication and privacy control among other features. Authentication for SNMPv3 is done using keyed-Hash Message Authentication Code (HMAC), a message authentication code calculated using a cryptographic hash function in combination with a secret key. Implementations of SNMPv3 may allow a shortened HMAC code in the authenticator field to authenticate to an agent or a trap daemon using a minimum HMAC of 1 byte.

This issue is known to affect Net-SNMP and UCD-SNMP. Other SNMP implementations may also be affected.

II. Impact

This vulnerability allows attackers to read and modify any SNMP object that can be accessed by the impersonated user. Attackers exploiting this vulnerability can view and modify the configuration of these devices.

III. Solution

Upgrade

This vulnerability is addressed in Net-SNMP versions 5.4.1.1, 5.3.2.1, 5.2.4.1, 5.1.4.1, 5.0.11.1 and UCD-SNMP 4.2.7.1. Please see the Net-SNMP download page.

Alternatively, consult your vendor. See the Systems Affected section below for more information.

Apply a patch

Net-SNMP has released a patch to address this issue. For more information refer to SECURITY RELEASE: Multple Net-SNMP Versions Released. Users are encouraged to apply the patch as soon as possible. Note that patch should apply cleanly to UCD-snmp too.

Enable the SNMPv3 privacy subsystem

The configuration should be modified to enable the SNMPv3 privacy subsystem to encrypt the SNMPv3 traffic using a secret, private key. This option does not encrypt the HMAC, but does minimize the possible affects from this vulnerability.

Systems Affected

VendorStatusDate Updated
3com, Inc.Unknown20-May-2008
ACCESSUnknown2-Jun-2008
AdventNet Inc. Not Vulnerable18-Jun-2008
AlcatelUnknown20-May-2008
Apple Computer, Inc.Unknown2-Jun-2008
Aruba Networks, Inc.Unknown20-May-2008
Asante Technologies, Inc.Unknown13-Jun-2008
Atheros Communications, Inc.Unknown13-Jun-2008
AT&TUnknown20-May-2008
Avaya, Inc.Unknown20-May-2008
Avici Systems, Inc.Unknown20-May-2008
BEA Systems, Inc. Unknown13-Jun-2008
Borderware TechnologiesUnknown20-May-2008
BroUnknown20-May-2008
BroadcomUnknown13-Jun-2008
Charlotte's Web NetworksUnknown20-May-2008
Check Point Software TechnologiesUnknown20-May-2008
Cisco Systems, Inc.Unknown13-Jun-2008
ClavisterUnknown20-May-2008
Computer AssociatesNot Vulnerable20-Jun-2008
Computer Associates eTrust Security ManagementNot Vulnerable20-Jun-2008
Conectiva Inc.Unknown20-May-2008
CosinecomUnknown13-Jun-2008
Covalent TechnologiesUnknown13-Jun-2008
cPanel Inc.Unknown13-Jun-2008
Cray Inc.Unknown20-May-2008
Cyclades, Inc.Unknown13-Jun-2008
D-Link Systems, Inc.Unknown20-May-2008
Data Connection, Ltd.Unknown20-May-2008
Debian GNU/LinuxUnknown20-May-2008
eCosCentricVulnerable13-Jun-2008
EMC CorporationUnknown20-May-2008
Engarde Secure LinuxUnknown20-May-2008
Enterasys NetworksUnknown20-May-2008
EricssonUnknown20-May-2008
eSoft, Inc.Unknown20-May-2008
Extreme NetworksNot Vulnerable17-Jun-2008
F5 Networks, Inc.Unknown20-May-2008
Fedora ProjectUnknown20-May-2008
Force10 Networks, Inc.Not Vulnerable12-Jun-2008
Fortinet, Inc.Not Vulnerable27-May-2008
Foundry Networks, Inc.Not Vulnerable17-Jun-2008
FreeBSD, Inc.Unknown20-May-2008
FujitsuUnknown20-May-2008
Funkwerk Enterprise Communications Not Vulnerable18-Jun-2008
Gentoo LinuxUnknown4-Jun-2008
Global Technology AssociatesUnknown20-May-2008
Harris CorporationUnknown13-Jun-2008
Hewlett-Packard CompanyUnknown20-May-2008
HitachiUnknown20-May-2008
HyperchipUnknown20-May-2008
IBM CorporationNot Vulnerable18-Jun-2008
IBM Corporation (zseries)Unknown20-May-2008
IBM eServerUnknown20-May-2008
Ingrian Networks, Inc.Unknown20-May-2008
Inktomi Corporation (now Yahoo!)Unknown13-Jun-2008
Intel CorporationNot Vulnerable21-May-2008
Internet Initiative JapanVulnerable19-Jun-2008
Internet Security Systems, Inc.Not Vulnerable4-Jun-2008
IntotoUnknown20-May-2008
IP FilterUnknown20-May-2008
IP Infusion, Inc.Unknown20-May-2008
Juniper Networks, Inc.Vulnerable9-Jun-2008
LantronixUnknown13-Jun-2008
Linux Kernel ArchivesUnknown20-May-2008
Lotus SoftwareUnknown13-Jun-2008
Lucent TechnologiesUnknown20-May-2008
Luminous NetworksUnknown20-May-2008
m0n0wallUnknown20-May-2008
Mandriva, Inc.Unknown20-May-2008
Marconi, Inc.Unknown13-Jun-2008
McAfeeUnknown20-May-2008
MetaSwitchUnknown13-Jun-2008
Metrobility, Inc.Unknown13-Jun-2008
Microsoft CorporationNot Vulnerable28-May-2008
MontaVista Software, Inc.Unknown20-May-2008
Motion Media Technologies, Inc.Unknown13-Jun-2008
Multinet (owned Process Software Corporation)Unknown20-May-2008
Multitech, Inc.Unknown20-May-2008
NEC CorporationUnknown20-May-2008
Net-PolicyUnknown13-Jun-2008
NetBSDUnknown20-May-2008
netfilterUnknown20-May-2008
Netgear, Inc.Unknown13-Jun-2008
Netscape Communications CorporationUnknown13-Jun-2008
netsnmpVulnerable10-Jun-2008
netsnmpjUnknown13-Jun-2008
Network Appliance, Inc.Vulnerable4-Jun-2008
NextHop Technologies, Inc.Unknown20-May-2008
NokiaUnknown20-May-2008
Nortel Networks, Inc.Unknown20-May-2008
Novell, Inc.Not Vulnerable4-Jun-2008
OpenBSDUnknown20-May-2008
openSNMPUnknown13-Jun-2008
Openwall GNU/*/LinuxUnknown20-May-2008
Oracle CorporationUnknown13-Jun-2008
PolycomUnknown13-Jun-2008
QNX, Software Systems, Inc.Unknown20-May-2008
QuaggaUnknown20-May-2008
QUALCOMM IncorporatedUnknown13-Jun-2008
Rad Vision, Inc.Unknown13-Jun-2008
Red Hat, Inc.Vulnerable6-Jun-2008
Redback Networks, Inc.Unknown20-May-2008
Riverstone Networks, Inc.Unknown20-May-2008
Secure Computing Network Security DivisionUnknown20-May-2008
Secureworx, Inc.Unknown20-May-2008
Silicon Graphics, Inc.Unknown20-May-2008
Slackware Linux Inc.Unknown20-May-2008
SmoothWallUnknown20-May-2008
SNMP ResearchVulnerable6-Jun-2008
SnortUnknown20-May-2008
Soapstone NetworksUnknown2-Jun-2008
Sony CorporationUnknown20-May-2008
SourcefireUnknown20-May-2008
StonesoftNot Vulnerable23-Jun-2008
Sun Microsystems, Inc.Vulnerable16-Jun-2008
SUSE LinuxUnknown20-May-2008
Symantec, Inc.Unknown20-May-2008
The SCO GroupUnknown20-May-2008
The Teamware GroupUnknown13-Jun-2008
TippingPoint, Technologies, Inc.Not Vulnerable21-May-2008
Trustix Secure LinuxUnknown20-May-2008
TurbolinuxUnknown20-May-2008
UbuntuUnknown20-May-2008
Vertical Networks, Inc.Unknown13-Jun-2008
Watchguard Technologies, Inc.Unknown20-May-2008
Wind River Systems, Inc.Unknown20-May-2008
ZyXELUnknown20-May-2008

References


http://sourceforge.net/forum/forum.php?forum_id=833770
http://www.ocert.org/advisories/ocert-2008-006.html
http://secunia.com/advisories/30574/
http://secunia.com/advisories/30665/
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238865-1

Credit

This issue was reported by Wes Hardaker at Net-SNMP. Thanks also to Jeff Case of SNMP Research and oCERT.

This document was written by Chris Taschner and David Warren.

Other Information

Date Public05/31/2008
Date First Published06/10/2008 09:59:27 AM
Date Last Updated06/25/2008
CERT Advisory 
CVE NameCVE-2008-0960
US-CERT Technical AlertsTA08-162A
Metric7.56
Document Revision34

Original Source

Url : http://www.kb.cert.org/vuls/id/878044

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-287 Improper Authentication

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10820
 
Oval ID: oval:org.mitre.oval:def:10820
Title: SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
Description: SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
Family: unix Class: vulnerability
Reference(s): CVE-2008-0960
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22388
 
Oval ID: oval:org.mitre.oval:def:22388
Title: ELSA-2008:0529: net-snmp security update (Moderate)
Description: Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).
Family: unix Class: patch
Reference(s): ELSA-2008:0529-01
CVE-2008-2292
CVE-2008-0960
 Version: 13
Platform(s): Oracle Linux 5
 Product(s): net-snmp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5785
 
Oval ID: oval:org.mitre.oval:def:5785
Title: Multiple Vendors Net-SNMPv3 Hash Message Authentication Code Design Error Vulnerability
Description: SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
Family: ios Class: vulnerability
Reference(s): CVE-2008-0960
 Version: 3
Platform(s): Cisco IOS
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6414
 
Oval ID: oval:org.mitre.oval:def:6414
Title: Net-snmp SNMPv3 Authentication Bug Lets Remote Users Bypass Authentication
Description: SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
Family: unix Class: vulnerability
Reference(s): CVE-2008-0960
 Version: 3
Platform(s): VMWare ESX Server 3
VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2
Application 2

ExploitDB Exploits

id Description
2008-06-12 SNMPv3 HMAC validation error Remote Authentication Bypass Exploit

OpenVAS Exploits

Date Description
2010-05-12 Name : Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004
File : nvt/macosx_upd_10_5_4_secupd_2008-004.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13 Name : SLES10: Security update for net-snmp
File : nvt/sles10_net-snmp1.nasl
2009-10-10 Name : SLES9: Security update for net-snmp
File : nvt/sles9p5031860.nasl
2009-04-09 Name : Mandriva Update for net-snmp MDVSA-2008:118 (net-snmp)
File : nvt/gb_mandriva_MDVSA_2008_118.nasl
2009-03-23 Name : Ubuntu Update for net-snmp vulnerabilities USN-685-1
File : nvt/gb_ubuntu_USN_685_1.nasl
2009-03-06 Name : RedHat Update for ucd-snmp RHSA-2008:0528-01
File : nvt/gb_RHSA-2008_0528-01_ucd-snmp.nasl
2009-03-06 Name : RedHat Update for net-snmp RHSA-2008:0529-01
File : nvt/gb_RHSA-2008_0529-01_net-snmp.nasl
2009-02-27 Name : CentOS Update for ucd-snmp CESA-2008:0528-01 centos2 i386
File : nvt/gb_CESA-2008_0528-01_ucd-snmp_centos2_i386.nasl
2009-02-27 Name : CentOS Update for net-snmp CESA-2008:0529 centos3 i386
File : nvt/gb_CESA-2008_0529_net-snmp_centos3_i386.nasl
2009-02-27 Name : CentOS Update for net-snmp CESA-2008:0529 centos3 x86_64
File : nvt/gb_CESA-2008_0529_net-snmp_centos3_x86_64.nasl
2009-02-27 Name : CentOS Update for net-snmp CESA-2008:0529 centos4 i386
File : nvt/gb_CESA-2008_0529_net-snmp_centos4_i386.nasl
2009-02-27 Name : CentOS Update for net-snmp CESA-2008:0529 centos4 x86_64
File : nvt/gb_CESA-2008_0529_net-snmp_centos4_x86_64.nasl
2009-02-17 Name : Fedora Update for net-snmp FEDORA-2008-5224
File : nvt/gb_fedora_2008_5224_net-snmp_fc7.nasl
2009-02-17 Name : Fedora Update for net-snmp FEDORA-2008-9367
File : nvt/gb_fedora_2008_9367_net-snmp_fc9.nasl
2009-02-17 Name : Fedora Update for net-snmp FEDORA-2008-9362
File : nvt/gb_fedora_2008_9362_net-snmp_fc8.nasl
2009-02-17 Name : Fedora Update for net-snmp FEDORA-2008-5218
File : nvt/gb_fedora_2008_5218_net-snmp_fc8.nasl
2009-02-17 Name : Fedora Update for net-snmp FEDORA-2008-5215
File : nvt/gb_fedora_2008_5215_net-snmp_fc9.nasl
2009-01-23 Name : SuSE Update for net-snmp SUSE-SA:2008:039
File : nvt/gb_suse_2008_039.nasl
2008-11-19 Name : Debian Security Advisory DSA 1663-1 (net-snmp)
File : nvt/deb_1663_1.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200808-02 (net-snmp)
File : nvt/glsa_200808_02.nasl
0000-00-00 Name : Slackware Advisory SSA:2008-210-07 net-snmp
File : nvt/esoft_slk_ssa_2008_210_07.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
55248 HP OpenView SNMP Emanate Master Agent HMAC Authentication SNMPv3 Authenticati...
46669 Apple Mac OS X HMAC Authentication SNMPv3 Authentication Packet Spoofing
46276 Solaris snmpd(1M) HMAC Authentication SNMPv3 Authentication Packet Spoofing
46102 Ingate Firewall/SIParator HMAC Authentication SNMPv3 Authentication Packet Sp...
46088 Juniper Multiple Appliances HMAC Authentication SNMPv3 Authentication Packet ...
46086 Cisco Multiple Products HMAC Authentication SNMPv3 Authentication Packet Spoo...
46060 UCD-SNMP HMAC Authentication SNMPv3 Authentication Packet Spoofing

46059 Net-SNMP HMAC Authentication SNMPv3 Authentication Packet Spoofing

Information Assurance Vulnerability Management (IAVM)

Date Description
2008-11-06 IAVM : 2008-B-0078 - Multiple Vulnerabilities in VMware
Severity : Category I - VMSKEY : V0017874
2008-06-19 IAVM : 2008-T-0026 - SNMP Remote Authentication Bypass Vulnerability
Severity : Category I - VMSKEY : V0016046

Snort® IPS/IDS

Date Description
2014-01-10 Multiple Vendors SNMPv3 HMAC handling authentication bypass attempt
RuleID : 17699 - Revision : 3 - Type : PROTOCOL-SNMP

Nessus® Vulnerability Scanner

Date Description
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL8939.nasl - Type : ACT_GATHER_INFO
2013-12-14 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20080610-snmpv3-iosxr.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0529.nasl - Type : ACT_GATHER_INFO
2013-05-31 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20080610-snmpv3-nxos.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080610_net_snmp_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2010-09-01 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20080610-snmpv3http.nasl - Type : ACT_GATHER_INFO
2010-07-19 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHSS_39886.nasl - Type : ACT_GATHER_INFO
2010-07-19 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHSS_39887.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12204.nasl - Type : ACT_GATHER_INFO
2009-07-31 Name : The SNMP server running on this host is affected by an authentication bypass ...
File : snmpv3_authentication_bypass.nasl - Type : ACT_ATTACK
2009-07-27 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2008-0017.nasl - Type : ACT_GATHER_INFO
2009-07-27 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2008-0013.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libsnmp15-080706.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-118.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-685-1.nasl - Type : ACT_GATHER_INFO
2008-11-09 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1663.nasl - Type : ACT_GATHER_INFO
2008-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2008-9367.nasl - Type : ACT_GATHER_INFO
2008-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2008-9362.nasl - Type : ACT_GATHER_INFO
2008-08-07 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200808-02.nasl - Type : ACT_GATHER_INFO
2008-08-01 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_net-snmp-5422.nasl - Type : ACT_GATHER_INFO
2008-08-01 Name : The remote openSUSE host is missing a security update.
File : suse_libsnmp15-5418.nasl - Type : ACT_GATHER_INFO
2008-07-29 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2008-210-07.nasl - Type : ACT_GATHER_INFO
2008-07-01 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_5_4.nasl - Type : ACT_GATHER_INFO
2008-07-01 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2008-004.nasl - Type : ACT_GATHER_INFO
2008-06-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0529.nasl - Type : ACT_GATHER_INFO
2008-06-12 Name : The remote Fedora host is missing a security update.
File : fedora_2008-5215.nasl - Type : ACT_GATHER_INFO
2008-06-12 Name : The remote Fedora host is missing a security update.
File : fedora_2008-5218.nasl - Type : ACT_GATHER_INFO
2008-06-12 Name : The remote Fedora host is missing a security update.
File : fedora_2008-5224.nasl - Type : ACT_GATHER_INFO
2008-06-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0529.nasl - Type : ACT_GATHER_INFO
2008-06-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0528.nasl - Type : ACT_GATHER_INFO
2007-06-04 Name : The remote host is missing Sun Security Patch number 120273-42
File : solaris10_x86_120273.nasl - Type : ACT_GATHER_INFO
2007-05-20 Name : The remote host is missing Sun Security Patch number 120272-40
File : solaris10_120272.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-10-11 13:26:27
  • Multiple Updates
2014-02-17 12:08:15
  • Multiple Updates
2013-05-11 00:57:26
  • Multiple Updates