Executive Summary
Summary | |
---|---|
Title | ESX patches address an issue loading corrupt virtual disks and update Service Console packages |
Informations | |||
---|---|---|---|
Name | VMSA-2009-0001 | First vendor Publication | 2009-01-30 |
Vendor | VMware | Last vendor Modification | 2009-01-30 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
a. Loading a corrupt delta disk may cause ESX to crash If the VMDK delta disk of a snapshot is corrupt, an ESX host might crash when the corrupted disk is loaded. VMDK delta files exist for virtual machines with one or more snapshots. This change ensures that a corrupt VMDK delta file cannot be used to crash ESX hosts. A corrupt VMDK delta disk, or virtual machine would have to be loaded by an administrator. VMware would like to thank Craig Marshall for reporting this issue. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4914 to this issue. b. Updated Service Console package net-snmp Net-SNMP is an implementation of the Simple Network Management Protocol (SNMP). SNMP is used by network management systems to monitor hosts. A denial-of-service flaw was found in the way Net-SNMP processes SNMP GETBULK requests. A remote attacker who issued a specially- crafted request could cause the snmpd server to crash. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4309 to this issue. c. Updated Service Console package libxml2 An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4226 to this issue. A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4225 to this issue. |
Original Source
Url : http://www.vmware.com/security/advisories/VMSA-2009-0001.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-399 | Resource Management Errors |
33 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
33 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10025 | |||
Oval ID: | oval:org.mitre.oval:def:10025 | ||
Title: | Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document. | ||
Description: | Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4225 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17828 | |||
Oval ID: | oval:org.mitre.oval:def:17828 | ||
Title: | USN-673-1 -- libxml2 vulnerabilities | ||
Description: | Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-673-1 CVE-2008-4225 CVE-2008-4226 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 Ubuntu 8.10 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17856 | |||
Oval ID: | oval:org.mitre.oval:def:17856 | ||
Title: | USN-685-1 -- net-snmp vulnerabilities | ||
Description: | Wes Hardaker discovered that the SNMP service did not correctly validate HMAC authentication requests. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-685-1 CVE-2008-0960 CVE-2008-2292 CVE-2008-4309 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 Ubuntu 8.10 | Product(s): | net-snmp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18412 | |||
Oval ID: | oval:org.mitre.oval:def:18412 | ||
Title: | DSA-1666-1 libxml2 - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the GNOME XML library. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1666-1 CVE-2008-4225 CVE-2008-4226 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libxml2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19948 | |||
Oval ID: | oval:org.mitre.oval:def:19948 | ||
Title: | DSA-1663-1 net-snmp - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in NET SNMP, a suite of Simple Network Management Protocol applications. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1663-1 CVE-2008-0960 CVE-2008-2292 CVE-2008-4309 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | net-snmp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22168 | |||
Oval ID: | oval:org.mitre.oval:def:22168 | ||
Title: | ELSA-2008:0971: net-snmp security update (Important) | ||
Description: | Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0971-01 CVE-2008-4309 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | net-snmp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22735 | |||
Oval ID: | oval:org.mitre.oval:def:22735 | ||
Title: | ELSA-2008:0988: libxml2 security update (Important) | ||
Description: | Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0988-01 CVE-2008-4225 CVE-2008-4226 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | libxml2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29197 | |||
Oval ID: | oval:org.mitre.oval:def:29197 | ||
Title: | RHSA-2008:0971 -- net-snmp security update (Important) | ||
Description: | Updated net-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Simple Network Management Protocol (SNMP) is a protocol used for network management. A denial-of-service flaw was found in the way Net-SNMP processes SNMP GETBULK requests. A remote attacker who issued a specially-crafted request could cause the snmpd server to crash. (CVE-2008-4309) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0971 CESA-2008:0971-CentOS 5 CESA-2008:0971-CentOS 3 CVE-2008-4309 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 5 CentOS Linux 3 | Product(s): | net-snmp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29306 | |||
Oval ID: | oval:org.mitre.oval:def:29306 | ||
Title: | RHSA-2008:0988 -- libxml2 security update (Important) | ||
Description: | Updated libxml2 packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libxml2 is a library for parsing and manipulating XML files. It includes support for reading, modifying, and writing XML and HTML files. An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-4226) A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. (CVE-2008-4225) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0988 CESA-2008:0988-CentOS 5 CESA-2008:0988-CentOS 3 CESA-2008:0988-CentOS 2 CVE-2008-4225 CVE-2008-4226 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 5 CentOS Linux 3 CentOS Linux 2 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5909 | |||
Oval ID: | oval:org.mitre.oval:def:5909 | ||
Title: | VMware ESX Server VMDK Delta Disk Processing Lets Local Administrative Users Deny Service | ||
Description: | Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401-I-SG and ESX 3.5 before ESX350-200901401-SG allows local administrators to cause a denial of service (host crash) via a snapshot with a malformed VMDK delta disk. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4914 | Version: | 3 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6171 | |||
Oval ID: | oval:org.mitre.oval:def:6171 | ||
Title: | Net-snmp GETBULK Request Processing Bug Lets Remote Users Deny Service | ||
Description: | Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4309 | Version: | 3 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6219 | |||
Oval ID: | oval:org.mitre.oval:def:6219 | ||
Title: | Security Vulnerabilities in the libxml2 Library Routines xmlSAX2Characters() May Lead to Arbitrary Code Execution or Denial of Service (DoS) | ||
Description: | Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4226 | Version: | 1 |
Platform(s): | Sun Solaris 9 Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6234 | |||
Oval ID: | oval:org.mitre.oval:def:6234 | ||
Title: | Security Vulnerabilities in the libxml2 Library Routines xmlBufferResize() May Lead to Denial of Service (DoS) | ||
Description: | Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4225 | Version: | 1 |
Platform(s): | Sun Solaris 9 Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6353 | |||
Oval ID: | oval:org.mitre.oval:def:6353 | ||
Title: | Security Vulnerability in the SNMP daemon (snmpd(1M)) May Lead to a Denial of Service (DoS) Condition | ||
Description: | Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4309 | Version: | 1 |
Platform(s): | Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6360 | |||
Oval ID: | oval:org.mitre.oval:def:6360 | ||
Title: | Libxml2 Integer Overflow in xmlSAX2Characters() May Let Remote Users Execute Arbitrary Code | ||
Description: | Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4226 | Version: | 3 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6415 | |||
Oval ID: | oval:org.mitre.oval:def:6415 | ||
Title: | Libxml2 Integer Overflow in xmlBufferResize() Lets Remote Users Deny Service | ||
Description: | Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4225 | Version: | 3 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7025 | |||
Oval ID: | oval:org.mitre.oval:def:7025 | ||
Title: | DSA-1663 net-snmp -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in NET SNMP, a suite of Simple Network Management Protocol applications. The Common Vulnerabilities and Exposures project identifies the following problems: Wes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length, which allows spoofing of authenticated SNMPv3 packets. John Kortink reported a buffer overflow in the __snprint_value function in snmp_get causing a denial of service and potentially allowing the execution of arbitrary code via a large OCTETSTRING in an attribute value pair (AVP). It was reported that an integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c allows remote attackers to cause a denial of service attack via a crafted SNMP GETBULK request. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1663 CVE-2008-0960 CVE-2008-2292 CVE-2008-4309 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | net-snmp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7803 | |||
Oval ID: | oval:org.mitre.oval:def:7803 | ||
Title: | DSA-1666 libxml2 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the GNOME XML library. The Common Vulnerabilities and Exposures project identifies the following problems: Drew Yao discovered that missing input sanitising in the xmlBufferResize() function may lead to an infinite loop, resulting in denial of service. Drew Yao discovered that an integer overflow in the xmlSAX2Characters() function may lead to denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1666 CVE-2008-4225 CVE-2008-4226 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9860 | |||
Oval ID: | oval:org.mitre.oval:def:9860 | ||
Title: | Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. | ||
Description: | Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4309 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9888 | |||
Oval ID: | oval:org.mitre.oval:def:9888 | ||
Title: | Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||
Description: | Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4226 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 | |
Application | 1 | |
Application | 1 | |
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for libxml2 File : nvt/sles10_libxml21.nasl |
2009-10-13 | Name : Solaris Update for XML and XSLT libraries 125732-05 File : nvt/gb_solaris_125732_05.nasl |
2009-10-13 | Name : Solaris Update for XML and XSLT libraries 125731-05 File : nvt/gb_solaris_125731_05.nasl |
2009-10-13 | Name : SLES10: Security update for net-snmp File : nvt/sles10_net-snmp.nasl |
2009-10-13 | Name : SLES10: Security update for libxml2 File : nvt/sles10_libxml23.nasl |
2009-10-13 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114015-24 File : nvt/gb_solaris_114015_24.nasl |
2009-10-13 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114014-24 File : nvt/gb_solaris_114014_24.nasl |
2009-10-10 | Name : SLES9: Security update for net-snmp File : nvt/sles9p5041460.nasl |
2009-10-10 | Name : SLES9: Security update for libxml2 File : nvt/sles9p5040640.nasl |
2009-10-10 | Name : SLES9: Security update for libxml2 File : nvt/sles9p5038083.nasl |
2009-08-17 | Name : Fedora Core 10 FEDORA-2009-8491 (libxml2) File : nvt/fcore_2009_8491.nasl |
2009-07-29 | Name : Mandrake Security Advisory MDVSA-2009:156 (net-snmp) File : nvt/mdksa_2009_156.nasl |
2009-06-03 | Name : Solaris Update for XML and XSLT libraries 125732-04 File : nvt/gb_solaris_125732_04.nasl |
2009-06-03 | Name : Solaris Update for XML and XSLT libraries 125731-04 File : nvt/gb_solaris_125731_04.nasl |
2009-06-03 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114015-22 File : nvt/gb_solaris_114015_22.nasl |
2009-06-03 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114014-22 File : nvt/gb_solaris_114014_22.nasl |
2009-04-09 | Name : Mandriva Update for net-snmp MDVSA-2008:225 (net-snmp) File : nvt/gb_mandriva_MDVSA_2008_225.nasl |
2009-04-09 | Name : Mandriva Update for libxml2 MDVSA-2008:231 (libxml2) File : nvt/gb_mandriva_MDVSA_2008_231.nasl |
2009-03-23 | Name : Ubuntu Update for net-snmp vulnerabilities USN-685-1 File : nvt/gb_ubuntu_USN_685_1.nasl |
2009-03-23 | Name : Ubuntu Update for libxml2 vulnerabilities USN-673-1 File : nvt/gb_ubuntu_USN_673_1.nasl |
2009-03-06 | Name : RedHat Update for net-snmp RHSA-2008:0971-01 File : nvt/gb_RHSA-2008_0971-01_net-snmp.nasl |
2009-03-06 | Name : RedHat Update for libxml2 RHSA-2008:0988-01 File : nvt/gb_RHSA-2008_0988-01_libxml2.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0988 centos3 i386 File : nvt/gb_CESA-2008_0988_libxml2_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for net-snmp CESA-2008:0971 centos3 i386 File : nvt/gb_CESA-2008_0971_net-snmp_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for net-snmp CESA-2008:0971 centos3 x86_64 File : nvt/gb_CESA-2008_0971_net-snmp_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0988 centos4 x86_64 File : nvt/gb_CESA-2008_0988_libxml2_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0988 centos4 i386 File : nvt/gb_CESA-2008_0988_libxml2_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0988 centos3 x86_64 File : nvt/gb_CESA-2008_0988_libxml2_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0988-01 centos2 i386 File : nvt/gb_CESA-2008_0988-01_libxml2_centos2_i386.nasl |
2009-02-18 | Name : Fedora Core 10 FEDORA-2009-1769 (net-snmp) File : nvt/fcore_2009_1769.nasl |
2009-02-17 | Name : Fedora Update for libxml2 FEDORA-2008-9773 File : nvt/gb_fedora_2008_9773_libxml2_fc9.nasl |
2009-02-17 | Name : Fedora Update for libxml2 FEDORA-2008-9729 File : nvt/gb_fedora_2008_9729_libxml2_fc8.nasl |
2009-02-17 | Name : Fedora Update for net-snmp FEDORA-2008-9367 File : nvt/gb_fedora_2008_9367_net-snmp_fc9.nasl |
2009-02-17 | Name : Fedora Update for net-snmp FEDORA-2008-9362 File : nvt/gb_fedora_2008_9362_net-snmp_fc8.nasl |
2009-02-16 | Name : Fedora Update for net-snmp FEDORA-2008-10451 File : nvt/gb_fedora_2008_10451_net-snmp_fc10.nasl |
2009-02-16 | Name : Fedora Update for libxml2 FEDORA-2008-10000 File : nvt/gb_fedora_2008_10000_libxml2_fc10.nasl |
2009-02-02 | Name : SuSE Security Summary SUSE-SR:2009:003 File : nvt/suse_sr_2009_003.nasl |
2009-01-26 | Name : Gentoo Security Advisory GLSA 200901-15 (net-snmp) File : nvt/glsa_200901_15.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.1) File : nvt/suse_sr_2009_001.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.0) File : nvt/suse_sr_2009_001a.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3) File : nvt/suse_sr_2009_001b.nasl |
2008-12-03 | Name : Gentoo Security Advisory GLSA 200812-06 (libxml2) File : nvt/glsa_200812_06.nasl |
2008-11-24 | Name : FreeBSD Ports: libxml2 File : nvt/freebsd_libxml21.nasl |
2008-11-24 | Name : Debian Security Advisory DSA 1666-1 (libxml2) File : nvt/deb_1666_1.nasl |
2008-11-19 | Name : FreeBSD Ports: net-snmp File : nvt/freebsd_net-snmp2.nasl |
2008-11-19 | Name : Debian Security Advisory DSA 1663-1 (net-snmp) File : nvt/deb_1663_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-324-01 libxml2 File : nvt/esoft_slk_ssa_2008_324_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-320-02 net-snmp File : nvt/esoft_slk_ssa_2008_320_02.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
52705 | VMware ESX / ESXi Malformed VMDK Delta Disk Handling DoS |
49993 | libxml2 xmlSAX2Characters() Function XML File Parsing Overflow |
49992 | libxml2 xmlBufferResize() Function XML File Parsing DoS |
49524 | Net-SNMP getbulk Code Response / Repeat Saturation Remote DoS |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-02-05 | IAVM : 2009-B-0006 - Multiple Vulnerabilities in VMware Severity : Category I - VMSKEY : V0018295 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2009-0018.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2009-0001.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0988.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0971.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 127682-07 File : solaris9_x86_127682.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 127680-07 File : solaris8_127680.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 127681-07 File : solaris9_127681.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 123922-11 File : solaris9_x86_123922.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 123924-11 File : solaris10_x86_123924.nasl - Type : ACT_GATHER_INFO |
2012-09-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-10038.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081103_net_snmp_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081117_libxml2_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-12-17 | Name : The remote network device is affected by multiple remote vulnerabilities. File : airport_firmware_7_5_2.nasl - Type : ACT_GATHER_INFO |
2010-04-27 | Name : The remote web server has multiple vulnerabilities. File : hpsmh_6_0_0_95.nasl - Type : ACT_GATHER_INFO |
2010-02-17 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0003.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libxml2-5755.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12286.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12298.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12301.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2009-0001.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libsnmp15-081121.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libxml2-081107.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari4_0.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_4.0.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-002.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120955-12 File : solaris10_x86_120955.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris8_120954.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 123923-12 File : solaris10_123923.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 123920-12 File : solaris8_123920.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris9_120954.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 123921-12 File : solaris9_123921.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120955-12 File : solaris9_x86_120955.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-673-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-685-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1769.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0971.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0988.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris10_120954.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2008-10451.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-231.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-225.nasl - Type : ACT_GATHER_INFO |
2009-01-26 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_net-snmp-5807.nasl - Type : ACT_GATHER_INFO |
2009-01-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200901-15.nasl - Type : ACT_GATHER_INFO |
2009-01-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libxml2-5802.nasl - Type : ACT_GATHER_INFO |
2008-12-03 | Name : The remote openSUSE host is missing a security update. File : suse_libsnmp15-5808.nasl - Type : ACT_GATHER_INFO |
2008-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200812-06.nasl - Type : ACT_GATHER_INFO |
2008-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_libxml2-5799.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libxml2-5756.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote openSUSE host is missing a security update. File : suse_libxml2-5754.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-324-01.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9773.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9729.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_f1e0164eb67b11dda55e00163e000016.nasl - Type : ACT_GATHER_INFO |
2008-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0988.nasl - Type : ACT_GATHER_INFO |
2008-11-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1666.nasl - Type : ACT_GATHER_INFO |
2008-11-17 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-320-02.nasl - Type : ACT_GATHER_INFO |
2008-11-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_daf045d7b21111dda987000c29ca8953.nasl - Type : ACT_GATHER_INFO |
2008-11-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1663.nasl - Type : ACT_GATHER_INFO |
2008-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9367.nasl - Type : ACT_GATHER_INFO |
2008-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9362.nasl - Type : ACT_GATHER_INFO |
2008-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0971.nasl - Type : ACT_GATHER_INFO |
2007-06-04 | Name : The remote host is missing Sun Security Patch number 120273-42 File : solaris10_x86_120273.nasl - Type : ACT_GATHER_INFO |
2007-06-04 | Name : The remote host is missing Sun Security Patch number 119467-17 File : solaris10_x86_119467.nasl - Type : ACT_GATHER_INFO |
2007-05-20 | Name : The remote host is missing Sun Security Patch number 120272-40 File : solaris10_120272.nasl - Type : ACT_GATHER_INFO |
2006-11-20 | Name : The remote host is missing Sun Security Patch number 123919-12 File : solaris7_123919.nasl - Type : ACT_GATHER_INFO |
2006-11-06 | Name : The remote host is missing Sun Security Patch number 119467-17 File : solaris9_x86_119467.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-11-27 13:28:41 |
|
2014-02-17 12:07:11 |
|
2013-11-11 12:41:38 |
|