Executive Summary
Summary | |
---|---|
Title | VMware Workstation, ESXi, and ESX address several security issues |
Informations | |||
---|---|---|---|
Name | VMSA-2012-0006 | First vendor Publication | 2012-03-29 |
Vendor | VMware | Last vendor Modification | 2012-06-13 |
Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
a. VMware ROM Overwrite Privilege Escalation A flaw in the way port-based I/O is handled allows for modifying Read-Only Memory that belongs to the Virtual DOS Machine. Exploitation of this issue may lead to privilege escalation on Guest Operating Systems that run Windows 2000, Windows XP 32-bit, Windows Server 2003 32-bit or Windows Server 2003 R2 32-bit. VMware would like to thank Derek Soeder of Ridgeway Internet Security, L.L.C. for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-1515 to this issue. b. ESX third party update for Service Console kernel The ESX Service Console Operating System (COS) kernel is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple security issues in the COS kernel. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-2482, CVE-2011-3191 and CVE-2011-4348 to these issues. c. ESX third party update for Service Console krb5 RPM This patch updates the krb5-libs and krb5-workstation RPMs to version 1.6.1-63.el5_7 to resolve a security issue. By default, the affected krb5-telnet and ekrb5-telnet services do not run. The krb5 telnet daemon is an xinetd service. You can run the following commands to check if krb5 telnetd is enabled: /sbin/chkconfig --list krb5-telnet /sbin/chkconfig --list ekrb5-telnet The output of these commands displays if krb5 telnet is enabled. You can run the following commands to disable krb5 telnet daemon: /sbin/chkconfig krb5-telnet off /sbin/chkconfig ekrb5-telnet off The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-4862 to this issue. |
Original Source
Url : http://www.vmware.com/security/advisories/VMSA-2012-0006.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
20 % | CWE-476 | NULL Pointer Dereference |
20 % | CWE-362 | Race Condition |
20 % | CWE-264 | Permissions, Privileges, and Access Controls |
20 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
20 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15084 | |||
Oval ID: | oval:org.mitre.oval:def:15084 | ||
Title: | DSA-2372-1 heimdal -- buffer overflow | ||
Description: | It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2372-1 CVE-2011-4862 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | heimdal |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15151 | |||
Oval ID: | oval:org.mitre.oval:def:15151 | ||
Title: | DSA-2375-1 krb5 -- buffer overflow | ||
Description: | It was discovered that the encryption support for BSD telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet port to execute arbitrary code with root privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2375-1 CVE-2011-4862 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15184 | |||
Oval ID: | oval:org.mitre.oval:def:15184 | ||
Title: | DSA-2373-1 inetutils -- buffer overflow | ||
Description: | It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2373-1 CVE-2011-4862 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | inetutils |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15209 | |||
Oval ID: | oval:org.mitre.oval:def:15209 | ||
Title: | BIOS ROM Corruption Vulnerability (CVE-2012-1515) | ||
Description: | VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1515 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17110 | |||
Oval ID: | oval:org.mitre.oval:def:17110 | ||
Title: | VMware ROM Overwrite Privilege Escalation | ||
Description: | VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1515 | Version: | 4 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VMware Workstation VMware Player |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20334 | |||
Oval ID: | oval:org.mitre.oval:def:20334 | ||
Title: | VMware ESXi and ESX address several security issues | ||
Description: | Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-4348 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20405 | |||
Oval ID: | oval:org.mitre.oval:def:20405 | ||
Title: | VMware ESXi and ESX address several security issues | ||
Description: | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-4862 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20613 | |||
Oval ID: | oval:org.mitre.oval:def:20613 | ||
Title: | VMware ESXi and ESX address several security issues | ||
Description: | Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-3191 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20625 | |||
Oval ID: | oval:org.mitre.oval:def:20625 | ||
Title: | VMware ESXi and ESX address several security issues | ||
Description: | VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-1515 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20687 | |||
Oval ID: | oval:org.mitre.oval:def:20687 | ||
Title: | VMware ESXi and ESX address several security issues | ||
Description: | A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-2482 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20812 | |||
Oval ID: | oval:org.mitre.oval:def:20812 | ||
Title: | USN-1228-1 -- linux-ti-omap4 vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1228-1 CVE-2011-1776 CVE-2011-2213 CVE-2011-2497 CVE-2011-2695 CVE-2011-2700 CVE-2011-2723 CVE-2011-2928 CVE-2011-3188 CVE-2011-3191 | Version: | 5 |
Platform(s): | Ubuntu 11.04 | Product(s): | linux-ti-omap4 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22108 | |||
Oval ID: | oval:org.mitre.oval:def:22108 | ||
Title: | RHSA-2011:1852: krb5-appl security update (Critical) | ||
Description: | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1852-02 CESA-2011:1852 CVE-2011-4862 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | krb5-appl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22146 | |||
Oval ID: | oval:org.mitre.oval:def:22146 | ||
Title: | RHSA-2011:1851: krb5 security update (Critical) | ||
Description: | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1851-02 CESA-2011:1851 CVE-2011-4862 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23239 | |||
Oval ID: | oval:org.mitre.oval:def:23239 | ||
Title: | ELSA-2011:1851: krb5 security update (Critical) | ||
Description: | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1851-02 CVE-2011-4862 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23380 | |||
Oval ID: | oval:org.mitre.oval:def:23380 | ||
Title: | ELSA-2011:1852: krb5-appl security update (Critical) | ||
Description: | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1852-02 CVE-2011-4862 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | krb5-appl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27889 | |||
Oval ID: | oval:org.mitre.oval:def:27889 | ||
Title: | DEPRECATED: ELSA-2012-0007 -- kernel security, bug fix, and enhancement update (important) | ||
Description: | [2.6.18-274.17.1.0.1.el5] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [scsi] add additional scsi medium error handling (John Sobecki) [orabug 12904887] - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - bonding: reread information about speed and duplex when interface goes up (John Haxby) [orabug 11890822] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0007 CVE-2011-1020 CVE-2011-3637 CVE-2011-4077 CVE-2011-4132 CVE-2011-4324 CVE-2011-4325 CVE-2011-4330 CVE-2011-4348 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27975 | |||
Oval ID: | oval:org.mitre.oval:def:27975 | ||
Title: | DEPRECATED: ELSA-2011-1852 -- krb5-appl security update (critical) | ||
Description: | [1.0.1-7] - Correct patch, bump release [1.0.1-6] - Fix for CVE-2011-4862 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1852 CVE-2011-4862 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | krb5-appl |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Telnetd Encryption Key ID Code Execution | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-02 | Name : SuSE Update for krb5-appl openSUSE-SU-2012:0051-1 (krb5-appl) File : nvt/gb_suse_2012_0051_1.nasl |
2012-08-02 | Name : SuSE Update for krb5-appl openSUSE-SU-2012:0019-1 (krb5-appl) File : nvt/gb_suse_2012_0019_1.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:1212 centos5 x86_64 File : nvt/gb_CESA-2011_1212_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64 File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for krb5-devel CESA-2011:1851 centos4 File : nvt/gb_CESA-2011_1851_krb5-devel_centos4.nasl |
2012-07-30 | Name : CentOS Update for krb5-devel CESA-2011:1851 centos5 File : nvt/gb_CESA-2011_1851_krb5-devel_centos5.nasl |
2012-07-30 | Name : CentOS Update for krb5-appl-clients CESA-2011:1852 centos6 File : nvt/gb_CESA-2011_1852_krb5-appl-clients_centos6.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2012:0007 centos5 File : nvt/gb_CESA-2012_0007_kernel_centos5.nasl |
2012-07-09 | Name : RedHat Update for krb5-appl RHSA-2011:1852-02 File : nvt/gb_RHSA-2011_1852-02_krb5-appl.nasl |
2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1465-01 File : nvt/gb_RHSA-2011_1465-01_kernel.nasl |
2012-06-25 | Name : Fedora Update for kernel FEDORA-2012-8931 File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl |
2012-06-13 | Name : Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167) File : nvt/secpod_ms12-042.nasl |
2012-05-17 | Name : Fedora Update for kernel FEDORA-2012-7594 File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl |
2012-04-26 | Name : Fedora Update for kernel FEDORA-2012-6406 File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2011-12823 File : nvt/gb_fedora_2011_12823_kernel_fc16.nasl |
2012-04-02 | Name : VMSA-2012-0006 VMware ESXi and ESX address several security issues File : nvt/gb_VMSA-2012-0006.nasl |
2012-03-29 | Name : Fedora Update for kernel FEDORA-2012-3715 File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl |
2012-03-19 | Name : Fedora Update for krb5-appl FEDORA-2011-17493 File : nvt/gb_fedora_2011_17493_krb5-appl_fc16.nasl |
2012-03-16 | Name : Fedora Update for kernel FEDORA-2012-3356 File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl |
2012-03-15 | Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser... File : nvt/gb_VMSA-2012-0001.nasl |
2012-03-12 | Name : Gentoo Security Advisory GLSA 201202-05 (heimdal) File : nvt/glsa_201202_05.nasl |
2012-03-07 | Name : Fedora Update for kernel FEDORA-2012-2753 File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl |
2012-02-13 | Name : Fedora Update for kernel FEDORA-2012-1503 File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-14 (mit-krb5-appl) File : nvt/glsa_201201_14.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2373-1 (inetutils) File : nvt/deb_2373_1.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2372-1 (heimdal) File : nvt/deb_2372_1.nasl |
2012-01-25 | Name : Fedora Update for kernel FEDORA-2012-0861 File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl |
2012-01-16 | Name : Fedora Update for kernel FEDORA-2012-0492 File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl |
2012-01-13 | Name : RedHat Update for kernel RHSA-2012:0007-01 File : nvt/gb_RHSA-2012_0007-01_kernel.nasl |
2012-01-09 | Name : Fedora Update for krb5-appl FEDORA-2011-17492 File : nvt/gb_fedora_2011_17492_krb5-appl_fc15.nasl |
2011-12-30 | Name : RedHat Update for krb5 RHSA-2011:1851-01 File : nvt/gb_RHSA-2011_1851-01_krb5.nasl |
2011-12-30 | Name : Mandriva Update for krb5-appl MDVSA-2011:195 (krb5-appl) File : nvt/gb_mandriva_MDVSA_2011_195.nasl |
2011-12-28 | Name : FreeBSD 'telnetd' Daemon Remote Buffer Overflow Vulnerability File : nvt/gb_freebsd_telnetd_51182.nasl |
2011-12-12 | Name : Fedora Update for kernel FEDORA-2011-16621 File : nvt/gb_fedora_2011_16621_kernel_fc15.nasl |
2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
2011-11-18 | Name : Fedora Update for kernel FEDORA-2011-15856 File : nvt/gb_fedora_2011_15856_kernel_fc15.nasl |
2011-11-11 | Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1 File : nvt/gb_ubuntu_USN_1256_1.nasl |
2011-11-11 | Name : Ubuntu Update for linux USN-1253-1 File : nvt/gb_ubuntu_USN_1253_1.nasl |
2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1245-1 File : nvt/gb_ubuntu_USN_1245_1.nasl |
2011-10-31 | Name : Ubuntu Update for linux-fsl-imx51 USN-1241-1 File : nvt/gb_ubuntu_USN_1241_1.nasl |
2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1240-1 File : nvt/gb_ubuntu_USN_1240_1.nasl |
2011-10-31 | Name : Ubuntu Update for linux-ec2 USN-1239-1 File : nvt/gb_ubuntu_USN_1239_1.nasl |
2011-10-31 | Name : Ubuntu Update for linux USN-1246-1 File : nvt/gb_ubuntu_USN_1246_1.nasl |
2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
2011-10-21 | Name : CentOS Update for kernel CESA-2011:1386 centos5 i386 File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl |
2011-10-21 | Name : RedHat Update for kernel RHSA-2011:1386-01 File : nvt/gb_RHSA-2011_1386-01_kernel.nasl |
2011-10-14 | Name : Ubuntu Update for linux USN-1227-1 File : nvt/gb_ubuntu_USN_1227_1.nasl |
2011-10-14 | Name : Ubuntu Update for linux-ti-omap4 USN-1228-1 File : nvt/gb_ubuntu_USN_1228_1.nasl |
2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-13809 File : nvt/gb_fedora_2011_13809_kernel_fc15.nasl |
2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
2011-10-10 | Name : Ubuntu Update for linux USN-1225-1 File : nvt/gb_ubuntu_USN_1225_1.nasl |
2011-09-30 | Name : Ubuntu Update for linux-ti-omap4 USN-1220-1 File : nvt/gb_ubuntu_USN_1220_1.nasl |
2011-09-30 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1219-1 File : nvt/gb_ubuntu_USN_1219_1.nasl |
2011-09-23 | Name : CentOS Update for kernel CESA-2011:1212 centos5 i386 File : nvt/gb_CESA-2011_1212_kernel_centos5_i386.nasl |
2011-09-12 | Name : RedHat Update for kernel RHSA-2011:1212-01 File : nvt/gb_RHSA-2011_1212-01_kernel.nasl |
0000-00-00 | Name : FreeBSD Ports: krb5-appl File : nvt/freebsd_krb5-appl.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78303 | Linux Kernel sctp_rcv() / sctp_accept() Socket Lock Race Remote DoS |
78020 | FreeBSD telnetd Multiple telnet/libtelnet/encrypt.c encrypt_keyid() Function ... |
75240 | Linux Kernel Stream Control Transmission Protocol (SCTP) Packet Handling Remo... |
74910 | Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2012-05-03 | IAVM : 2012-A-0073 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0032171 |
2012-04-12 | IAVM : 2012-A-0055 - VMWare ESX 3.5 and ESXi 3.5 Privilege Escalation Vulnerability Severity : Category I - VMSKEY : V0031978 |
2012-04-12 | IAVM : 2012-A-0056 - Multiple Vulnerabilities in VMWare ESX 4.0 and ESXi 4.0 Severity : Category I - VMSKEY : V0031979 |
2012-02-02 | IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity : Category I - VMSKEY : V0031252 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | FreeBSD telnetd dec_keyid overflow attempt RuleID : 20813 - Revision : 9 - Type : PROTOCOL-TELNET |
2014-01-10 | FreeBSD telnetd enc_keyid overflow attempt RuleID : 20812 - Revision : 9 - Type : PROTOCOL-TELNET |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-03 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2012-0008_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-03 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2012-0006_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-03 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_telnet_20120404.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2011-0015.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote security appliance is missing a vendor-supplied patch. File : cisco-sa-20120126-wsa.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote security appliance is missing a vendor-supplied security patch. File : cisco-sa-20120126-esa.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote security appliance is missing a vendor-supplied patch. File : cisco-sa-20120126-sma.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1408.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0010.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_krb5-appl-111229.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-111026.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_krb5-appl-111229.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-111026.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-17.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-26.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-16.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1212.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1465.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1851.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1852.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2033.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0007.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1813.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1854.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1853.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111227_krb5_appl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111122_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111020_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110906_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111227_krb5_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120110_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-06-13 | Name : The Windows kernel is affected by multiple elevation of privilege vulnerabili... File : smb_nt_ms12-042.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7729.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7811.nasl - Type : ACT_GATHER_INFO |
2012-04-28 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2012-0008.nasl - Type : ACT_GATHER_INFO |
2012-03-30 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0006.nasl - Type : ACT_GATHER_INFO |
2012-02-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201202-05.nasl - Type : ACT_GATHER_INFO |
2012-01-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201201-14.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0007.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2372.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2373.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2375.nasl - Type : ACT_GATHER_INFO |
2012-01-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0007.nasl - Type : ACT_GATHER_INFO |
2012-01-06 | Name : The remote Fedora host is missing a security update. File : fedora_2011-17492.nasl - Type : ACT_GATHER_INFO |
2012-01-06 | Name : The remote Fedora host is missing a security update. File : fedora_2011-17493.nasl - Type : ACT_GATHER_INFO |
2012-01-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-111229.nasl - Type : ACT_GATHER_INFO |
2012-01-03 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_krb5-7899.nasl - Type : ACT_GATHER_INFO |
2011-12-29 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-195.nasl - Type : ACT_GATHER_INFO |
2011-12-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1852.nasl - Type : ACT_GATHER_INFO |
2011-12-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1851.nasl - Type : ACT_GATHER_INFO |
2011-12-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1852.nasl - Type : ACT_GATHER_INFO |
2011-12-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1851.nasl - Type : ACT_GATHER_INFO |
2011-12-27 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_4ddc78dc300a11e1a2aa0016ce01e285.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110930.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7812.nasl - Type : ACT_GATHER_INFO |
2011-11-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1465.nasl - Type : ACT_GATHER_INFO |
2011-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1253-1.nasl - Type : ACT_GATHER_INFO |
2011-10-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1240-1.nasl - Type : ACT_GATHER_INFO |
2011-10-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1239-1.nasl - Type : ACT_GATHER_INFO |
2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1241-1.nasl - Type : ACT_GATHER_INFO |
2011-10-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1245-1.nasl - Type : ACT_GATHER_INFO |
2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1246-1.nasl - Type : ACT_GATHER_INFO |
2011-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7734.nasl - Type : ACT_GATHER_INFO |
2011-10-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
2011-10-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
2011-10-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1228-1.nasl - Type : ACT_GATHER_INFO |
2011-10-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1227-1.nasl - Type : ACT_GATHER_INFO |
2011-10-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12874.nasl - Type : ACT_GATHER_INFO |
2011-10-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1225-1.nasl - Type : ACT_GATHER_INFO |
2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1219-1.nasl - Type : ACT_GATHER_INFO |
2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1220-1.nasl - Type : ACT_GATHER_INFO |
2011-09-26 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12823.nasl - Type : ACT_GATHER_INFO |
2011-09-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2310.nasl - Type : ACT_GATHER_INFO |
2011-09-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1212.nasl - Type : ACT_GATHER_INFO |
2011-09-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2303.nasl - Type : ACT_GATHER_INFO |
2011-09-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1212.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-03-04 13:26:25 |
|
2014-02-17 12:07:22 |
|
2013-11-11 12:41:40 |
|
2013-06-08 17:23:03 |
|