Newest Plugins

Samba 4.x < 4.0.21 / 4.1.11 nmbd Remote Code Execution


Synopsis:

The remote Samba server is affected by a remote code execution
vulnerability.

Description:

According to its banner, the version of Samba on the remote host is
4.x prior to 4.0.21 / 4.1.11. It is, therefore, affected by a flaw in
the NetBIOS name services daemon (nmbd). This flaw may allow an
attacker to execute arbitrary code as the superuser.

Note that Nessus has not tested for this issue, but has instead relied
only on the application's self-reported version number.

See also :

http://www.samba.org/samba/security/CVE-2014-3560
http://www.nessus.org/u?54321287

Solution :

Install the patch referenced in the project's advisory or upgrade to
4.0.21 / 4.1.11 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Cisco IOS XE mDNS Manipulation (CSCun64867)


Synopsis:

The remote device is affected by a manipulation vulnerability.

Description:

According to its self-reported version, the remote IOS XE device is
affected by a manipulation vulnerability.

A flaw exists due to unconstrained autonomic networking with mDNS
(multicast Domain Name System). This could allow a remote attacker to
read or overwrite autonomic networking services.

See also :

http://tools.cisco.com/security/center/viewAlert.x?alertId=34613
http://www.nessus.org/u?80adf2de

Solution :

Upgrade to a version referenced in Cisco bug ID CSCun64867.

Risk factor :

Medium / CVSS Base Score : 4.8
(CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 3.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Cisco IOS XR DHCPv6 Multiple DoS Vulnerabilities


Synopsis:

The remote device is missing vendor-supplied security patches.

Description:

The remote Cisco device is running a version of Cisco IOS XR software
that is affected by multiple denial of service vulnerabilities related
to the incorrect handling of malformed DHCPv6 packets.

See also :

http://www.nessus.org/u?63ac2b67
http://www.nessus.org/u?e6302e8a

Solution :

Apply the relevant patches referenced in Cisco bug IDs CSCul80924,
CSCum85558, CSCum20949, CSCul61849, and CSCul71149.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is (C) 2014 Tenable Network Security, Inc.

Cisco IOS IPSec Packet DoS (CSCui79745)


Synopsis:

The remote device is running a vulnerable IOS version.

Description:

According to its self-reported version, the remote IOS device is
affected by a denial of service vulnerability.

A denial of service flaw exists within IPSec packet handling. An
authenticated attacker, using a malformed IPSec packet, could cause
the device to reboot.

See also :

http://tools.cisco.com/security/center/viewAlert.x?alertId=34704
http://www.nessus.org/u?961f4076

Solution :

Upgrade to a version referenced in Cisco bug ID CSCui79745.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Cisco IOS XE SNMP DoS (CSCug65204)


Synopsis:

The remote device is affected by a denial of service vulnerability.

Description:

The remote Cisco device potentially contains an issue in the SNMP
module which may allow remote authenticated users to cause a denial of
service (device reload) via continuous SNMP polling requests.

See also :

http://www.nessus.org/u?35122de3
http://tools.cisco.com/security/center/viewAlert.x?alertId=34268

Solution :

Upgrade to a version referenced in Cisco bug ID CSCug65204.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Cisco IOS SNMP DoS (CSCug65204)


Synopsis:

The remote device is affected by a denial of service vulnerability.

Description:

The remote Cisco device potentially contains an issue in the SNMP
module which may allow remote authenticated users to cause a denial of
service (device reload) via continuous SNMP polling requests.

See also :

http://www.nessus.org/u?35122de3
http://tools.cisco.com/security/center/viewAlert.x?alertId=34268

Solution :

Upgrade to a version referenced in Cisco bug ID CSCug65204.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities


Synopsis:

The remote application server is affected by multiple vulnerabilities.

Description:

IBM WebSphere Application Server 7.0 prior to Fix Pack 33 is running
on the remote host. It is, therefore, affected by the following
vulnerabilities :

- A cross-site scripting flaw exists within the
Administration Console, where user input is improperly
validated. This could allow a remote attacker, with a
specially crafted request, to execute arbitrary script
code within the browser / server trust relationship.
(CVE-2013-6323, PI04777 and PI04880)

- A denial of service flaw exists within the Global
Security Kit when handling SSLv2 resumption during the
SSL/TLS handshake. This could allow a remote attacker
to crash the program. (CVE-2013-6329, PI05309)

- A buffer overflow flaw exists in the HTTP server with
the mod_dav module when using add-ons. This could allow
a remote attacker to cause a buffer overflow and a
denial of service. (CVE-2013-6438, PI09345)

- A cross-site scripting flaw exists within OAuth where
user input is not properly validated. This could allow
a remote attacker, with a specially crafted request, to
execute arbitrary script code within the browser /
server trust relationship. (CVE-2013-6738, PI05661)

- A denial of service flaw exists within the Global
Security Kit when handling X.509 certificate chain
during the initiation of an SSL/TLS connection. A remote
attacker, using a malformed certificate chain, could
cause the client or server to crash by hanging the
Global Security Kit. (CVE-2013-6747, PI09443)

- A denial of service flaw exists within the Apache
Commons FileUpload when parsing a content-type header
for a multipart request. A remote attacker, using a
specially crafted request, could crash the program.
(CVE-2014-0050, PI12648, PI12926 and PI13162)

- A denial of service flaw exists in the 'mod_log_config'
when logging a cookie with an unassigned value. A remote
attacker, using a specially crafted request, can cause
the program to crash. (CVE-2014-0098, PI13028)

- A remote code execution flaw exists with Apache Struts.
The failure to restrict setting of Class loader
attributes could allow a remote attacker to
execute arbitrary script code. (CVE-2014-0114, PI17190)

- An information disclosure flaw exists in the
'sun.security.rsa.RSAPadding' with 'PKCS#1' unpadding.
This many allow a remote attacker to gain timing
information intended to be protected by encryption.
(CVE-2014-0453)

- A flaw exists within 'com.sun.jndi.dns.DnsClient'
related to the randomization of query IDs. This could
allow a remote attacker to conduct spoofing attacks.
(CVE-2014-0460)

- A denial of service flaw exists in a web server plugin
on servers configured to retry failed POST request. This
could allow a remote attacker to crash the application.
(CVE-2014-0859, PI08892)

- A flaw exists with the 'IBMJCE' and 'IBMSecureRandom'
cryptographic providers by generating numbers in a
predictable manner. This could allow a remote attacker
to easily guess the output of the random number
generator. (CVE-2014-0878)

- An information disclosure flaw exists within Proxy and
ODR servers. This could allow a remote attacker, using a
specially crafted request, to gain access to potentially
sensitive information. (CVE-2014-0891, PI09786)

- A denial of service flaw exists within the IBM Security
Access Manager for Web with the Reverse Proxy component.
This could allow a remote attacker, using specially
crafted TLS traffic, to cause the application on the
system to become unresponsive. (CVE-2014-0963, PI17025)

- An information disclosure flaw exists when handling SOAP
responses. This could allow a remote attacker to
potentially gain access to sensitive information.
(CVE-2014-0965, PI11434)

- An information disclosure flaw exists. A remote
attacker, using a specially crafted URL, could gain
access to potentially sensitive information.
(CVE-2014-3022, PI09594)

See also :

https://www-304.ibm.com/support/docview.wss?uid=swg21676091
https://www-304.ibm.com/support/docview.wss?uid=swg21659548
https://www-304.ibm.com/support/docview.wss?uid=swg21663941
https://www-304.ibm.com/support/docview.wss?uid=swg21667254
https://www-304.ibm.com/support/docview.wss?uid=swg21667526
https://www-304.ibm.com/support/docview.wss?uid=swg21672843
https://www-304.ibm.com/support/docview.wss?uid=swg21672316
https://www-304.ibm.com/support/docview.wss?uid=swg21673013

Solution :

If using WebSphere Application Server, apply Fix Pack 33 (7.0.0.33) or
later.

Otherwise, if using embedded WebSphere Application Server packaged
with Tivoli Directory Server, apply the latest recommended eWAS fix
pack.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

VMware Horizon View Client < 3.0.0 Multiple SSL Vulnerabilities (VMSA-2014-0006)


Synopsis:

The remote host has a virtual desktop solution that is affected by
multiple vulnerabilities.

Description:

The version of VMware Horizon View Client installed on the remote host
is a version prior to 3.0.0. It is, therefore, affected by multiple
vulnerabilities in the bundled OpenSSL library :

- An error exists in the function 'ssl3_read_bytes'
that could allow data to be injected into other
sessions or allow denial of service attacks. Note
this issue is only exploitable if
'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)

- A buffer overflow error exists related to invalid DTLS
fragment handling that could lead to execution of
arbitrary code. Note this issue only affects OpenSSL
when used as a DTLS client or server. (CVE-2014-0195)

- An error exists in the function 'do_ssl3_write' that
could allow a null pointer to be dereferenced leading
to denial of service attacks. Note this issue is
exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is
enabled. (CVE-2014-0198)

- An error exists related to DTLS handshake handling that
could lead to denial of service attacks. Note this
issue only affects OpenSSL when used as a DTLS client.
(CVE-2014-0221)

- An unspecified error exists that could allow an
attacker to cause usage of weak keying material
leading to simplified man-in-the-middle attacks.
(CVE-2014-0224)

- An unspecified error exists related to anonymous ECDH
cipher suites that could allow denial of service
attacks. Note this issue only affects OpenSSL TLS
clients. (CVE-2014-3470)

See also :

https://www.vmware.com/security/advisories/VMSA-2014-0006
http://www.openssl.org/news/secadv_20140605.txt

Solution :

Upgrade to VMware Horizon View Client 3.0.0 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

VMware Horizon View Client < 3.0.0 Multiple SSL Vulnerabilities (VMSA-2014-0006) (Mac OS X)


Synopsis:

The remote Mac OS X host has a virtual desktop solution that is
affected by multiple vulnerabilities.

Description:

The version of VMware Horizon View Client installed on the remote Mac
OS X host is a version prior to 3.0.0. It is, therefore, affected by
multiple vulnerabilities in the bundled OpenSSL library :

- An error exists in the function 'ssl3_read_bytes'
that could allow data to be injected into other
sessions or allow denial of service attacks. Note
this issue is only exploitable if
'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)

- A buffer overflow error exists related to invalid DTLS
fragment handling that could lead to execution of
arbitrary code. Note this issue only affects OpenSSL
when used as a DTLS client or server. (CVE-2014-0195)

- An error exists in the function 'do_ssl3_write' that
could allow a null pointer to be dereferenced leading
to denial of service attacks. Note this issue is
exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is
enabled. (CVE-2014-0198)

- An error exists related to DTLS handshake handling that
could lead to denial of service attacks. Note this
issue only affects OpenSSL when used as a DTLS client.
(CVE-2014-0221)

- An unspecified error exists that could allow an
attacker to cause usage of weak keying material
leading to simplified man-in-the-middle attacks.
(CVE-2014-0224)

- An unspecified error exists related to anonymous ECDH
cipher suites that could allow denial of service
attacks. Note this issue only affects OpenSSL TLS
clients. (CVE-2014-3470)

See also :

https://www.vmware.com/security/advisories/VMSA-2014-0006
http://www.openssl.org/news/secadv_20140605.txt

Solution :

Upgrade to VMware Horizon View Client 3.0.0 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

VMware Horizon View Client Detection


Synopsis:

A desktop virtualization application is installed on the remote host.

Description:

VMware Horizon View Client, a component of VMware Horizon View, is
installed on the remote host.

See also :

http://www.vmware.com/products/horizon-view

Solution :

n/a

Risk factor :

None

This script is Copyright (C) 2014 Tenable Network Security, Inc.

VMware Horizon View Client Detection (Mac OS X)


Synopsis:

A desktop virtualization application is installed on the remote host.

Description:

VMware Horizon View Client, a component of VMware Horizon View, is
installed on the remote host.

See also :

http://www.vmware.com/products/horizon-view

Solution :

n/a

Risk factor :

None

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Ubuntu 12.04 LTS / 14.04 : kde4libs vulnerability (USN-2304-1)


Synopsis:

The remote Ubuntu host is missing a security-related patch.

Description:

It was discovered that kauth was using polkit in an unsafe manner. A
local attacker could possibly use this issue to bypass intended polkit
authorizations.

Solution :

Update the affected kdelibs5-plugins package.

Risk factor :

High

Ubuntu Security Notice (C) 2014 Canonical, Inc. / NASL script (C) 2014 Tenable Network Security, Inc.

Ubuntu 14.04 : unity vulnerability (USN-2303-1)


Synopsis:

The remote Ubuntu host is missing a security-related patch.

Description:

It was discovered that in certain circumstances Unity failed to
successfully grab the keyboard when switching to the lock screen. A
local attacker could possibly use this issue to run commands, and
unlock the current session.

Solution :

Update the affected unity package.

Risk factor :

High

Ubuntu Security Notice (C) 2014 Canonical, Inc. / NASL script (C) 2014 Tenable Network Security, Inc.

openSUSE Security Update : pulseaudio (openSUSE-2014-477)


Synopsis:

The remote openSUSE host is missing a security update.

Description:


This update fixes the following security issue:
(bnc#881524)
CVE-2014-3970 - Denial of service in module-rtp-recv

Solution :

Update the affected pulseaudio packages.

Risk factor :

Low / CVSS Base Score : 2.9
(CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

openSUSE Security Update : MozillaFirefox (openSUSE-2014-476)


Synopsis:

The remote openSUSE host is missing a security update.

Description:

MozillaFirefox was updated to version 31 to fix various security
issues and bugs :

- MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous
memory safety hazards

- MFSA 2014-57/CVE-2014-1549 (bmo#1020205) Buffer overflow
during Web Audio buffering for playback

- MFSA 2014-58/CVE-2014-1550 (bmo#1020411) Use-after-free
in Web Audio due to incorrect control message ordering

- MFSA 2014-60/CVE-2014-1561 (bmo#1000514, bmo#910375)
Toolbar dialog customization event spoofing

- MFSA 2014-61/CVE-2014-1555 (bmo#1023121) Use-after-free
with FireOnStateChange event

- MFSA 2014-62/CVE-2014-1556 (bmo#1028891) Exploitable
WebGL crash with Cesium JavaScript library

- MFSA 2014-63/CVE-2014-1544 (bmo#963150) Use-after-free
while when manipulating certificates in the trusted
cache (solved with NSS 3.16.2 requirement)

- MFSA 2014-64/CVE-2014-1557 (bmo#913805) Crash in Skia
library when scaling high quality images

- MFSA 2014-65/CVE-2014-1558/CVE-2014-1559/CVE-2014-1560
(bmo#1015973, bmo#1026022, bmo#997795) Certificate
parsing broken by non-standard character encoding

- MFSA 2014-66/CVE-2014-1552 (bmo#985135) IFRAME sandbox
same-origin access through redirect

Mozilla-nss was updated to 3.16.3: New Functions :

- CERT_GetGeneralNameTypeFromString (This function was
already added in NSS 3.16.2, however, it wasn't declared
in a public header file.) Notable Changes :

- The following 1024-bit CA certificates were removed

- Entrust.net Secure Server Certification Authority

- GTE CyberTrust Global Root

- ValiCert Class 1 Policy Validation Authority

- ValiCert Class 2 Policy Validation Authority

- ValiCert Class 3 Policy Validation Authority

- Additionally, the following CA certificate was removed
as requested by the CA :

- TDC Internet Root CA

- The following CA certificates were added :

- Certification Authority of WoSign

- CA 沃






- DigiCert Assured ID Root G2

- DigiCert Assured ID Root G3

- DigiCert Global Root G2

- DigiCert Global Root G3

- DigiCert Trusted Root G4

- QuoVadis Root CA 1 G3

- QuoVadis Root CA 2 G3

- QuoVadis Root CA 3 G3

- The Trust Bits were changed for the following CA
certificates

- Class 3 Public Primary Certification Authority

- Class 3 Public Primary Certification Authority

- Class 2 Public Primary Certification Authority - G2

- VeriSign Class 2 Public Primary Certification Authority
- G3

- AC Raí
z Certicá
mara S.A.

- NetLock Uzleti (Class B) Tanusitvanykiado

- NetLock Expressz (Class C) Tanusitvanykiado changes in
3.16.2 New functionality :

- DTLS 1.2 is supported.

- The TLS application layer protocol negotiation (ALPN)
extension is also supported on the server side.

- RSA-OEAP is supported. Use the new PK11_PrivDecrypt and
PK11_PubEncrypt functions with the CKM_RSA_PKCS_OAEP
mechanism.

- New Intel AES assembly code for 32-bit and 64-bit
Windows, contributed by Shay Gueron and Vlad Krasnov of
Intel. Notable Changes :

- The btoa command has a new command-line option -w
suffix, which causes the output to be wrapped in
BEGIN/END lines with the given suffix

- The certutil commands supports additionals types of
subject alt name extensions.

- The certutil command supports generic certificate
extensions, by loading binary data from files, which
have been prepared using external tools, or which have
been extracted from other existing certificates and
dumped to file.

- The certutil command supports three new certificate
usage specifiers.

- The pp command supports printing UTF-8 (-u).

- On Linux, NSS is built with the -ffunction-sections
-fdata-sections compiler flags and the --gc-sections
linker flag to allow unused functions to be discarded.
changes in 3.16.1 New functionality :

- Added the 'ECC' flag for modutil to select the module
used for elliptic curve cryptography (ECC) operations.
New Macros

- PUBLIC_MECH_ECC_FLAG a public mechanism flag for
elliptic curve cryptography (ECC) operations

- SECMOD_ECC_FLAG an NSS-internal mechanism flag for
elliptic curve cryptography (ECC) operations. This macro
has the same numeric value as PUBLIC_MECH_ECC_FLAG.
Notable Changes :

- Imposed name constraints on the French government root
CA ANSSI (DCISS).

See also :

https://bugzilla.novell.com/show_bug.cgi?id=887746

Solution :

Update the affected MozillaFirefox packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

openSUSE Security Update : ntp (openSUSE-2014-474)


Synopsis:

The remote openSUSE host is missing a security update.

Description:

The NTP time service could be used for remote denial of service
amplification attacks.

This issue can be fixed by the administrator as we described in our
security advisory SUSE-SA:2014:001
http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005.
html

and on http://support.novell.com/security/cve/CVE-2013-5211.html

This update now also replaces the default ntp.conf template to fix
this problem.

Please note that if you have touched or modified ntp.conf yourself, it
will not be automatically fixed, you need to merge the changes
manually as described.

See also :

http://www.nessus.org/u?cf39e777
http://support.novell.com/security/cve/CVE-2013-5211.html
https://bugzilla.novell.com/show_bug.cgi?id=857195

Solution :

Update the affected ntp packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

openSUSE Security Update : php5 (openSUSE-2014-471)


Synopsis:

The remote openSUSE host is missing a security update.

Description:

php5 was updated to fix security issues :

CVE-2014-4670: Use-after-free vulnerability in ext/spl/spl_dllist.c in
the SPL component in PHP allowed context-dependent attackers to cause
a denial of service or possibly have unspecified other impact via
crafted iterator usage within applications in certain web-hosting
environments.

CVE-2014-4698: Use-after-free vulnerability in ext/spl/spl_array.c in
the SPL component in PHP allowed context-dependent attackers to cause
a denial of service or possibly have unspecified other impact via
crafted ArrayIterator usage within applications in certain web-hosting
environments.

CVE-2014-4721: The phpinfo implementation in ext/standard/info.c in
PHP did not ensure use of the string data type for the PHP_AUTH_PW,
PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might
allow context-dependent attackers to obtain sensitive information from
process memory by using the integer data type with crafted values,
related to a 'type confusion' vulnerability, as demonstrated by
reading a private SSL key in an Apache HTTP Server web-hosting
environment with mod_ssl and a PHP 5.3.x mod_php.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=885961
https://bugzilla.novell.com/show_bug.cgi?id=886059
https://bugzilla.novell.com/show_bug.cgi?id=886060

Solution :

Update the affected php5 packages.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

openSUSE Security Update : apache2-mod_wsgi (openSUSE-2014-470)


Synopsis:

The remote openSUSE host is missing a security update.

Description:

apache2-mod_wsgi was updated to fix a small of-by-one error in its use
of setgroups.

Please see
http://modwsgi.readthedocs.org/en/latest/release-notes/version-4.2.4.h
tml for more information.

See also :

http://www.nessus.org/u?e7a37c36
https://bugzilla.novell.com/show_bug.cgi?id=883229

Solution :

Update the affected apache2-mod_wsgi packages.

Risk factor :

Medium

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Mandriva Linux Security Advisory : dbus (MDVSA-2014:148)


Synopsis:

The remote Mandriva Linux host is missing one or more security
updates.

Description:

Updated dbus packages fix security vulnerabilities :

A flaw was reported in D-Bus's file descriptor passing feature. A
local attacker could use this flaw to cause a service or application
to disconnect from the bus, typically resulting in that service or
application exiting (CVE-2014-3532).

A flaw was reported in D-Bus's file descriptor passing feature. A
local attacker could use this flaw to cause an invalid file descriptor
to be forwarded to a service or application, causing it to disconnect
from the bus, typically resulting in that service or application
exiting (CVE-2014-3533).

See also :

http://advisories.mageia.org/MGASA-2014-0294.html

Solution :

Update the affected packages.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 1.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Mandriva Linux Security Advisory : sendmail (MDVSA-2014:147)


Synopsis:

The remote Mandriva Linux host is missing one or more security
updates.

Description:

Updated sendmail packages fix security vulnerability :

Sendmail before 8.14.9 does not properly closing file descriptors
before executing programs. This bug could enable local users to
interfere with an open SMTP connection if they can execute their own
program for mail delivery (e.g., via procmail or the prog mailer)
(CVE-2014-3956).

See also :

http://advisories.mageia.org/MGASA-2014-0270.html

Solution :

Update the affected packages.

Risk factor :

Low / CVSS Base Score : 1.9
(CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 1.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Mandriva Linux Security Advisory : file (MDVSA-2014:146)


Synopsis:

The remote Mandriva Linux host is missing one or more security
updates.

Description:

A vulnerability has been found and corrected in file :

file before 5.19 does not properly restrict the amount of data read
during a regex search, which allows remote attackers to cause a denial
of service (CPU consumption) via a crafted file that triggers
backtracking during processing of an awk rule. NOTE: this
vulnerability exists because of an incomplete fix for CVE-2013-7345
(CVE-2014-3538).

The updated packages have been patched to correct this issue.

See also :

http://www.ubuntu.com/usn/usn-2278-1/

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Mandriva Linux Security Advisory : php-ZendFramework (MDVSA-2014:145)


Synopsis:

The remote Mandriva Linux host is missing one or more security
updates.

Description:

A vulnerability has been found and corrected in php-ZendFramework :

The implementation of the ORDER BY SQL statement in Zend_Db_Select of
Zend Framework 1 contains a potential SQL injection when the query
string passed contains parentheses (CVE-2014-4914).

The updated packages have been upgraded to the latest ZendFramework
(1.12.7) version which is not vulnerable to this issue.

See also :

http://framework.zend.com/security/advisory/ZF2014-04

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

FreeBSD : kdelibs -- KAuth PID Reuse Flaw (2f90556f-18c6-11e4-9cc4-5453ed2e2b49)


Synopsis:

The remote FreeBSD host is missing a security-related update.

Description:

Martin Sandsmark reports :

The KAuth framework uses polkit-1 API which tries to authenticate
using the requestors PID. This is prone to PID reuse race conditions.

This potentially allows a malicious application to pose as another for
authentication purposes when executing privileged actions.

See also :

http://lists.kde.org/?l=kde-announce&m=140674898412923&w=2
http://www.nessus.org/u?430d9a77

Solution :

Update the affected package.

Risk factor :

High

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Debian DSA-2994-1 : nss - security update


Synopsis:

The remote Debian host is missing a security-related update.

Description:

Several vulnerabilities have been discovered in nss, the Mozilla
Network Security Service library :

- CVE-2013-1741
Runaway memset in certificate parsing on 64-bit
computers leading to a crash by attempting to write 4Gb
of nulls.

- CVE-2013-5606
Certificate validation with the verifylog mode did not
return validation errors, but instead expected
applications to determine the status by looking at the
log.

- CVE-2014-1491
Ticket handling protection mechanisms bypass due to the
lack of restriction of public values in Diffie-Hellman
key exchanges.

- CVE-2014-1492
Incorrect IDNA domain name matching for wildcard
certificates could allow specially-crafted invalid
certificates to be considered as valid.

See also :

https://security-tracker.debian.org/tracker/CVE-2013-1741
https://security-tracker.debian.org/tracker/CVE-2013-5606
https://security-tracker.debian.org/tracker/CVE-2014-1491
https://security-tracker.debian.org/tracker/CVE-2014-1492
http://www.debian.org/security/2014/dsa-2994

Solution :

Upgrade the nss packages.

For the stable distribution (wheezy), these problems have been fixed
in version 2:3.14.5-1+deb7u1.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Debian DSA-2993-1 : tor - security update


Synopsis:

The remote Debian host is missing a security-related update.

Description:

Several issues have been discovered in Tor, a connection-based
low-latency anonymous communication system, resulting in information
leaks.

- Relay-early cells could be used by colluding relays on
the network to tag user circuits and so deploy traffic
confirmation attacks [ CVE-2014-5117]. The updated
version emits a warning and drops the circuit upon
receiving inbound relay-early cells, preventing this
specific kind of attack. Please consult the following
advisory for more details about this issue :
https://blog.torproject.org/blog/tor-security-advisory-r
elay-early-traffic-confirmation-attack

- A bug in the bounds-checking in the 32-bit
curve25519-donna implementation could cause incorrect
results on 32-bit implementations when certain malformed
inputs were used along with a small class of private
ntor keys. This flaw does not currently appear to allow
an attacker to learn private keys or impersonate a Tor
server, but it could provide a means to distinguish
32-bit Tor implementations from 64-bit Tor
implementations.
The following additional security-related improvements have been
implemented :

- As a client, the new version will effectively stop using
CREATE_FAST cells. While this adds computational load on
the network, this approach can improve security on
connections where Tor's circuit handshake is stronger
than the available TLS connection security levels.
- Prepare clients to use fewer entry guards by honoring
the consensus parameters. The following article provides
some background :

https://blog.torproject.org/blog/improving-tors-anonymit
y-changing-guard-parameters

See also :

https://security-tracker.debian.org/tracker/CVE-2014-5117
http://www.nessus.org/u?df709f16
http://www.nessus.org/u?e5cae368
http://www.debian.org/security/2014/dsa-2993

Solution :

Upgrade the tor packages.

For the stable distribution (wheezy), these problems have been fixed
in version 0.2.4.23-1~deb7u1.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

CentOS 6 : kernel (CESA-2014:0981)


Synopsis:

The remote CentOS host is missing one or more security updates.

Description:

Updated kernel packages that fix multiple security issues, several
bugs, and add one enhancement are now available for Red Hat Enterprise
Linux 6.

The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

* A use-after-free flaw was found in the way the ping_init_sock()
function of the Linux kernel handled the group_info reference counter.
A local, unprivileged user could use this flaw to crash the system or,
potentially, escalate their privileges on the system. (CVE-2014-2851,
Important)

* A NULL pointer dereference flaw was found in the way the
futex_wait_requeue_pi() function of the Linux kernel's futex subsystem
handled the requeuing of certain Priority Inheritance (PI) futexes. A
local, unprivileged user could use this flaw to crash the system.
(CVE-2012-6647, Moderate)

* A NULL pointer dereference flaw was found in the
rds_ib_laddr_check() function in the Linux kernel's implementation of
Reliable Datagram Sockets (RDS). A local, unprivileged user could use
this flaw to crash the system. (CVE-2013-7339, Moderate)

* It was found that a remote attacker could use a race condition flaw
in the ath_tx_aggr_sleep() function to crash the system by creating
large network traffic on the system's Atheros 9k wireless network
adapter. (CVE-2014-2672, Moderate)

* A NULL pointer dereference flaw was found in the
rds_iw_laddr_check() function in the Linux kernel's implementation of
Reliable Datagram Sockets (RDS). A local, unprivileged user could use
this flaw to crash the system. (CVE-2014-2678, Moderate)

* A race condition flaw was found in the way the Linux kernel's
mac80211 subsystem implementation handled synchronization between TX
and STA wake-up code paths. A remote attacker could use this flaw to
crash the system. (CVE-2014-2706, Moderate)

* An out-of-bounds memory access flaw was found in the Netlink
Attribute extension of the Berkeley Packet Filter (BPF) interpreter
functionality in the Linux kernel's networking implementation. A
local, unprivileged user could use this flaw to crash the system or
leak kernel memory to user space via a specially crafted socket
filter. (CVE-2014-3144, CVE-2014-3145, Moderate)

This update also fixes several bugs and adds one enhancement.
Documentation for these changes will be available shortly from the
Technical Notes document linked to in the References section.

All kernel users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues and add this
enhancement. The system must be rebooted for this update to take
effect.

See also :

http://www.nessus.org/u?34f19c8d

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.2
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

VMware vCenter Converter Multiple Vulnerabilities (VMSA-2014-0006)


Synopsis:

The remote host has an application installed that is affected by
multiple vulnerabilities.

Description:

The version of VMware vCenter Converter installed on the remote
Windows host is version 5.1.x prior to 5.1.1 or 5.5.x prior to 5.5.2.
It is, therefore, affected by multiple vulnerabilities in the bundled
OpenSSL library :

- An error exists in the function 'ssl3_read_bytes'
that could allow data to be injected into other
sessions or allow denial of service attacks. Note
this issue is only exploitable if
'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)

- A buffer overflow error exists related to invalid DTLS
fragment handling that could lead to execution of
arbitrary code. Note this issue only affects OpenSSL
when used as a DTLS client or server. (CVE-2014-0195)

- An error exists in the function 'do_ssl3_write' that
could allow a null pointer to be dereferenced leading
to denial of service attacks. Note this issue is
exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is
enabled. (CVE-2014-0198)

- An error exists related to DTLS handshake handling that
could lead to denial of service attacks. Note this
issue only affects OpenSSL when used as a DTLS client.
(CVE-2014-0221)

- An unspecified error exists that could allow an
attacker to cause usage of weak keying material
leading to simplified man-in-the-middle attacks.
(CVE-2014-0224)

- An unspecified error exists related to anonymous ECDH
cipher suites that could allow denial of service
attacks. Note this issue only affects OpenSSL TLS
clients. (CVE-2014-3470)

See also :

http://www.vmware.com/security/advisories/VMSA-2014-0006.html
http://www.openssl.org/news/secadv_20140605.txt

Solution :

Upgrade to VMware vCenter Converter 5.1.1, 5.5.2, or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

VMware vCenter Converter Installed


Synopsis:

The remote Windows host has a tool for virtual machine creation
installed.

Description:

VMware vCenter Converter, a tool for converting physical machines to
virtual machines, is installed on the remote Windows host.

See also :

https://www.vmware.com/products/converter/

Solution :

n/a

Risk factor :

None

This script is Copyright (C) 2014 Tenable Network Security, Inc.

VMware Horizon View Multiple Vulnerabilities (VMSA-2014-0006)


Synopsis:

The remote Windows host has an application installed that is affected
by multiple vulnerabilities.

Description:

The version of VMware Horizon View installed on the remote Windows
host is version 5.3.x prior to 5.3.2 or 5.3.x prior to 5.3 Feature
Pack 3. It is, therefore, affected by multiple vulnerabilities in the
bundled OpenSSL library :

- An error exists in the function 'ssl3_read_bytes'
that could allow data to be injected into other
sessions or allow denial of service attacks. Note
this issue is only exploitable if
'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)

- A buffer overflow error exists related to invalid DTLS
fragment handling that could lead to execution of
arbitrary code. Note this issue only affects OpenSSL
when used as a DTLS client or server. (CVE-2014-0195)

- An error exists in the function 'do_ssl3_write' that
could allow a null pointer to be dereferenced leading
to denial of service attacks. Note this issue is
exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is
enabled. (CVE-2014-0198)

- An error exists related to DTLS handshake handling that
could lead to denial of service attacks. Note this
issue only affects OpenSSL when used as a DTLS client.
(CVE-2014-0221)

- An unspecified error exists that could allow an
attacker to cause usage of weak keying material
leading to simplified man-in-the-middle attacks.
(CVE-2014-0224)

- An unspecified error exists related to anonymous ECDH
cipher suites that could allow denial of service
attacks. Note this issue only affects OpenSSL TLS
clients. (CVE-2014-3470)

See also :

http://lists.vmware.com/pipermail/security-announce/2014/000259.html
http://www.vmware.com/security/advisories/VMSA-2014-0006.html
http://www.openssl.org/news/secadv_20140605.txt

Solution :

Upgrade to VMware Horizon View 5.3.2 / 5.3 Feature Pack 3 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

VMware Horizon View Installed


Synopsis:

A desktop virtualization application is installed on the remote host.

Description:

VMware Horizon View, a desktop virtualization product that allows
users to connect to virtualized and remote machines in a managed pool,
is installed on the remote host.

See also :

http://www.vmware.com/products/horizon-view

Solution :

n/a

Risk factor :

None

This script is Copyright (C) 2014 Tenable Network Security, Inc.

CKEditor Preview Plugin Unspecified XSS


Synopsis:

The remote web server hosts a PHP script that is affected by a
cross-site scripting vulnerability.

Description:

The version of CKEditor installed on the remote host is affected by a
cross-site scripting vulnerability.

The included 'Preview' plugin fails to properly sanitize user-supplied
input. A remote, unauthenticated attacker can leverage this issue to
inject arbitrary HTML and script code into a user's browser to be
executed within the security context of the affected site.

See also :

http://ckeditor.com/blog/CKEditor-4.4.3-Released

Solution :

Upgrade to version 4.4.3 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

F5 Networks BIG-IP Web Interface Default Credential Check


Synopsis:

The remote host is running a web administration interface with known
default credentials.

Description:

Nessus was able to login to the administrative interface on the remote
F5 Networks BIG-IP device using a known set of default credentials.

See also :

http://www.nessus.org/u?ec6a297f

Solution :

Change the password for the 'admin' account.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 10.0
(CVSS2#E:H/RL:ND/RC:ND)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Default Password (default) for 'root' Account


Synopsis:

The remote system can be accessed with a default account.

Description:

The account 'root' on the remote host has the password 'default'.

An attacker may leverage this issue to gain administrative access to
the affected system.

Note that F5 Networks is known to use these credentials to provide
complete administrative access to its appliances.

See also :

http://www.nessus.org/u?ec6a297f

Solution :

Set a strong password for this account or use ACLs to restrict access
to the host.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 10.0
(CVSS2#E:H/RL:ND/RC:ND)
Public Exploit Available : true

This script is Copyright (C) 2014 Tenable Network Security, Inc.

F5 Networks BIG-IP Detection


Synopsis:

An F5 Networks BIG-IP system was detected on the remote host.

Description:

Nessus was able to obtain version information for an F5 Networks
BIG-IP device on the remote host via SSH.

See also :

https://f5.com/products/big-ip/

Solution :

n/a

Risk factor :

None

This script is Copyright (C) 2014 Tenable Network Security, Inc.

RT 4.2.x < 4.2.5 DoS


Synopsis:

The version of RT on the remote host is affected by a denial of
service vulnerability.

Description:

According to its self-reported version number, the installation of RT
(Request Tracker) hosted on the remote web server is potentially
affected by a denial of service vulnerability.

RT versions 4.2.0, 4.2.1, and 4.2.2 contain a flaw in the Perl CPAN
Email::Address::List module that can be triggered by submitting a
string without an address value. This can result in an overconsumption
of CPU resources which an attacker may leverage in order to cause a
denial of service condition.

Note that Nessus has not tested for this issue, but instead has relied
on the application's self-reported version number.

See also :

http://www.bestpractical.com/release-notes/rt/4.2.5
http://www.nessus.org/u?c21c8430

Solution :

Upgrade to RT 4.2.5 or Email::Address::List 0.02.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Oracle Traffic Director Multiple Vulnerabilities (July 2014 CPU)


Synopsis:

The remote host is running software with multiple vulnerabilities.

Description:

The remote host is running an unpatched version of Oracle Traffic
Director that is affected by the following vulnerabilities :

- The implementation of Network Security Services (NSS)
does not ensure that data structures are initialized,
which could result in a denial of service or disclosure
of sensitive information. (CVE-2013-1739)

- The implementation of Network Security Services (NSS)
does not properly handle the TLS False Start feature
and could allow man-in-the-middle attacks.
(CVE-2013-1740)

- NSS contains an integer overflow flaw that allows
remote attackers to cause a denial of service.
(CVE-2013-1741)

- An error exists in the 'Null_Cipher' function in the
file 'ssl/ssl3con.c' related to handling invalid
handshake packets that could allow arbitrary code
execution. (CVE-2013-5605)

- An error exists in the 'CERT_VerifyCert' function in
the file 'lib/certhigh/certvfy.c' that could allow
invalid certificates to be treated as valid.
(CVE-2013-5606)

- Errors exist related to the included Network Security
Services (NSS) libraries, 'NewSessionTicket'
handshakes, and public Diffie-Hellman values that could
allow application crashes and possibly arbitrary code
execution. (CVE-2014-1490, CVE-2014-1491)

- An issue exists in the Network Security (NSS) library
due to improper handling of IDNA domain prefixes for
wildcard certificates. This issue could allow man-in-
the-middle attacks. (CVE-2014-1492)

See also :

http://www.nessus.org/u?7de2f8eb

Solution :

Apply the appropriate patch according to the vendor advisory.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Oracle Traffic Director Administration Console Detection


Synopsis:

The remote host is running a web administration console for an
application delivery controller / load balancer.

Description:

Nessus detected the Oracle Traffic Director web administration
console. Oracle Traffic Director is an application delivery controller
/ load balancing solution.

See also :

http://www.oracle.com/technetwork/middleware/otd/overview/index.html

Solution :

n/a

Risk factor :

None

This script is Copyright (C) 2014 Tenable Network Security, Inc.

CUPS 1.7.x < 1.7.4 'get_file' Function Symlink Handling Info Disclosure


Synopsis:

The remote print service is potentially affected by an information
disclosure vulnerability.

Description:

According to its banner, the version of CUPS installed on the remote
host is 1.7.x prior to 1.7.4. It is, therefore, potentially affected
by an information disclosure vulnerability.

A flaw exists in the 'get_file' function within the file
'scheduler/client.c' regarding the handling of symlinks. This could
allow a local attacker to cause normally protected files to be
accessible via the web interface.

Note that Nessus has not tested for this issue, but has instead relied
only on the application's self-reported version number.

See also :

http://www.cups.org/blog.php?L724
https://cups.org/str.php?L4450
https://cups.org/strfiles.php/3363/str4450.patch

Solution :

Either upgrade to CUPS version 1.7.4 or later, or apply the vendor
patch.

Risk factor :

Medium / CVSS Base Score : 4.4
(CVSS2#AV:L/AC:M/Au:S/C:C/I:N/A:N)
CVSS Temporal Score : 3.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Ubuntu 10.04 LTS / 12.04 LTS / 14.04 : tomcat6, tomcat7 vulnerabilities (USN-2302-1)


Synopsis:

The remote Ubuntu host is missing one or more security-related patches.

Description:

David Jorm discovered that Tomcat incorrectly handled certain requests
submitted using chunked transfer encoding. A remote attacker could use
this flaw to cause the Tomcat server to consume resources, resulting
in a denial of service. (CVE-2014-0075)

It was discovered that Tomcat did not properly restrict XSLT
stylesheets. An attacker could use this issue with a crafted web
application to bypass security-manager restrictions and read arbitrary
files. (CVE-2014-0096)

It was discovered that Tomcat incorrectly handled certain
Content-Length headers. A remote attacker could use this flaw in
configurations where Tomcat is behind a reverse proxy to perform HTTP
request smuggling attacks. (CVE-2014-0099).

Solution :

Update the affected libtomcat6-java and / or libtomcat7-java packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Ubuntu Security Notice (C) 2014 Canonical, Inc. / NASL script (C) 2014 Tenable Network Security, Inc.

openSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)


Synopsis:

The remote openSUSE host is missing a security update.

Description:


This update fixes the following security issue:
(bnc#881524)
CVE-2014-3970 - Denial of service in module-rtp-recv

Solution :

Update the affected openSUSE-2014- packages.

Risk factor :

Low / CVSS Base Score : 2.9
(CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P)

This script is Copyright (C) 2014 Tenable Network Security, Inc.