Newest Plugins

SUSE SLED11 / SLES11 Security Update : curl (SUSE-SU-2015:0962-1)


Synopsis:

The remote SUSE host is missing one or more security updates.

Description:

The curl tool and libcurl4 library have been updated to fix several
security and non-security issues.

The following vulnerabilities have been fixed :

  • CVE-2015-3143: Re-using authenticated connection when
    unauthenticated. (bsc#927556)
  • CVE-2015-3148: Negotiate not
    treated as connection-oriented. (bsc#927746)
  • CVE-2015-3153:
    Sensitive HTTP server headers also sent to proxies. (bsc#928533)



The following non-security issue has been fixed :

  • git fails to clone from https repository. (bsc#927174)



Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.suse.com/927174
https://bugzilla.suse.com/927556
https://bugzilla.suse.com/927746
https://bugzilla.suse.com/928533
http://www.nessus.org/u?386b8563
https://www.suse.com/security/cve/CVE-2015-3143.html
https://www.suse.com/security/cve/CVE-2015-3148.html
https://www.suse.com/security/cve/CVE-2015-3153.html
http://www.nessus.org/u?0afcc3ad

Solution :

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 11 SP3 :

zypper in -t patch sdksp3-curl=10660

SUSE Linux Enterprise Server 11 SP3 for VMware :

zypper in -t patch slessp3-curl=10660

SUSE Linux Enterprise Server 11 SP3 :

zypper in -t patch slessp3-curl=10660

SUSE Linux Enterprise Desktop 11 SP3 :

zypper in -t patch sledsp3-curl=10660

To bring your system up-to-date, use 'zypper patch'.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

FreeBSD : wireshark -- multiple vulnerabilities (a13500d0-0570-11e5-aab1-d050996490d0)


Synopsis:

The remote FreeBSD host is missing one or more security-related
updates.

Description:

Wireshark development team reports :

The following vulnerabilities have been fixed.

- wnpa-sec-2015-12

The LBMR dissector could go into an infinite loop. (Bug 11036)
CVE-2015-3808, CVE-2015-3809

- wnpa-sec-2015-13

The WebSocket dissector could recurse excessively. (Bug 10989)
CVE-2015-3810

- wnpa-sec-2015-14

The WCP dissector could crash while decompressing data. (Bug 10978)
CVE-2015-3811

- wnpa-sec-2015-15

The X11 dissector could leak memory. (Bug 11088) CVE-2015-3812

- wnpa-sec-2015-16

The packet reassembly code could leak memory. (Bug 11129)
CVE-2015-3813

- wnpa-sec-2015-17

The IEEE 802.11 dissector could go into an infinite loop. (Bug 11110)
CVE-2015-3814

- wnpa-sec-2015-18

The Android Logcat file parser could crash. Discovered by Hanno Böck.
(Bug 11188) CVE-2015-3815

See also :

https://www.wireshark.org/docs/relnotes/wireshark-1.12.5.html
https://www.wireshark.org/security/wnpa-sec-2015-12.html
https://www.wireshark.org/security/wnpa-sec-2015-13.html
https://www.wireshark.org/security/wnpa-sec-2015-14.html
https://www.wireshark.org/security/wnpa-sec-2015-15.html
https://www.wireshark.org/security/wnpa-sec-2015-16.html
https://www.wireshark.org/security/wnpa-sec-2015-17.html
https://www.wireshark.org/security/wnpa-sec-2015-18.html
http://www.nessus.org/u?3fef69df

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

FreeBSD : krb5 -- requires_preauth bypass in PKINIT-enabled KDC (406636fe-055d-11e5-aab1-d050996490d0)


Synopsis:

The remote FreeBSD host is missing one or more security-related
updates.

Description:

MIT reports :

In MIT krb5 1.12 and later, when the KDC is configured with PKINIT
support, an unauthenticated remote attacker can bypass the
requires_preauth flag on a client principal and obtain a ciphertext
encrypted in the principal's long-term key. This ciphertext could be
used to conduct an off-line dictionary attack against the user's
password.

See also :

http://krbdev.mit.edu/rt/Ticket/Display.html?id=8160
http://www.nessus.org/u?85ff9051

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Fedora 22 : postgresql-9.4.2-1.fc22 (2015-8815)


Synopsis:

The remote Fedora host is missing a security update.

Description:

update to 9.4.2 per release notes

See also :

http://www.nessus.org/u?db148051

Solution :

Update the affected postgresql package.

Risk factor :

High

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Fedora 21 : mingw-LibRaw-0.16.2-1.fc21 (2015-8498)


Synopsis:

The remote Fedora host is missing a security update.

Description:

Update to version 0.16.2, see http://www.libraw.org/download#changelog
for details. Update to version 0.16.1, see
http://www.libraw.org/download#changelog for details. Security fix for
CVE-2015-3885.

See also :

http://www.libraw.org/download#changelog
https://bugzilla.redhat.com/show_bug.cgi?id=1221249
http://www.nessus.org/u?fbeec3f4

Solution :

Update the affected mingw-LibRaw package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Fedora 21 : LibRaw-0.16.2-1.fc21 (2015-8482)


Synopsis:

The remote Fedora host is missing a security update.

Description:

Latest upstream bugfix. Fixed dcraw vulnerability in ljpeg_start()

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=1220382
https://bugzilla.redhat.com/show_bug.cgi?id=1221250
https://bugzilla.redhat.com/show_bug.cgi?id=1222258
http://www.nessus.org/u?45daecc9

Solution :

Update the affected LibRaw package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Fedora 20 : hostapd-2.4-2.fc20 (2015-8386)


Synopsis:

The remote Fedora host is missing a security update.

Description:

Security update for integer underflow in AP mode WMM Action frame
processing.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=1221178
http://www.nessus.org/u?cfdc8568

Solution :

Update the affected hostapd package.

Risk factor :

High

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Fedora 21 : php-5.6.9-1.fc21 (2015-8383)


Synopsis:

The remote Fedora host is missing a security update.

Description:

14 May 2015, **PHP 5.6.9**

Core :

- Fixed bug #69467 (Wrong checked for the interface by
using Trait). (Laruence)

- Fixed bug #69420 (Invalid read in
zend_std_get_method). (Laruence)

- Fixed bug #60022 ('use statement [...] has no effect'
depends on leading backslash). (Nikita)

- Fixed bug #67314 (Segmentation fault in
gc_remove_zval_from_buffer). (Dmitry)

- Fixed bug #68652 (segmentation fault in destructor).
(Dmitry)

- Fixed bug #69419 (Returning compatible sub generator
produces a warning). (Nikita)

- Fixed bug #69472 (php_sys_readlink ignores misc errors
from GetFinalPathNameByHandleA). (Jan Starke)

- Fixed bug #69364 (PHP Multipart/form-data remote dos
Vulnerability). (Stas)

- Fixed bug #69403 (str_repeat() sign mismatch based
memory corruption). (Stas)

- Fixed bug #69418 (CVE-2006-7243 fix regressions in
5.4+). (Stas)

- Fixed bug #69522 (heap buffer overflow in unpack()).
(Stas)

FTP :

- Fixed bug #69545 (Integer overflow in ftp_genlist()
resulting in heap overflow). (Stas)

ODBC :

- Fixed bug #69354 (Incorrect use of SQLColAttributes with
ODBC 3.0). (Anatol)

- Fixed bug #69474 (ODBC: Query with same field name
from two tables returns incorrect result). (Anatol)

- Fixed bug #69381 (out of memory with sage odbc
driver). (Frederic Marchall, Anatol Belski)

OpenSSL :

- Fixed bug #69402 (Reading empty SSL stream hangs until
timeout). (Daniel Lowrey)

PCNTL :

- Fixed bug #68598 (pcntl_exec() should not allow null
char). (Stas)

PCRE :

- Upgraded pcrelib to 8.37.

Phar :

- Fixed bug #69453 (Memory Corruption in
phar_parse_tarfile when entry filename starts with
null). (Stas)

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=1222485
https://bugzilla.redhat.com/show_bug.cgi?id=1223408
https://bugzilla.redhat.com/show_bug.cgi?id=1223412
https://bugzilla.redhat.com/show_bug.cgi?id=1223422
https://bugzilla.redhat.com/show_bug.cgi?id=1223425
http://www.nessus.org/u?615db80b

Solution :

Update the affected php package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Fedora 20 : php-5.5.25-1.fc20 (2015-8370)


Synopsis:

The remote Fedora host is missing a security update.

Description:

14 May 2015, **PHP 5.5.25**

**Core:**

- Fixed bug #69364 (PHP Multipart/form-data remote dos
Vulnerability). (Stas)

- Fixed bug #69403 (str_repeat() sign mismatch based
memory corruption). (Stas)

- Fixed bug #69418 (CVE-2006-7243 fix regressions in
5.4+). (Stas)

- Fixed bug #69522 (heap buffer overflow in unpack()).
(Stas)

- Fixed bug #69467 (Wrong checked for the interface by
using Trait). (Laruence)

- Fixed bug #69420 (Invalid read in
zend_std_get_method). (Laruence)

- Fixed bug #60022 ('use statement [...] has no effect'
depends on leading backslash). (Nikita)

- Fixed bug #67314 (Segmentation fault in
gc_remove_zval_from_buffer). (Dmitry)

- Fixed bug #68652 (segmentation fault in destructor).
(Dmitry)

- Fixed bug #69419 (Returning compatible sub generator
produces a warning). (Nikita)

- Fixed bug #69472 (php_sys_readlink ignores misc errors
from GetFinalPathNameByHandleA). (Jan Starke)

**FTP:**

- Fixed bug #69545 (Integer overflow in ftp_genlist()
resulting in heap overflow). (Stas)

**ODBC:**

- Fixed bug #69474 (ODBC: Query with same field name from
two tables returns incorrect result). (Anatol)

- Fixed bug #69381 (out of memory with sage odbc
driver). (Frederic Marchall, Anatol Belski)

**OpenSSL:**

- Fixed bug #69402 (Reading empty SSL stream hangs until
timeout). (Daniel Lowrey)

**PCNTL:**

- Fixed bug #68598 (pcntl_exec() should not allow null
char). (Stas)

**Phar:**

- Fixed bug #69453 (Memory Corruption in
phar_parse_tarfile when entry filename starts with
null). (Stas)

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=1222485
https://bugzilla.redhat.com/show_bug.cgi?id=1223408
https://bugzilla.redhat.com/show_bug.cgi?id=1223412
https://bugzilla.redhat.com/show_bug.cgi?id=1223422
https://bugzilla.redhat.com/show_bug.cgi?id=1223425
http://www.nessus.org/u?bacb1097

Solution :

Update the affected php package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Fedora 21 : hostapd-2.4-2.fc21 (2015-8336)


Synopsis:

The remote Fedora host is missing a security update.

Description:

Security update for integer underflow in AP mode WMM Action frame
processing.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=1221178
http://www.nessus.org/u?dff673b7

Solution :

Update the affected hostapd package.

Risk factor :

High

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Fedora 20 : java-1.8.0-openjdk-1.8.0.45-38.b14.fc20 (2015-8251)


Synopsis:

The remote Fedora host is missing a security update.

Description:

updated to 8u45-b14 with hope to fix rhbz#1123870 This update adds
debugging information to all the Java code included in the JDK, make
it easier to debug the code.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=1123870
http://www.nessus.org/u?0519cd35

Solution :

Update the affected java-1.8.0-openjdk package.

Risk factor :

Medium / CVSS Base Score : 5.4
(CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:C)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Fedora 22 : rawtherapee-4.2-9.fc22 (2015-8187)


Synopsis:

The remote Fedora host is missing a security update.

Description:

Security fix for CVE-2015-3885 (dcraw input sanitization), bz #1221257

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=1221257
http://www.nessus.org/u?063180b9

Solution :

Update the affected rawtherapee package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Fedora 20 : ca-certificates-2015.2.4-1.0.fc20 (2015-7714)


Synopsis:

The remote Fedora host is missing a security update.

Description:

This is an update to the set of CA certificates released with NSS
version 3.18.1

However, the package modifies the CA list to keep several legacy CAs
still trusted for compatibility reasons. Please refer to the project
URL for details.

If you prefer to use the unchanged list provided by Mozilla, and if
you accept any compatibility issues it may cause, an administrator may
configure the system by executing the 'ca-legacy disable' command.

This update adds a manual page for the ca-legacy command.

This update changes the names of the possible values in the ca-legacy
configuration file. It still uses the term legacy=disable to override
the compatibility option and follow the upstream Mozilla.org decision.
However it now uses the term legacy=default for the default
configuration, to make it more obvious that the legacy certificates
won't be kept enabled forever.

See also :

http://www.nessus.org/u?ca8d785b

Solution :

Update the affected ca-certificates package.

Risk factor :

High

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Fedora 20 : openslp-1.2.1-22.fc20 (2015-7561)


Synopsis:

The remote Fedora host is missing a security update.

Description:

openslp: denial of service vulnerability (CVE-2010-3609)

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=684294
https://bugzilla.redhat.com/show_bug.cgi?id=857242
http://www.nessus.org/u?6f58f5f1

Solution :

Update the affected openslp package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Debian DSA-3274-1 : virtualbox - security update


Synopsis:

The remote Debian host is missing a security-related update.

Description:

Jason Geffner discovered a buffer overflow in the emulated floppy disk
drive, resulting in potential privilege escalation.

See also :

https://packages.debian.org/source/wheezy/virtualbox
https://packages.debian.org/source/jessie/virtualbox
http://www.debian.org/security/2015/dsa-3274

Solution :

Upgrade the virtualbox packages.

For the oldstable distribution (wheezy), this problem has been fixed
in version 4.1.18-dfsg-2+deb7u5.

For the stable distribution (jessie), this problem has been fixed in
version 4.3.18-dfsg-3+deb8u2.

Risk factor :

High / CVSS Base Score : 7.7
(CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Debian DLA-233-1 : clamav security and upstream version update


Synopsis:

The remote Debian host is missing a security update.

Description:

Upstream published version 0.98.7. This update updates sqeeze-lts to
the latest upstream release in line with the approach used for other
Debian releases.

The changes are not strictly required for operation, but users of the
previous version in Squeeze may not be able to make use of all current
virus signatures and might get warnings.

The bug fixes that are part of this release include security fixes
related to packed or crypted files (CVE-2014-9328, CVE-2015-1461,
CVE-2015-1462, CVE-2015-1463, CVE-2015-2170, CVE-2015-2221,
CVE-2015-2222, and CVE-2015-2668) and several fixes to the embedded
libmspack library, including a potential infinite loop in the Quantum
decoder (CVE-2014-9556).

If you use clamav, we strongly recommend that you upgrade to this
version.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.

See also :

https://lists.debian.org/debian-lts-announce/2015/05/msg00017.html
https://packages.debian.org/source/squeeze-lts/clamav

Solution :

Upgrade the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Debian DLA-232-1 : tomcat6 security update


Synopsis:

The remote Debian host is missing a security update.

Description:

The following vulnerabilities were found in Apache Tomcat 6 :

CVE-2014-0227

The Tomcat security team identified that it was possible to conduct
HTTP request smuggling attacks or cause a DoS by streaming malformed
data.

CVE-2014-0230

AntBean@secdig, from the Baidu Security Team, disclosed that it was
possible to cause a limited DoS attack by feeding data by aborting an
upload.

CVE-2014-7810

The Tomcat security team identified that malicious web applications
could bypass the Security Manager by the use of expression language.

For Debian 6 'Squeeze', these issues have been fixed in tomcat6
version 6.0.41-2+squeeze7.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.

See also :

https://lists.debian.org/debian-lts-announce/2015/05/msg00016.html
https://packages.debian.org/source/squeeze-lts/tomcat6

Solution :

Upgrade the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P)
CVSS Temporal Score : 5.6
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Debian DLA-228-1 : exactimage security update


Synopsis:

The remote Debian host is missing a security update.

Description:

A vulnerability has been discovered in the ExactImage image
manipulation programs.

CVE-2015-3885

Eduardo Castellanos discovered an Integer overflow in the dcraw
version included in ExactImage. This vulnerability allows remote
attackers to cause a denial of service (crash) via a crafted image.

For the oldoldstable distribution (squeeze), these problems have been
fixed in version 0.8.1-3+deb6u4.

For the oldstable, stable, and testing distributions, these problems
will be fixed soon.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.

See also :

https://lists.debian.org/debian-lts-announce/2015/05/msg00015.html
https://packages.debian.org/source/squeeze-lts/exactimage

Solution :

Upgrade the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:ND)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Amazon Linux AMI : ruby22 (ALAS-2015-533)


Synopsis:

The remote Amazon Linux AMI host is missing a security update.

Description:

As discussed in an upstream announcement, Ruby's OpenSSL extension
suffers a vulnerability through overly permissive matching of
hostnames, which can lead to similar bugs such as CVE-2014-1492 .

See also :

http://www.nessus.org/u?291d9038
https://alas.aws.amazon.com/ALAS-2015-533.html

Solution :

Run 'yum update ruby22' to update your system.

Risk factor :

High

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Amazon Linux AMI : ruby21 (ALAS-2015-532)


Synopsis:

The remote Amazon Linux AMI host is missing a security update.

Description:

As discussed in an upstream announcement, Ruby's OpenSSL extension
suffers a vulnerability through overly permissive matching of
hostnames, which can lead to similar bugs such as CVE-2014-1492 .

See also :

http://www.nessus.org/u?291d9038
https://alas.aws.amazon.com/ALAS-2015-532.html

Solution :

Run 'yum update ruby21' to update your system.

Risk factor :

High

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Amazon Linux AMI : ruby20 (ALAS-2015-531)


Synopsis:

The remote Amazon Linux AMI host is missing a security update.

Description:

As discussed in an upstream announcement, Ruby's OpenSSL extension
suffers a vulnerability through overly permissive matching of
hostnames, which can lead to similar bugs such as CVE-2014-1492 .

See also :

http://www.nessus.org/u?291d9038
https://alas.aws.amazon.com/ALAS-2015-531.html

Solution :

Run 'yum update ruby20' to update your system.

Risk factor :

High

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Amazon Linux AMI : ruby19 (ALAS-2015-530)


Synopsis:

The remote Amazon Linux AMI host is missing a security update.

Description:

As discussed in an upstream announcement, Ruby's OpenSSL extension
suffers a vulnerability through overly permissive matching of
hostnames, which can lead to similar bugs such as CVE-2014-1492 .

See also :

http://www.nessus.org/u?291d9038
https://alas.aws.amazon.com/ALAS-2015-530.html

Solution :

Run 'yum update ruby19' to update your system.

Risk factor :

High

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Amazon Linux AMI : ruby18 (ALAS-2015-529)


Synopsis:

The remote Amazon Linux AMI host is missing a security update.

Description:

As discussed in an upstream announcement, Ruby's OpenSSL extension
suffers a vulnerability through overly permissive matching of
hostnames, which can lead to similar bugs such as CVE-2014-1492 .

See also :

http://www.nessus.org/u?291d9038
https://alas.aws.amazon.com/ALAS-2015-529.html

Solution :

Run 'yum update ruby18' to update your system.

Risk factor :

High

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Amazon Linux AMI : pcre (ALAS-2015-528)


Synopsis:

The remote Amazon Linux AMI host is missing a security update.

Description:

A flaw was found in the way PCRE handled certain malformed regular
expressions. This issue could cause an application linked against PCRE
to crash while parsing malicious regular expressions.

See also :

https://alas.aws.amazon.com/ALAS-2015-528.html

Solution :

Run 'yum update pcre' to update your system.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

AIX 6.1 TL 9 : bos.rte.lvm (U865862)


Synopsis:

The remote AIX host is missing a vendor-supplied security patch.

Description:

The remote host is missing AIX PTF U865862, which is related to the
security of the package bos.rte.lvm.

The running of lquerylv command with variable DBGCMD_LQUERYLV set may
allow a local user to gain root privileges.

See also :

http://www-01.ibm.com/support/docview.wss?uid=isg1IV67907

Solution :

Install the appropriate missing security-related fix.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

AIX 7.1 TL 3 : bos.rte.lvm (U865854)


Synopsis:

The remote AIX host is missing a vendor-supplied security patch.

Description:

The remote host is missing AIX PTF U865854, which is related to the
security of the package bos.rte.lvm.

The running of lquerylv command with variable DBGCMD_LQUERYLV set may
allow a local user to gain root privileges.

See also :

http://www-01.ibm.com/support/docview.wss?uid=isg1IV67908

Solution :

Install the appropriate missing security-related fix.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Cisco Prime LAN Management Solution ntpd Multiple Vulnerabilities


Synopsis:

A network management system on the remote host is affected by multiple
vulnerabilities.

Description:

According to its self-reported version number, the Cisco Prime LAN
Management Solution running on the remote host is affected by multiple
vulnerabilities :

- A security weakness exists due to the config_auth()
function improperly generating default keys when no
authentication key is defined in the 'ntp.conf' file.
Key size is limited to 31 bits and the insecure
ntp_random() function is used, resulting in
cryptographically weak keys with insufficient entropy.
This allows a remote attacker to defeat cryptographic
protection mechanisms via a brute-force attack.
(CVE-2014-9293)

- A security weakness exists due the use of a weak seed
to prepare a random number generator used to generate
symmetric keys. This allows remote attackers to defeat
cryptographic protection mechanisms via a brute-force
attack. (CVE-2014-9294)

- Multiple stack-based buffer overflows exist due to
improperly validated user-supplied input when handling
packets in the crypto_recv(), ctl_putdata(), and
configure() functions when using autokey authentication.
This allows a remote attacker, via a specially crafted
packet, to cause a denial of service condition or
execute arbitrary code. (CVE-2014-9295)

- A unspecified vulnerability exists due to missing return
statements in the receive() function, resulting in
continued processing even when an authentication error
is encountered. This allows a remote attacker, via
crafted packets, to trigger unintended association
changes. (CVE-2014-9296)

See also :

http://www.nessus.org/u?79cfbf7f

Solution :

Upgrade to Cisco Prime LMS 4.2(5.3) or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Cisco Prime Data Center Network Manager ntpd Multiple Vulnerabilities (uncredentialed check)


Synopsis:

A network management system on the remote host is affected by multiple
vulnerabilities.

Description:

According to its self-reported version number, the Cisco Prime Data
Center Network Manager (DCNM) running on the remote host is affected
by multiple vulnerabilities :

- A security weakness exists due to the config_auth()
function improperly generating default keys when no
authentication key is defined in the 'ntp.conf' file.
Key size is limited to 31 bits and the insecure
ntp_random() function is used, resulting in
cryptographically weak keys with insufficient entropy.
This allows a remote attacker to defeat cryptographic
protection mechanisms via a brute-force attack.
(CVE-2014-9293)

- A security weakness exists due the use of a weak seed
to prepare a random number generator used to generate
symmetric keys. This allows remote attackers to defeat
cryptographic protection mechanisms via a brute-force
attack. (CVE-2014-9294)

- Multiple stack-based buffer overflows exist due to
improperly validated user-supplied input when handling
packets in the crypto_recv(), ctl_putdata(), and
configure() functions when using autokey authentication.
This allows a remote attacker, via a specially crafted
packet, to cause a denial of service condition or
execute arbitrary code. (CVE-2014-9295)

- A unspecified vulnerability exists due to missing return
statements in the receive() function, resulting in
continued processing even when an authentication error
is encountered. This allows a remote attacker, via
crafted packets, to trigger unintended association
changes. (CVE-2014-9296)

- A security bypass vulnerability exists in the function
read_network_packet() due to a failure to restrict ::1
source addresses on IPv6 interfaces. This allows a
remote attacker to bypass configured ACLs based on ::1.
(CVE-2014-9298)

This plugin determines if DCNM is vulnerable by checking the version
number displayed in the web interface. The web interface is not
available in older versions of DCNM.

See also :

http://www.nessus.org/u?79cfbf7f

Solution :

Upgrade to Cisco Prime Data Center Network Manager 7.1(2) or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (LogJam)


Synopsis:

The remote host allows SSL/TLS connections with one or more
Diffie-Hellman moduli less than or equal to 1024 bits.

Description:

The remote host allows SSL/TLS connections with one or more
Diffie-Hellman moduli less than or equal to 1024 bits. Through
cryptanalysis, a third party may be able to find the shared secret in
a short amount of time (depending on modulus size and attacker
resources). This may allow the attacker to recover the plain text or
potentially violate the integrity of connections.

See also :

http://weakdh.org/

Solution :

Reconfigure the service to use a unique Diffie-Hellman moduli of 2048
bits or greater.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

AIX NAS Advisory : nas_advisory3.asc


Synopsis:

The remote AIX host has a version of NAS installed that is affected by
multiple vulnerabilities.

Description:

The version of the Network Authentication Service (NAS) installed on
the remote AIX host is affected by the following vulnerabilities
related to Kerberos 5 :

- Denial of service and remote code execution
vulnerabilities exist due to security context handles
not being properly maintained, allowing an
authenticated, remote attacker to crash the service or
execute arbitrary code using crafted GSSAPI traffic.
(CVE-2014-5352)

- A denial of service vulnerability exists due to improper
handling of zero-byte or unterminated strings.
(CVE-2014-5355)

- Denial of service and remote code execution
vulnerabilities exist which allow an authenticated,
remote attacker to crash the service or execute
arbitrary code using crafted, malformed XDR data.
(CVE-2014-9421)

- A privilege escalation vulnerability exists that allows
an authenticated, remote attacker to gain administrative
access via a flaw in kadmin authorization checks.
(CVE-2014-9422)

- An information disclosure vulnerability allows an
attacker to gain information about process heap memory
from NAS packets. (CVE-2014-9423)

See also :

http://aix.software.ibm.com/aix/efixes/security/nas_advisory3.asc

Solution :

Fixes are available at the 1.5.0.7 and 1.6.0.2 levels of the software
and can be downloaded from the AIX website.

For the NAS fileset level 1.5.0.7,
apply ifix 1507c_fix.150404.epkg.Z if only krb5.client.rte is
installed, otherwise apply 1507s_fix.150407.epkg.Z if krb5.server.rte
is installed.

For the NAS fileset level 1.6.0.2,
apply ifix 1602c_fix.150404.epkg.Z if only krb5.client.rte is
installed, otherwise apply 1602s_fix.150407.epkg.Z if krb5.server.rte
is installed.

For the NAS fileset level 1.5.0.3-1.5.0.4,
upgrade to NAS fileset level 1.6.0.2 and apply ifix
1602c_fix.150404.epkg.Z if only krb5.client.rte is installed,
otherwise apply 1602s_fix.150407.epkg.Z if krb5.server.rte is
installed.

For all other NAS fileset levels,
upgrade to NAS fileset level 1.5.0.7 and apply ifix
1507c_fix.150404.epkg.Z if only krb5.client.rte is installed,
otherwise apply 1507s_fix.150407.epkg.Z if krb5.server.rte is
installed.

Risk factor :

High / CVSS Base Score : 8.7
(CVSS2#AV:N/AC:L/Au:S/C:P/I:C/A:C)
CVSS Temporal Score : 7.6
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

IBM WebSphere Portal Unspecified Open Redirect (PI38632)


Synopsis:

The remote Windows host has web portal software installed that is
affected by an open redirect vulnerability.

Description:

The version of IBM WebSphere Portal installed on the Windows remote
host is affected by an unspecified open redirect vulnerability due to
improper validation of user-supplied input. A remote attacker, using a
specially crafted URL, can exploit this flaw to redirect a victim to
an arbitrary website.

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21884060

Solution :

Upgrade to IBM WebSphere Portal 8.5.0 CF06 / 8.0.0.1 CF16 with interim
fix PI38632.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 5.6
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2015 Tenable Network Security, Inc.

IBM WebSphere Portal 8.5.0 < 8.5.0 CF06 Multiple Vulnerabilities


Synopsis:

The remote Windows host has web portal software installed that is
affected by multiple vulnerabilities.

Description:

The version of IBM WebSphere Portal installed on the remote Windows
host is affected by the following vulnerabilities :

- An buffer overflow flaw exists in the Outside In Filters
subcomponent due to 'ibpsd2.dll' not properly validating
user-supplied input in PSD files. An attacker can
exploit this to cause a denial of service or possibly
execute arbitrary code. (CVE-2015-0493)

- An unspecified flaw exists in the Remote Document
Conversion Service (DCS) that allows a remote attacker
to cause a denial of service. (CVE-2015-1886)

- A flaw exists when handling a specially crafted request
that allows a remote attacker to use too many available
resources, resulting in a denial of service.
(CVE-2015-1899)

- A flaw exists that allows a reflected cross-site
scripting attack due the application failing to validate
input before returning it back to the user. A remote
attacker, using a crafted URL, can exploit this to
execute code or HTML within the user's browser.
(CVE-2015-1908)

- A flaw exists that allows a cross-site redirection
attack due to a failure to validate certain unspecified
input before returning it to the user. An attacker,
using specially crafted URL, can exploit this to
redirect victims to a website of the attacker's own
choosing. (CVE-2015-1921)

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg24037786

Solution :

IBM has published a cumulative fix (CF06) for WebSphere Portal 8.5.0.
Refer to the IBM advisory for more information.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Cisco IOS XE Software for 1000 Series Aggregation Services Routers H.323 DoS


Synopsis:

The remote device is missing a vendor-supplied security patch.

Description:

Cisco IOS XE Software for 1000 Series Aggregation Services Routers
(ASR) is affected by a flaw in the Embedded Services Processor (ESP)
due to improper handling of malformed H.323 packets when the device is
configured to use Network Address Translation (NAT). An remote,
unauthenticated attacker, by sending malformed H.323 packets, can
exploit this vulnerability to cause a denial of service by crashing
the ESP module.

See also :

http://tools.cisco.com/security/center/viewAlert.x?alertId=38210

Solution :

Upgrade to the relevant version referenced in Cisco bug ID CSCup21070.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2015:0960-1)


Synopsis:

The remote SUSE host is missing one or more security updates.

Description:

This update to Firefox 31.7.0 ESR (bsc#930622) fixes the following
issues :

- MFSA 2015-46/CVE-2015-2708/CVE-2015-2709 (bmo#1120655,
bmo#1143299, bmo#1151139, bmo#1152177, bmo#1111251,
bmo#1117977, bmo#1128064, bmo#1135066, bmo#1143194,
bmo#1146101, bmo#1149526, bmo#1153688, bmo#1155474)
Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)

- MFSA 2015-47/CVE-2015-0797 (bmo#1080995) Buffer overflow
parsing H.264 video with Linux Gstreamer

- MFSA 2015-48/CVE-2015-2710 (bmo#1149542) Buffer overflow
with SVG content and CSS

- MFSA 2015-51/CVE-2015-2713 (bmo#1153478) Use-after-free
during text processing with vertical text enabled

- MFSA 2015-54/CVE-2015-2716 (bmo#1140537) Buffer overflow
when parsing compressed XML

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.suse.com/930622
https://www.suse.com/security/cve/CVE-2015-0797.html
https://www.suse.com/security/cve/CVE-2015-2708.html
https://www.suse.com/security/cve/CVE-2015-2709.html
https://www.suse.com/security/cve/CVE-2015-2710.html
https://www.suse.com/security/cve/CVE-2015-2713.html
https://www.suse.com/security/cve/CVE-2015-2716.html
http://www.nessus.org/u?3a3eebb8

Solution :

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12 :

zypper in -t patch SUSE-SLE-SDK-12-2015-217=1

SUSE Linux Enterprise Server 12 :

zypper in -t patch SUSE-SLE-SERVER-12-2015-217=1

SUSE Linux Enterprise Desktop 12 :

zypper in -t patch SUSE-SLE-DESKTOP-12-2015-217=1

To bring your system up-to-date, use 'zypper patch'.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

SUSE SLED12 / SLES12 Security Update : perl-YAML-LibYAML (SUSE-SU-2015:0953-2)


Synopsis:

The remote SUSE host is missing one or more security updates.

Description:

perl-YAML-LibYAML was updated to fix three security issues.

These security issues were fixed :

- CVE-2013-6393: The yaml_parser_scan_tag_uri function in
scanner.c in LibYAML before 0.1.5 performed an incorrect
cast, which allowed remote attackers to cause a denial
of service (application crash) and possibly execute
arbitrary code via crafted tags in a YAML document,
which triggered a heap-based buffer overflow
(bnc#860617, bnc#911782).

- CVE-2014-9130: scanner.c in LibYAML 0.1.5 and 0.1.6, as
used in the YAML-LibYAML (aka YAML-XS) module for Perl,
allowed context-dependent attackers to cause a denial of
service (assertion failure and crash) via vectors
involving line-wrapping (bnc#907809, bnc#911782).

- CVE-2014-2525: Heap-based buffer overflow in the
yaml_parser_scan_uri_escapes function in LibYAML before
0.1.6 allowed context-dependent attackers to execute
arbitrary code via a long sequence of percent-encoded
characters in a URI in a YAML file (bnc#868944,
bnc#911782).

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.suse.com/860617
https://bugzilla.suse.com/868944
https://bugzilla.suse.com/907809
https://bugzilla.suse.com/911782
https://www.suse.com/security/cve/CVE-2013-6393.html
https://www.suse.com/security/cve/CVE-2014-2525.html
https://www.suse.com/security/cve/CVE-2014-9130.html
http://www.nessus.org/u?931cf879

Solution :

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server 12 :

zypper in -t patch SUSE-SLE-SERVER-12-2015-215=1

SUSE Linux Enterprise Desktop 12 :

zypper in -t patch SUSE-SLE-DESKTOP-12-2015-215=1

To bring your system up-to-date, use 'zypper patch'.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

SUSE SLES12 Security Update : perl-YAML-LibYAML (SUSE-SU-2015:0953-1)


Synopsis:

The remote SUSE host is missing one or more security updates.

Description:

perl-YAML-LibYAML was updated to fix three security issues.

These security issues were fixed :

- CVE-2013-6393: The yaml_parser_scan_tag_uri function in
scanner.c in LibYAML before 0.1.5 performed an incorrect
cast, which allowed remote attackers to cause a denial
of service (application crash) and possibly execute
arbitrary code via crafted tags in a YAML document,
which triggered a heap-based buffer overflow
(bnc#860617, bnc#911782).

- CVE-2014-9130: scanner.c in LibYAML 0.1.5 and 0.1.6, as
used in the YAML-LibYAML (aka YAML-XS) module for Perl,
allowed context-dependent attackers to cause a denial of
service (assertion failure and crash) via vectors
involving line-wrapping (bnc#907809, bnc#911782).

- CVE-2014-2525: Heap-based buffer overflow in the
yaml_parser_scan_uri_escapes function in LibYAML before
0.1.6 allowed context-dependent attackers to execute
arbitrary code via a long sequence of percent-encoded
characters in a URI in a YAML file (bnc#868944,
bnc#911782).

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.suse.com/860617
https://bugzilla.suse.com/868944
https://bugzilla.suse.com/907809
https://bugzilla.suse.com/911782
https://www.suse.com/security/cve/CVE-2013-6393.html
https://www.suse.com/security/cve/CVE-2014-2525.html
https://www.suse.com/security/cve/CVE-2014-9130.html
http://www.nessus.org/u?0d7c667b

Solution :

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server 12 :

zypper in -t patch SUSE-SLE-SERVER-12-2015-215=1

To bring your system up-to-date, use 'zypper patch'.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

openSUSE Security Update : glibc / glibc-testsuite / glibc-utils / etc (openSUSE-2015-383)


Synopsis:

The remote openSUSE host is missing a security update.

Description:

glibc was updated to fix security issues and bugs :

- Separate internal state between getXXent and getXXbyYY
NSS calls (CVE-2014-8121, bsc#918187, BZ #18007)

- Fix read past end of pattern in fnmatch (bsc#920338, BZ
#17062, BZ #18032, BZ #18036)

- Fix buffer overflow in nss_dns (CVE-2015-1781,
bsc#927080, BZ #18287)

Also this bug got fixed :

- Simplify handling of nameserver configuration in
resolver (bsc#917539)

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=917539
https://bugzilla.opensuse.org/show_bug.cgi?id=918187
https://bugzilla.opensuse.org/show_bug.cgi?id=920338
https://bugzilla.opensuse.org/show_bug.cgi?id=927080

Solution :

Update the affected glibc / glibc-testsuite / glibc-utils / etc packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Debian DLA-231-1 : dulwich security update


Synopsis:

The remote Debian host is missing a security update.

Description:

Ivan Fratric of the Google Security Team has found a buffer overflow
in the C implementation of the apply_delta() function, used when
accessing Git objects in pack files. An attacker could take advantage
of this flaw to cause the execution of arbitrary code with the
privileges of the user running a Git server or client based on
Dulwich.

For the oldoldstable distribution (squeeze), this problem has been
fixed in version 0.6.1-1+deb6u1.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.

See also :

https://lists.debian.org/debian-lts-announce/2015/05/msg00014.html
https://packages.debian.org/source/squeeze-lts/dulwich

Solution :

Upgrade the affected python-dulwich package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Debian DLA-230-1 : eglibc security update


Synopsis:

The remote Debian host is missing a security update.

Description:

Arjun Shankar of Red Hat discovered that gethostbyname_r and related
functions compute the size of an input buffer incorrectly if the
passed-in buffer is misaligned. This results in a buffer overflow.

For the oldoldstable distribution (squeeze), this problem has been
fixed in version 2.11.3-4+deb6u6.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.

See also :

https://lists.debian.org/debian-lts-announce/2015/05/msg00013.html
https://packages.debian.org/source/squeeze-lts/eglibc

Solution :

Upgrade the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 4.4
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Debian DLA-229-1 : libnokogiri-ruby security update


Synopsis:

The remote Debian host is missing a security update.

Description:

An XML eXternal Entity (XXE) flaw was found in Nokogiri, a Ruby gem
for parsing HTML, XML, and SAX. Using external XML entities, a remote
attacker could specify a URL in a specially crafted XML that, when
parsed, would cause a connection to that URL to be opened.

This update enables the 'nonet' option by default (and provides new
methods to disable default options if needed).

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.

See also :

https://lists.debian.org/debian-lts-announce/2015/05/msg00012.html
https://packages.debian.org/source/squeeze-lts/libnokogiri-ruby

Solution :

Upgrade the affected packages.

Risk factor :

High

This script is Copyright (C) 2015 Tenable Network Security, Inc.