CVE-2009-0217

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.

References

http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161

http://git.gnome.org/cgit/xmlsec/commit/?id=34b349675af9f72eb822837a8772cc1ead7115c7

http://git.gnome.org/cgit/xmlsec/patch/?id=34b349675af9f72eb822837a8772cc1ead7115c7

http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html

http://marc.info/?l=bugtraq&m=125787273209737&w=2

http://osvdb.org/55895

http://osvdb.org/55907

http://secunia.com/advisories/34461

http://secunia.com/advisories/35776

http://secunia.com/advisories/35852

http://secunia.com/advisories/35853

http://secunia.com/advisories/35854

http://secunia.com/advisories/35855

http://secunia.com/advisories/35858

http://secunia.com/advisories/36162

http://secunia.com/advisories/36176

http://secunia.com/advisories/36180

http://secunia.com/advisories/36494

http://secunia.com/advisories/37300

http://secunia.com/advisories/37671

http://secunia.com/advisories/37841

http://secunia.com/advisories/38567

http://secunia.com/advisories/38568

http://secunia.com/advisories/38695

http://secunia.com/advisories/38921

http://secunia.com/advisories/41818

http://secunia.com/advisories/60799

http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-263429-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-269208-1

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020710.1-1

http://svn.apache.org/viewvc?revision=794013&view=revision

http://www.aleksey.com/xmlsec/

http://www.debian.org/security/2010/dsa-1995

http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml

http://www.kb.cert.org/vuls/id/466161

http://www.kb.cert.org/vuls/id/MAPG-7TSKXQ

http://www.kb.cert.org/vuls/id/WDON-7TY529

http://www.mandriva.com/security/advisories?name=MDVSA-2009:209

http://www.mono-project.com/Vulnerabilities

http://www.openoffice.org/security/cves/CVE-2009-0217.html

http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html

http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html

http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

http://www.redhat.com/support/errata/RHSA-2009-1694.html

http://www.securityfocus.com/bid/35671

http://www.securitytracker.com/id?1022561

http://www.securitytracker.com/id?1022567

http://www.securitytracker.com/id?1022661

http://www.ubuntu.com/usn/USN-903-1

http://www.us-cert.gov/cas/techalerts/TA09-294A.html

http://www.us-cert.gov/cas/techalerts/TA10-159B.html

http://www.vupen.com/english/advisories/2009/1900

http://www.vupen.com/english/advisories/2009/1908

http://www.vupen.com/english/advisories/2009/1909

http://www.vupen.com/english/advisories/2009/1911

http://www.vupen.com/english/advisories/2009/2543

http://www.vupen.com/english/advisories/2009/3122

http://www.vupen.com/english/advisories/2010/0366

http://www.vupen.com/english/advisories/2010/0635

http://www.w3.org/2008/06/xmldsigcore-errata.html#e03

http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html

http://www-01.ibm.com/support/docview.wss?rs=180&context=SSEQTP&dc=D400&uid=swg24023545&loc=en_US&cs=UTF-8&lang=en&rss=ct180websphere

http://www-01.ibm.com/support/docview.wss?rs=180&context=SSEQTP&dc=D400&uid=swg24023723&loc=en_US&cs=UTF-8&lang=en&rss=ct180websphere

http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg21384925

https://bugzilla.redhat.com/show_bug.cgi?id=511915

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041

https://issues.apache.org/bugzilla/show_bug.cgi?id=47526

https://issues.apache.org/bugzilla/show_bug.cgi?id=47527

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10186

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7158

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8717

https://rhn.redhat.com/errata/RHSA-2009-1200.html

https://rhn.redhat.com/errata/RHSA-2009-1201.html

https://rhn.redhat.com/errata/RHSA-2009-1428.html

https://rhn.redhat.com/errata/RHSA-2009-1636.html

https://rhn.redhat.com/errata/RHSA-2009-1637.html

https://rhn.redhat.com/errata/RHSA-2009-1649.html

https://rhn.redhat.com/errata/RHSA-2009-1650.html

https://usn.ubuntu.com/826-1/

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html

Details

Source: MITRE

Published: 2009-07-14

Updated: 2018-10-12

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1.13:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1.15:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1.17:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:fp17:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.12:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.13:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.14:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.15:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.16:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.17:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.18:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.19:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.20:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.21:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.22:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.23:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.24:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.25:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.28:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.29:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.30:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.31:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.32:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.33:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.12:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.13:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.14:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.16:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.18:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.20:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.22:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*

cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*

cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*

cpe:2.3:a:mono_project:mono:2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:10.1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:10.1.3.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:10.1.4.3im:*:*:*:*:*:*:*

cpe:2.3:a:oracle:bea_product_suite:8.1:sp6:*:*:*:*:*:*

cpe:2.3:a:oracle:bea_product_suite:9.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:bea_product_suite:9.2:mp3:*:*:*:*:*:*

cpe:2.3:a:oracle:bea_product_suite:10.0:mp1:*:*:*:*:*:*

cpe:2.3:a:oracle:bea_product_suite:10.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server_component:8.1:sp6:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server_component:9.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server_component:9.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server_component:9.2:mp3:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server_component:10.0:mp1:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server_component:10.3:*:*:*:*:*:*:*

Tenable Plugins

View all (73 total)

IDNameProductFamilySeverity
108027Solaris 10 (x86) : 141710-03NessusSolaris Local Security Checks
medium
107968Solaris 10 (x86) : 128641-30NessusSolaris Local Security Checks
medium
107528Solaris 10 (sparc) : 141709-03NessusSolaris Local Security Checks
medium
107469Solaris 10 (sparc) : 128640-30NessusSolaris Local Security Checks
medium
107416Solaris 10 (sparc) : 125136-75NessusSolaris Local Security Checks
critical
107415Solaris 10 (sparc) : 125136-71NessusSolaris Local Security Checks
critical
77467GLSA-201408-19 : OpenOffice, LibreOffice: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
67921Oracle Linux 4 / 5 : xmlsec1 (ELSA-2009-1428)NessusOracle Linux Local Security Checks
medium
67905Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2009-1201)NessusOracle Linux Local Security Checks
critical
64830Sun Java JRE Multiple Vulnerabilities (263408 / 263409 / 263428 ..) (Unix)NessusMisc.
critical
63906RHEL 5 : JBoss EAP (RHSA-2009:1650)NessusRed Hat Local Security Checks
medium
63905RHEL 5 : JBoss EAP (RHSA-2009:1649)NessusRed Hat Local Security Checks
medium
63904RHEL 4 : JBoss EAP (RHSA-2009:1637)NessusRed Hat Local Security Checks
medium
63903RHEL 4 : JBoss EAP (RHSA-2009:1636)NessusRed Hat Local Security Checks
medium
60663Scientific Linux Security Update : xmlsec1 on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60645Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
critical
60633Scientific Linux Security Update : java-1.6.0-openjdk on SL5.3 i386/x86_64NessusScientific Linux Local Security Checks
critical
59651GLSA-201206-13 : Mono: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
57619Oracle Application Server Multiple VulnerabilitiesNessusWeb Servers
critical
51685SuSE 10 Security Update : OpenOffice_org (ZYPP Patch Number 6884)NessusSuSE Local Security Checks
high
51684SuSE 10 Security Update : OpenOffice_org (ZYPP Patch Number 6883)NessusSuSE Local Security Checks
high
51594SuSE 11 Security Update : OpenOffice_org (SAT Patch Number 2080)NessusSuSE Local Security Checks
high
48155Mandriva Linux Security Advisory : mono (MDVSA-2009:269)NessusMandriva Local Security Checks
medium
46848MS10-041: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343)NessusWindows : Microsoft Bulletins
medium
45075openSUSE Security Update : OpenOffice_org-base-drivers-postgresql (OpenOffice_org-base-drivers-postgresql-1980)NessusSuSE Local Security Checks
high
45073openSUSE Security Update : OpenOffice_org-base-drivers-postgresql (OpenOffice_org-base-drivers-postgresql-1981)NessusSuSE Local Security Checks
high
45071openSUSE Security Update : OpenOffice_org (OpenOffice_org-1979)NessusSuSE Local Security Checks
high
45064SuSE 11 Security Update : OpenOffice_org (SAT Patch Number 2080)NessusSuSE Local Security Checks
high
44922FreeBSD : openoffice.org -- multiple vulnerabilities (c97d7a37-2233-11df-96dd-001b2134ef46)NessusFreeBSD Local Security Checks
high
44912Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : openoffice.org vulnerabilities (USN-903-1)NessusUbuntu Local Security Checks
high
44859Debian DSA-1995-1 : openoffice.org - several vulnerabilitiesNessusDebian Local Security Checks
high
44714Debian DSA-1849-1 : xml-security-c - design flawNessusDebian Local Security Checks
medium
5339OpenOffice < 3.2 Multiple VulnerabilitiesNessus Network MonitorGeneric
medium
5339OpenOffice < 3.2 Multiple VulnerabilitiesNessus Network MonitorGeneric
medium
44597Sun OpenOffice.org < 3.2 Multiple VulnerabilitiesNessusWindows
high
44029RHEL 4 / 5 : IBM Java Runtime in Satellite Server (RHSA-2010:0043)NessusRed Hat Local Security Checks
critical
43872SuSE 11 Security Update : IBM Java 1.6.0 (SAT Patch Number 1748)NessusSuSE Local Security Checks
high
43774CentOS 5 : java-1.6.0-openjdk (CESA-2009:1201)NessusCentOS Local Security Checks
critical
43597RHEL 4 / 5 : java-1.6.0-ibm (RHSA-2009:1694)NessusRed Hat Local Security Checks
critical
43041Mandriva Linux Security Advisory : mono (MDVSA-2009:322)NessusMandriva Local Security Checks
high
43021Mandriva Linux Security Advisory : xmlsec1 (MDVSA-2009:318)NessusMandriva Local Security Checks
medium
42396SuSE 11 Security Update : IBM Java 1.6.0 (SAT Patch Number 1497)NessusSuSE Local Security Checks
critical
42095Mandriva Linux Security Advisory : mono (MDVSA-2009:268)NessusMandriva Local Security Checks
medium
42092Mandriva Linux Security Advisory : xmlsec1 (MDVSA-2009:267)NessusMandriva Local Security Checks
medium
40902RHEL 4 / 5 : xmlsec1 (RHSA-2009:1428)NessusRed Hat Local Security Checks
medium
40894CentOS 4 / 5 : xmlsec1 (CESA-2009:1428)NessusCentOS Local Security Checks
medium
40873Mac OS X : Java for Mac OS X 10.5 Update 5NessusMacOS X Local Security Checks
high
40818openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-1252)NessusSuSE Local Security Checks
critical
40816openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-1252)NessusSuSE Local Security Checks
critical
40794Ubuntu 8.04 LTS / 8.10 / 9.04 : mono vulnerabilities (USN-826-1)NessusUbuntu Local Security Checks
medium
40749RHEL 4 / 5 : java-1.6.0-sun (RHSA-2009:1200)NessusRed Hat Local Security Checks
critical
40694Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2009:209)NessusMandriva Local Security Checks
critical
40579Fedora 10 : xmlsec1-1.2.12-1.fc10 (2009-8456)NessusFedora Local Security Checks
medium
40567Fedora 11 : xmlsec1-1.2.12-1.fc11 (2009-8473)NessusFedora Local Security Checks
medium
40547Ubuntu 8.10 / 9.04 : openjdk-6 vulnerabilities (USN-814-1)NessusUbuntu Local Security Checks
critical
40515Fedora 10 : java-1.6.0-openjdk-1.6.0.0-20.b16.fc10 (2009-8337)NessusFedora Local Security Checks
critical
40510RHEL 5 : java-1.6.0-openjdk (RHSA-2009:1201)NessusRed Hat Local Security Checks
critical
40507Fedora 11 : java-1.6.0-openjdk-1.6.0.0-27.b16.fc11 (2009-8329)NessusFedora Local Security Checks
critical
40495Sun Java JRE Multiple Vulnerabilities (263408 / 263409 / 263428 ..)NessusWindows
high
40454Fedora 11 : xml-security-c-1.5.1-1.fc11 (2009-8157)NessusFedora Local Security Checks
medium
40451Fedora 10 : xml-security-c-1.5.1-1.fc10 (2009-8121)NessusFedora Local Security Checks
medium
40429FreeBSD : mono -- XML signature HMAC truncation spoofing (708c65a5-7c58-11de-a994-0030843d3802)NessusFreeBSD Local Security Checks
medium
39005Solaris 9 (x86) : 141710-03NessusSolaris Local Security Checks
medium
39004Solaris 9 (sparc) : 141709-03NessusSolaris Local Security Checks
medium
39003Solaris 10 (x86) : 141710-03 (deprecated)NessusSolaris Local Security Checks
medium
39002Solaris 10 (sparc) : 141709-03 (deprecated)NessusSolaris Local Security Checks
medium
35421Solaris 9 (x86) : 128641-30NessusSolaris Local Security Checks
medium
35419Solaris 9 (sparc) : 128640-30NessusSolaris Local Security Checks
medium
35415Solaris 10 (x86) : 128641-30 (deprecated)NessusSolaris Local Security Checks
medium
35409Solaris 10 (sparc) : 128640-30 (deprecated)NessusSolaris Local Security Checks
medium
27020Solaris 9 (sparc) : 125136-97NessusSolaris Local Security Checks
critical
27008Solaris 8 (sparc) : 125136-97NessusSolaris Local Security Checks
critical
26984Solaris 10 (sparc) : 125136-97 (deprecated)NessusSolaris Local Security Checks
critical