CVE-2009-3555

MEDIUM

Description

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

References

http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html

http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html

http://blogs.iss.net/archive/sslmitmiscsrf.html

http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during

http://clicky.me/tlsvuln

http://extendedsubset.com/?p=8

http://extendedsubset.com/Renegotiating_TLS.pdf

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

http://kbase.redhat.com/faq/docs/DOC-20491

http://lists.apple.com/archives/security-announce/2010//May/msg00001.html

http://lists.apple.com/archives/security-announce/2010//May/msg00002.html

http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html

http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html

http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2

http://marc.info/?l=bugtraq&m=126150535619567&w=2

http://marc.info/?l=bugtraq&m=127128920008563&w=2

http://marc.info/?l=bugtraq&m=127419602507642&w=2

http://marc.info/?l=bugtraq&m=127557596201693&w=2

http://marc.info/?l=bugtraq&m=130497311408250&w=2

http://marc.info/?l=bugtraq&m=132077688910227&w=2

http://marc.info/?l=bugtraq&m=133469267822771&w=2

http://marc.info/?l=bugtraq&m=134254866602253&w=2

http://marc.info/?l=bugtraq&m=142660345230545&w=2

http://marc.info/?l=cryptography&m=125752275331877&w=2

http://openbsd.org/errata45.html#010_openssl

http://openbsd.org/errata46.html#004_openssl

http://osvdb.org/60521

http://osvdb.org/60972

http://osvdb.org/62210

http://osvdb.org/65202

http://seclists.org/fulldisclosure/2009/Nov/139

http://secunia.com/advisories/37291

http://secunia.com/advisories/37292

http://secunia.com/advisories/37320

http://secunia.com/advisories/37383

http://secunia.com/advisories/37399

http://secunia.com/advisories/37453

http://secunia.com/advisories/37501

http://secunia.com/advisories/37504

http://secunia.com/advisories/37604

http://secunia.com/advisories/37640

http://secunia.com/advisories/37656

http://secunia.com/advisories/37675

http://secunia.com/advisories/37859

http://secunia.com/advisories/38003

http://secunia.com/advisories/38020

http://secunia.com/advisories/38056

http://secunia.com/advisories/38241

http://secunia.com/advisories/38484

http://secunia.com/advisories/38687

http://secunia.com/advisories/38781

http://secunia.com/advisories/39127

http://secunia.com/advisories/39136

http://secunia.com/advisories/39242

http://secunia.com/advisories/39243

http://secunia.com/advisories/39278

http://secunia.com/advisories/39292

http://secunia.com/advisories/39317

http://secunia.com/advisories/39461

http://secunia.com/advisories/39500

http://secunia.com/advisories/39628

http://secunia.com/advisories/39632

http://secunia.com/advisories/39713

http://secunia.com/advisories/39819

http://secunia.com/advisories/40070

http://secunia.com/advisories/40545

http://secunia.com/advisories/40747

http://secunia.com/advisories/40866

http://secunia.com/advisories/41480

http://secunia.com/advisories/41490

http://secunia.com/advisories/41818

http://secunia.com/advisories/41967

http://secunia.com/advisories/41972

http://secunia.com/advisories/42377

http://secunia.com/advisories/42379

http://secunia.com/advisories/42467

http://secunia.com/advisories/42724

http://secunia.com/advisories/42733

http://secunia.com/advisories/42808

http://secunia.com/advisories/42811

http://secunia.com/advisories/42816

http://secunia.com/advisories/43308

http://secunia.com/advisories/44183

http://secunia.com/advisories/44954

http://secunia.com/advisories/48577

http://security.gentoo.org/glsa/glsa-200912-01.xml

http://security.gentoo.org/glsa/glsa-201203-22.xml

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://securitytracker.com/id?1023148

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446

http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1

http://support.apple.com/kb/HT4004

http://support.apple.com/kb/HT4170

http://support.apple.com/kb/HT4171

http://support.avaya.com/css/P8/documents/100070150

http://support.avaya.com/css/P8/documents/100081611

http://support.avaya.com/css/P8/documents/100114315

http://support.avaya.com/css/P8/documents/100114327

http://support.citrix.com/article/CTX123359

http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES

http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released

http://sysoev.ru/nginx/patch.cve-2009-3555.txt

http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html

http://ubuntu.com/usn/usn-923-1

http://wiki.rpath.com/Advisories:rPSA-2009-0155

http://www.arubanetworks.com/support/alerts/aid-020810.txt

http://www.betanews.com/article/1257452450

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml

http://www.debian.org/security/2009/dsa-1934

http://www.debian.org/security/2011/dsa-2141

http://www.debian.org/security/2015/dsa-3253

http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html

http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html

http://www.ietf.org/mail-archive/web/tls/current/msg03928.html

http://www.ietf.org/mail-archive/web/tls/current/msg03948.html

http://www.ingate.com/Relnote.php?ver=481

http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995

http://www.kb.cert.org/vuls/id/120541

http://www.links.org/?p=780

http://www.links.org/?p=786

http://www.links.org/?p=789

http://www.mandriva.com/security/advisories?name=MDVSA-2010:076

http://www.mandriva.com/security/advisories?name=MDVSA-2010:084

http://www.mandriva.com/security/advisories?name=MDVSA-2010:089

http://www.mozilla.org/security/announce/2010/mfsa2010-22.html

http://www.openoffice.org/security/cves/CVE-2009-3555.html

http://www.openssl.org/news/secadv_20091111.txt

http://www.openwall.com/lists/oss-security/2009/11/05/3

http://www.openwall.com/lists/oss-security/2009/11/05/5

http://www.openwall.com/lists/oss-security/2009/11/06/3

http://www.openwall.com/lists/oss-security/2009/11/07/3

http://www.openwall.com/lists/oss-security/2009/11/20/1

http://www.openwall.com/lists/oss-security/2009/11/23/10

http://www.opera.com/docs/changelogs/unix/1060/

http://www.opera.com/support/search/view/944/

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c

http://www.redhat.com/support/errata/RHSA-2010-0119.html

http://www.redhat.com/support/errata/RHSA-2010-0130.html

http://www.redhat.com/support/errata/RHSA-2010-0155.html

http://www.redhat.com/support/errata/RHSA-2010-0165.html

http://www.redhat.com/support/errata/RHSA-2010-0167.html

http://www.redhat.com/support/errata/RHSA-2010-0337.html

http://www.redhat.com/support/errata/RHSA-2010-0338.html

http://www.redhat.com/support/errata/RHSA-2010-0339.html

http://www.redhat.com/support/errata/RHSA-2010-0768.html

http://www.redhat.com/support/errata/RHSA-2010-0770.html

http://www.redhat.com/support/errata/RHSA-2010-0786.html

http://www.redhat.com/support/errata/RHSA-2010-0807.html

http://www.redhat.com/support/errata/RHSA-2010-0865.html

http://www.redhat.com/support/errata/RHSA-2010-0986.html

http://www.redhat.com/support/errata/RHSA-2010-0987.html

http://www.redhat.com/support/errata/RHSA-2011-0880.html

http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html

http://www.securityfocus.com/archive/1/507952/100/0/threaded

http://www.securityfocus.com/archive/1/508075/100/0/threaded

http://www.securityfocus.com/archive/1/508130/100/0/threaded

http://www.securityfocus.com/archive/1/515055/100/0/threaded

http://www.securityfocus.com/archive/1/516397/100/0/threaded

http://www.securityfocus.com/archive/1/522176

http://www.securityfocus.com/bid/36935

http://www.securitytracker.com/id?1023163

http://www.securitytracker.com/id?1023204

http://www.securitytracker.com/id?1023205

http://www.securitytracker.com/id?1023206

http://www.securitytracker.com/id?1023207

http://www.securitytracker.com/id?1023208

http://www.securitytracker.com/id?1023209

http://www.securitytracker.com/id?1023210

http://www.securitytracker.com/id?1023211

http://www.securitytracker.com/id?1023212

http://www.securitytracker.com/id?1023213

http://www.securitytracker.com/id?1023214

http://www.securitytracker.com/id?1023215

http://www.securitytracker.com/id?1023216

http://www.securitytracker.com/id?1023217

http://www.securitytracker.com/id?1023218

http://www.securitytracker.com/id?1023219

http://www.securitytracker.com/id?1023224

http://www.securitytracker.com/id?1023243

http://www.securitytracker.com/id?1023270

http://www.securitytracker.com/id?1023271

http://www.securitytracker.com/id?1023272

http://www.securitytracker.com/id?1023273

http://www.securitytracker.com/id?1023274

http://www.securitytracker.com/id?1023275

http://www.securitytracker.com/id?1023411

http://www.securitytracker.com/id?1023426

http://www.securitytracker.com/id?1023427

http://www.securitytracker.com/id?1023428

http://www.securitytracker.com/id?1024789

http://www.tombom.co.uk/blog/?p=85

http://www.ubuntu.com/usn/USN-1010-1

http://www.ubuntu.com/usn/USN-927-1

http://www.ubuntu.com/usn/USN-927-4

http://www.ubuntu.com/usn/USN-927-5

http://www.us-cert.gov/cas/techalerts/TA10-222A.html

http://www.us-cert.gov/cas/techalerts/TA10-287A.html

http://www.vmware.com/security/advisories/VMSA-2010-0019.html

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

http://www.vupen.com/english/advisories/2009/3164

http://www.vupen.com/english/advisories/2009/3165

http://www.vupen.com/english/advisories/2009/3205

http://www.vupen.com/english/advisories/2009/3220

http://www.vupen.com/english/advisories/2009/3310

http://www.vupen.com/english/advisories/2009/3313

http://www.vupen.com/english/advisories/2009/3353

http://www.vupen.com/english/advisories/2009/3354

http://www.vupen.com/english/advisories/2009/3484

http://www.vupen.com/english/advisories/2009/3521

http://www.vupen.com/english/advisories/2009/3587

http://www.vupen.com/english/advisories/2010/0086

http://www.vupen.com/english/advisories/2010/0173

http://www.vupen.com/english/advisories/2010/0748

http://www.vupen.com/english/advisories/2010/0848

http://www.vupen.com/english/advisories/2010/0916

http://www.vupen.com/english/advisories/2010/0933

http://www.vupen.com/english/advisories/2010/0982

http://www.vupen.com/english/advisories/2010/0994

http://www.vupen.com/english/advisories/2010/1054

http://www.vupen.com/english/advisories/2010/1107

http://www.vupen.com/english/advisories/2010/1191

http://www.vupen.com/english/advisories/2010/1350

http://www.vupen.com/english/advisories/2010/1639

http://www.vupen.com/english/advisories/2010/1673

http://www.vupen.com/english/advisories/2010/1793

http://www.vupen.com/english/advisories/2010/2010

http://www.vupen.com/english/advisories/2010/2745

http://www.vupen.com/english/advisories/2010/3069

http://www.vupen.com/english/advisories/2010/3086

http://www.vupen.com/english/advisories/2010/3126

http://www.vupen.com/english/advisories/2011/0032

http://www.vupen.com/english/advisories/2011/0033

http://www.vupen.com/english/advisories/2011/0086

http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848

http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054

http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055

http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247

http://www-01.ibm.com/support/docview.wss?uid=swg21426108

http://www-01.ibm.com/support/docview.wss?uid=swg21432298

http://www-01.ibm.com/support/docview.wss?uid=swg24006386

http://www-01.ibm.com/support/docview.wss?uid=swg24025312

http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only

http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html

https://bugzilla.mozilla.org/show_bug.cgi?id=526689

https://bugzilla.mozilla.org/show_bug.cgi?id=545755

https://bugzilla.redhat.com/show_bug.cgi?id=533125

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049

https://exchange.xforce.ibmcloud.com/vulnerabilities/54158

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888

https://kb.bluecoat.com/index?page=content&id=SA50

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535

https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html

https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html

Details

Source: MITRE

Published: 2009-11-09

Updated: 2021-02-05

Type: CWE-310

Risk Information

CVSS v2.0

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (267 total)

IDNameProductFamilySeverity
127360NewStart CGSL MAIN 4.05 : httpd Multiple Vulnerabilities (NS-SA-2019-0118)NessusNewStart CGSL Local Security Checks
critical
127201NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0033)NessusNewStart CGSL Local Security Checks
critical
127177NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl098e Multiple Vulnerabilities (NS-SA-2019-0020)NessusNewStart CGSL Local Security Checks
critical
125000EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1547)NessusHuawei Local Security Checks
critical
108808Microsoft IIS 7.0 Vulnerabilities (uncredentialed) (PCI/DSS)NessusWeb Servers
high
108025Solaris 10 (x86) : 141525-10NessusSolaris Local Security Checks
medium
107968Solaris 10 (x86) : 128641-30NessusSolaris Local Security Checks
medium
107932Solaris 10 (x86) : 125438-22NessusSolaris Local Security Checks
high
107577Solaris 10 (sparc) : 145102-01NessusSolaris Local Security Checks
medium
107539Solaris 10 (sparc) : 143140-04NessusSolaris Local Security Checks
medium
107469Solaris 10 (sparc) : 128640-30NessusSolaris Local Security Checks
medium
107431Solaris 10 (sparc) : 125437-22NessusSolaris Local Security Checks
high
107262nginx < 0.7.64 / 0.8.x < 0.8.23 Multiple VulnerabilitiesNessusWeb Servers
medium
104656Fortinet FortiOS < 5.2 / 5.4.x < 5.4.6 / 5.6.x < 5.6.1 SSL / TLS Renegotiation Handshakes MitM Plaintext Data Injection (FG-IR-17-137)NessusFirewalls
medium
89745VMware ESX Multiple Vulnerabilities (VMSA-2010-0019) (remote check)NessusVMware ESX Local Security Checks
high
89742VMware ESX Multiple Vulnerabilities (VMSA-2010-0015) (remote check)NessusVMware ESX Local Security Checks
critical
89674VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0003) (remote check)NessusMisc.
critical
88107Debian DLA-400-1 : pound security update (BEAST) (POODLE)NessusDebian Local Security Checks
medium
83306Debian DSA-3253-1 : pound - security update (POODLE)NessusDebian Local Security Checks
medium
79532OracleVM 3.2 : onpenssl (OVMSA-2014-0008)NessusOracleVM Local Security Checks
critical
79531OracleVM 2.2 : openssl (OVMSA-2014-0007)NessusOracleVM Local Security Checks
critical
78123F5 Networks BIG-IP : SSL Renegotiation vulnerability (SOL10737)NessusF5 Networks Local Security Checks
medium
76303GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)NessusGentoo Local Security Checks
critical
75802openSUSE Security Update : compat-openssl097g (openSUSE-SU-2011:0845-1)NessusSuSE Local Security Checks
medium
75540openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2010:0754-1)NessusSuSE Local Security Checks
critical
75534openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0957-1)NessusSuSE Local Security Checks
critical
75522openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-2)NessusSuSE Local Security Checks
medium
75521openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-1)NessusSuSE Local Security Checks
medium
75453openSUSE Security Update : compat-openssl097g (openSUSE-SU-2011:0845-1)NessusSuSE Local Security Checks
medium
73566AIX OpenSSL Advisory : ssl_advisory.ascNessusAIX Local Security Checks
medium
70997GLSA-201311-13 : OpenVPN: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
70111GLSA-201309-15 : ProFTPD: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
68117Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2010-0768)NessusOracle Linux Local Security Checks
critical
68028Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2010-0339)NessusOracle Linux Local Security Checks
high
68027Oracle Linux 3 / 4 : seamonkey (ELSA-2010-0333)NessusOracle Linux Local Security Checks
critical
68021Oracle Linux 4 : gnutls (ELSA-2010-0167)NessusOracle Linux Local Security Checks
high
68020Oracle Linux 5 : gnutls (ELSA-2010-0166)NessusOracle Linux Local Security Checks
medium
68019Oracle Linux 4 / 5 : nss (ELSA-2010-0165)NessusOracle Linux Local Security Checks
medium
68018Oracle Linux 5 : openssl097a (ELSA-2010-0164)NessusOracle Linux Local Security Checks
medium
68017Oracle Linux 3 / 4 : openssl (ELSA-2010-0163)NessusOracle Linux Local Security Checks
medium
68016Oracle Linux 5 : openssl (ELSA-2010-0162)NessusOracle Linux Local Security Checks
critical
67959Oracle Linux 4 : httpd (ELSA-2009-1580)NessusOracle Linux Local Security Checks
high
67958Oracle Linux 3 / 5 : httpd (ELSA-2009-1579)NessusOracle Linux Local Security Checks
high
67074CentOS 4 : httpd (CESA-2009:1580)NessusCentOS Local Security Checks
high
67073CentOS 3 / 5 : httpd (CESA-2009:1579)NessusCentOS Local Security Checks
high
64843Oracle Java SE Multiple Vulnerabilities (October 2010 CPU) (Unix)NessusMisc.
critical
64842Oracle Java SE Multiple Vulnerabilities (March 2010 CPU) (Unix)NessusMisc.
high
64662Debian DSA-2626-1 : lighttpd - several issuesNessusDebian Local Security Checks
medium
63983RHEL 5 : IBM Java Runtime (RHSA-2011:0880)NessusRed Hat Local Security Checks
critical
63402GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)NessusGentoo Local Security Checks
critical
60892Scientific Linux Security Update : java-1.6.0-openjdk on SL6.x i386/x86_64NessusScientific Linux Local Security Checks
critical
60869Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
critical
60868Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
critical
60777Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
60776Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
60759Scientific Linux Security Update : openssl on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
critical
60758Scientific Linux Security Update : openssl on SL3.x, SL4.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60757Scientific Linux Security Update : openssl097a on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60755Scientific Linux Security Update : nss on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60752Scientific Linux Security Update : gnutls on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
60695Scientific Linux Security Update : httpd on SL3.x, SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
59671GLSA-201206-18 : GnuTLS: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
59614GLSA-201203-22 : nginx: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
59684HP Systems Insight Manager < 7.0 Multiple VulnerabilitiesNessusWindows
critical
59119SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 7036)NessusSuSE Local Security Checks
medium
57170SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 7645)NessusSuSE Local Security Checks
medium
56458GLSA-201110-05 : GnuTLS: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
55715SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 7644)NessusSuSE Local Security Checks
medium
55711SuSE 11.1 Security Update : compat-openssl097g (SAT Patch Number 4913)NessusSuSE Local Security Checks
medium
53897Oracle Database Multiple Vulnerabilities (April 2011 CPU)NessusDatabases
high
53731openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0957-1)NessusSuSE Local Security Checks
critical
53729openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-2)NessusSuSE Local Security Checks
medium
53728openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-1)NessusSuSE Local Security Checks
medium
53662openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0957-1)NessusSuSE Local Security Checks
critical
53661openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-2)NessusSuSE Local Security Checks
medium
53660openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-1)NessusSuSE Local Security Checks
medium
53618SuSE9 Security Update : GnuTLS (YOU Patch Number 12705)NessusSuSE Local Security Checks
medium
52688SuSE 11 Security Update : Mozilla XULrunner (SAT Patch Number 2255)NessusSuSE Local Security Checks
critical
52686SuSE 11 Security Update : MozillaFirefox, MozillaFirefox-branding-upstream, etc (SAT Patch Number 2254)NessusSuSE Local Security Checks
critical
51971VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESXNessusVMware ESX Local Security Checks
critical
51751SuSE 10 Security Update : Sun Java 1.6.0 (ZYPP Patch Number 7204)NessusSuSE Local Security Checks
critical
51750SuSE 10 Security Update : IBM Java 6 SR9 (ZYPP Patch Number 7312)NessusSuSE Local Security Checks
critical
51748SuSE 10 Security Update : GnuTLS (ZYPP Patch Number 7299)NessusSuSE Local Security Checks
medium
51667SuSE 11.1 Security Update : IBM Java 6 (SAT Patch Number 3724)NessusSuSE Local Security Checks
critical
51605SuSE 11.1 Security Update : IBM Java 1.4.2 (SAT Patch Number 3528)NessusSuSE Local Security Checks
critical
51604SuSE 11 / 11.1 Security Update : IBM Java 1.4.2 (SAT Patch Numbers 2413 / 2483)NessusSuSE Local Security Checks
medium
51440Debian DSA-2141-1 : openssl - SSL/TLS insecure renegotiation protocol design flawNessusDebian Local Security Checks
medium
51339SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 7231)NessusSuSE Local Security Checks
critical
51338SuSE9 Security Update : IBM Java2 JRE and SDK (YOU Patch Number 12658)NessusSuSE Local Security Checks
critical
51198SuSE 11 / 11.1 Security Update : GnuTLS (SAT Patch Numbers 3650 / 3651)NessusSuSE Local Security Checks
medium
51197RHEL 4 / 5 / 6 : java-1.6.0-ibm (RHSA-2010:0987)NessusRed Hat Local Security Checks
critical
51077VMSA-2010-0019 : VMware ESX third-party updates for Service ConsoleNessusVMware ESX Local Security Checks
high
50968SuSE 10 Security Update : IBM Java 5 (ZYPP Patch Number 7205)NessusSuSE Local Security Checks
critical
50950SuSE 11 Security Update : Mozilla XULrunner (SAT Patch Number 2255)NessusSuSE Local Security Checks
critical
50937SuSE 11 Security Update : OpenSSL (SAT Patch Number 2214)NessusSuSE Local Security Checks
critical
50930SuSE 11 Security Update : Mozilla (SAT Patch Number 2239)NessusSuSE Local Security Checks
medium
50919SuSE 11 / 11.1 Security Update : Java 1.6.0 (SAT Patch Numbers 3347 / 3349)NessusSuSE Local Security Checks
critical
50917SuSE 11 Security Update : Sun Java 6 (SAT Patch Number 2225)NessusSuSE Local Security Checks
high
50872SuSE 11 Security Update : MozillaFirefox, MozillaFirefox-branding-upstream, etc (SAT Patch Number 2254)NessusSuSE Local Security Checks
critical
50854SuSE9 Security Update : IBM Java 5 JRE and SDK (YOU Patch Number 12659)NessusSuSE Local Security Checks
critical
50637RHEL 6 : java-1.6.0-openjdk (RHSA-2010:0865)NessusRed Hat Local Security Checks
critical
50410Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openjdk-6, openjdk-6b18 vulnerabilities (USN-1010-1)NessusUbuntu Local Security Checks
critical
50360RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2010:0807)NessusRed Hat Local Security Checks
critical
50299openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2010:0754-1)NessusSuSE Local Security Checks
critical
50298openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2010:0754-1)NessusSuSE Local Security Checks
critical
50295Fedora 12 : java-1.6.0-openjdk-1.6.0.0-41.1.8.2.fc12 (2010-16240)NessusFedora Local Security Checks
critical
50078RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2010:0786)NessusRed Hat Local Security Checks
critical
50073Mac OS X : Java for Mac OS X 10.6 Update 3NessusMacOS X Local Security Checks
high
50072Mac OS X : Java for Mac OS X 10.5 Update 8NessusMacOS X Local Security Checks
high
50069Apache 2.0.x < 2.0.64 Multiple VulnerabilitiesNessusWeb Servers
high
50035Fedora 13 : java-1.6.0-openjdk-1.6.0.0-43.1.8.2.fc13 (2010-16294)NessusFedora Local Security Checks
critical
45004Apache 2.2.x < 2.2.15 Multiple VulnerabilitiesNessusWeb Servers
critical
50007Fedora 14 : java-1.6.0-openjdk-1.6.0.0-44.1.9.1.fc14 (2010-16312)NessusFedora Local Security Checks
critical
50003CentOS 5 : java-1.6.0-openjdk (CESA-2010:0768)NessusCentOS Local Security Checks
critical
49996Oracle Java SE Multiple Vulnerabilities (October 2010 CPU)NessusWindows
critical
49990RHEL 4 / 5 : java-1.6.0-sun (RHSA-2010:0770)NessusRed Hat Local Security Checks
critical
49974RHEL 5 : java-1.6.0-openjdk (RHSA-2010:0768)NessusRed Hat Local Security Checks
critical
49909SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6944)NessusSuSE Local Security Checks
critical
49908SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6655)NessusSuSE Local Security Checks
medium
49901SuSE 10 Security Update : Mozilla XULrunner (ZYPP Patch Number 6971)NessusSuSE Local Security Checks
critical
49896SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 6978)NessusSuSE Local Security Checks
medium
49892SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6979)NessusSuSE Local Security Checks
critical
49864SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 7077)NessusSuSE Local Security Checks
high
49839SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6657)NessusSuSE Local Security Checks
medium
49703VMSA-2010-0015 : VMware ESX third-party updates for Service ConsoleNessusVMware ESX Local Security Checks
critical
49644Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : apache2 vulnerability (USN-990-2)NessusUbuntu Local Security Checks
medium
49643Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : openssl vulnerability (USN-990-1)NessusUbuntu Local Security Checks
medium
5667HP System Management Homepage < 6.2 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
49272HP System Management Homepage < 6.2 Multiple VulnerabilitiesNessusWeb Servers
high
49120IBM DB2 9.5 < Fix Pack 6a Multiple VulnerabilitiesNessusDatabases
critical
48286MS10-049: Vulnerabilities in SChannel could allow Remote Code Execution (980436)NessusWindows : Microsoft Bulletins
high
47821Ubuntu 9.04 : nss vulnerability (USN-927-6)NessusUbuntu Local Security Checks
medium
47617SuSE9 Security Update : IBM Java 1.5.0 (YOU Patch Number 12623)NessusSuSE Local Security Checks
high
47539Fedora 13 : gnutls-2.8.6-2.fc13 (2010-9518)NessusFedora Local Security Checks
medium
47537Fedora 12 : gnutls-2.8.6-2.fc12 (2010-9487)NessusFedora Local Security Checks
medium
47509Fedora 12 : openssl-1.0.0-4.fc12 (2010-8742)NessusFedora Local Security Checks
critical
47426Fedora 13 : java-1.6.0-openjdk-1.6.0.0-37.b17.fc13 (2010-6279)NessusFedora Local Security Checks
high
47417Fedora 11 : httpd-2.2.15-1.fc11.1 (2010-6131)NessusFedora Local Security Checks
medium
47411Fedora 11 : java-1.6.0-openjdk-1.6.0.0-34.b17.fc11 (2010-6039)NessusFedora Local Security Checks
high
47410Fedora 12 : java-1.6.0-openjdk-1.6.0.0-37.b17.fc12 (2010-6025)NessusFedora Local Security Checks
high
47408Fedora 13 : httpd-2.2.15-1.fc13 (2010-5942)NessusFedora Local Security Checks
medium
47385Fedora 11 : openssl-0.9.8n-1.fc11 (2010-5357)NessusFedora Local Security Checks
critical
47332Fedora 12 : nss-3.12.6-1.2.fc12 (2010-3956)NessusFedora Local Security Checks
medium
47331Fedora 13 : nss-3.12.6-1.2.fc13 (2010-3929)NessusFedora Local Security Checks
medium
47330Fedora 11 : nss-3.12.6-1.2.fc11 (2010-3905)NessusFedora Local Security Checks
medium
47232Fedora 12 : nss-3.12.5-8.fc12 (2010-1127)NessusFedora Local Security Checks
medium
47159Ubuntu 8.04 LTS : nss vulnerability (USN-927-4)NessusUbuntu Local Security Checks
medium
46873CentOS 5 : java-1.6.0-openjdk (CESA-2010:0339)NessusCentOS Local Security Checks
high
46863SuSE9 Security Update : IBM Java 1.4.2 (YOU Patch Number 12621)NessusSuSE Local Security Checks
medium
5564OpenOffice < 3.2.1 Multiple VulnerabilitiesNessus Network MonitorGeneric
medium
46814Oracle OpenOffice.org < 3.2.1 Multiple VulnerabilitiesNessusWindows
high
46807GLSA-201006-18 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
5556IBM DB2 9.7 < 9.7 Fix Pack 2 Multiple VulnerabilitiesNessus Network MonitorDatabase
medium
46766IBM DB2 9.7 < Fix Pack 2 Multiple VulnerabilitiesNessusDatabases
medium
46677HP System Management Homepage < 6.1.0.102 / 6.1.0-103 Multiple VulnerabilitiesNessusWeb Servers
high
46674Mac OS X : Java for Mac OS X 10.6 Update 2NessusMacOS X Local Security Checks
high
46673Mac OS X : Java for Mac OS X 10.5 Update 7NessusMacOS X Local Security Checks
high
46295RHEL 5 : java-1.6.0-openjdk (RHSA-2010:0339)NessusRed Hat Local Security Checks
high
46294RHEL 4 / 5 : java-1.5.0-sun (RHSA-2010:0338)NessusRed Hat Local Security Checks
high
46293RHEL 4 / 5 : java-1.6.0-sun (RHSA-2010:0337)NessusRed Hat Local Security Checks
high
46292RHEL 3 / 4 : seamonkey (RHSA-2010:0333)NessusRed Hat Local Security Checks
critical
46278RHEL 4 : gnutls (RHSA-2010:0167)NessusRed Hat Local Security Checks
high
46277RHEL 5 : gnutls (RHSA-2010:0166)NessusRed Hat Local Security Checks
medium
46276RHEL 4 / 5 : nss (RHSA-2010:0165)NessusRed Hat Local Security Checks
medium
46275RHEL 5 : openssl097a (RHSA-2010:0164)NessusRed Hat Local Security Checks
medium
46274RHEL 3 / 4 : openssl (RHSA-2010:0163)NessusRed Hat Local Security Checks
medium
46273RHEL 5 : openssl (RHSA-2010:0162)NessusRed Hat Local Security Checks
critical
46272RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2010:0155)NessusRed Hat Local Security Checks
medium
46191openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1)NessusSuSE Local Security Checks
high
46189openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1)NessusSuSE Local Security Checks
high
46187openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1)NessusSuSE Local Security Checks
high
46176Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2010:084)NessusMandriva Local Security Checks
high
46173IBM DB2 9.1 < Fix Pack 9 Multiple VulnerabilitiesNessusDatabases
medium
45563Mandriva Linux Security Advisory : openssl (MDVSA-2010:076-1)NessusMandriva Local Security Checks
critical
45527openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0102-3)NessusSuSE Local Security Checks
critical
45526openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-2261)NessusSuSE Local Security Checks
critical
45525openSUSE Security Update : firefox35upgrade (firefox35upgrade-2262)NessusSuSE Local Security Checks
critical
45524openSUSE Security Update : MozillaFirefox-branding-openSUSE (MozillaFirefox-branding-openSUSE-2281)NessusSuSE Local Security Checks
critical
45523openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-2261)NessusSuSE Local Security Checks
critical
45522openSUSE Security Update : firefox35upgrade (firefox35upgrade-2262)NessusSuSE Local Security Checks
critical
45500SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6976)NessusSuSE Local Security Checks
critical
45499SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 6977)NessusSuSE Local Security Checks
medium
45498SuSE 10 Security Update : MozillaFirefox, MozillaFirefox-branding-upstream, MozillaFirefox-translations, mozilla-xulrunner191, mozilla-xulrunner191-devel, mozilla-xulrunner191-gnomevfs, mozilla-xulrunner191-translations, python-xpcom191 (ZYPP Patch Number 6970)NessusSuSE Local Security Checks
critical
45497openSUSE Security Update : seamonkey (openSUSE-SU-2010:0102-1)NessusSuSE Local Security Checks
critical
45496openSUSE Security Update : libfreebl3 (openSUSE-SU-2010:0100-1)NessusSuSE Local Security Checks
medium
45495openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2010:0102-2)NessusSuSE Local Security Checks
critical
45494openSUSE Security Update : libfreebl3 (openSUSE-SU-2010:0100-1)NessusSuSE Local Security Checks
medium
45492openSUSE Security Update : libfreebl3 (openSUSE-SU-2010:0100-1)NessusSuSE Local Security Checks
medium
45485Ubuntu 9.10 : nss vulnerability (USN-927-1)NessusUbuntu Local Security Checks
medium
45474Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : openjdk-6 vulnerabilities (USN-923-1)NessusUbuntu Local Security Checks
high
45466openSUSE Security Update : libopenssl-devel (libopenssl-devel-2232)NessusSuSE Local Security Checks
critical
45465openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-2228)NessusSuSE Local Security Checks
high
45460openSUSE Security Update : libopenssl-devel (libopenssl-devel-2232)NessusSuSE Local Security Checks
critical
45459openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-2228)NessusSuSE Local Security Checks
high
45454openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-2228)NessusSuSE Local Security Checks
high
45449Mandriva Linux Security Advisory : nss (MDVSA-2010:069)NessusMandriva Local Security Checks
medium
45444CentOS 3 / 4 : seamonkey (CESA-2010:0333)NessusCentOS Local Security Checks
critical
45401SuSE9 Security Update : OpenSSL (YOU Patch Number 12606)NessusSuSE Local Security Checks
critical
801278Mozilla SeaMonkey < 2.0.4 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
801276Mozilla Firefox < 3.5.9 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
5496Mozilla Thunderbird < 3.0.4 Multiple VulnerabilitiesNessus Network MonitorSMTP Clients
medium
5495SeaMonkey < 2.0.4 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
5494Mozilla Firefox < 3.5.9 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
45395SeaMonkey < 2.0.4 Multiple VulnerabilitiesNessusWindows
high
45394Mozilla Thunderbird < 3.0.4 Multiple VulnerabilitiesNessusWindows
high
45393Firefox < 3.5.9 Multiple VulnerabilitiesNessusWindows
high
45385SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6943)NessusSuSE Local Security Checks
critical
45382FreeBSD : mozilla -- multiple vulnerabilities (9ccfee39-3c3b-11df-9edc-000f20797ede)NessusFreeBSD Local Security Checks
critical
45379Oracle Java SE Multiple Vulnerabilities (March 2010 CPU)NessusWindows
high
45366CentOS 4 : gnutls (CESA-2010:0167)NessusCentOS Local Security Checks
high
45365CentOS 5 : gnutls (CESA-2010:0166)NessusCentOS Local Security Checks
medium
45364CentOS 4 / 5 : nss (CESA-2010:0165)NessusCentOS Local Security Checks
medium
45363CentOS 5 : openssl097a (CESA-2010:0164)NessusCentOS Local Security Checks
medium
45362CentOS 5 : openssl (CESA-2010:0162)NessusCentOS Local Security Checks
critical
45346CentOS 3 / 4 : openssl (CESA-2010:0163)NessusCentOS Local Security Checks
medium
45133Firefox 3.6.x < 3.6.2 Multiple VulnerabilitiesNessusWindows
high
45039OpenSSL < 0.9.8m Multiple VulnerabilitiesNessusWeb Servers
critical
5358OpenSSL < 0.9.8m Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium
45007Slackware 12.0 / 12.1 / 12.2 / 13.0 / current : httpd (SSA:2010-067-01)NessusSlackware Local Security Checks
critical
800554Apache < 2.2.15 Multiple VulnerabilitiesLog Correlation EngineWeb Servers
high
5356Apache < 2.2.15 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
critical
44974RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2010:0130)NessusRed Hat Local Security Checks
high
800857Opera < 10.50 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
medium
5349Opera < 10.50 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
44960Opera < 10.50 Multiple VulnerabilitiesNessusWindows
medium
44799Debian DSA-1934-1 : apache2 - multiple issuesNessusDebian Local Security Checks
high
44095Mac OS X Multiple Vulnerabilities (Security Update 2010-001)NessusMacOS X Local Security Checks
critical
43604Fedora 12 : proftpd-1.3.2c-1.fc12 (2009-13250)NessusFedora Local Security Checks
medium
43603Fedora 11 : proftpd-1.3.2c-1.fc11 (2009-13236)NessusFedora Local Security Checks
medium
43597RHEL 4 / 5 : java-1.6.0-ibm (RHSA-2009:1694)NessusRed Hat Local Security Checks
critical
43393Mandriva Linux Security Advisory : proftpd (MDVSA-2009:337)NessusMandriva Local Security Checks
medium
43329Fedora 12 : httpd-2.2.14-1.fc12 (2009-12606)NessusFedora Local Security Checks
high
43328Fedora 11 : tomcat-native-1.1.18-1.fc11 (2009-12305)NessusFedora Local Security Checks
medium
43327Fedora 12 : tomcat-native-1.1.18-1.fc12 (2009-12229)NessusFedora Local Security Checks
medium
43092Fedora 12 : nss-util-3.12.5-1.fc12.1 (2009-12968)NessusFedora Local Security Checks
medium
43090Fedora 10 : httpd-2.2.14-1.fc10 (2009-12604)NessusFedora Local Security Checks
high
43042Mandriva Linux Security Advisory : apache (MDVSA-2009:323)NessusMandriva Local Security Checks
high
43034Fedora 11 : nginx-0.7.64-1.fc11 (2009-12782)NessusFedora Local Security Checks
high
43033Fedora 10 : nginx-0.7.64-1.fc10 (2009-12775)NessusFedora Local Security Checks
high
43032Fedora 12 : nginx-0.7.64-1.fc12 (2009-12750)NessusFedora Local Security Checks
high
42968GLSA-200912-01 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
42880SSL / TLS Renegotiation Handshakes MiTM Plaintext Data InjectionNessusGeneral
medium
42858Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : apache2 vulnerabilities (USN-860-1)NessusUbuntu Local Security Checks
high
42856SuSE 11.2 Security Update: libopenssl-devel (2009-11-13)NessusSuSE Local Security Checks
medium
42854openSUSE Security Update : libopenssl-devel (libopenssl-devel-1554)NessusSuSE Local Security Checks
medium
42852openSUSE Security Update : libopenssl-devel (libopenssl-devel-1554)NessusSuSE Local Security Checks
medium
42841SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6654)NessusSuSE Local Security Checks
medium
42840SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6656)NessusSuSE Local Security Checks
medium
42839openSUSE Security Update : compat-openssl097g (compat-openssl097g-1548)NessusSuSE Local Security Checks
medium
42838openSUSE Security Update : compat-openssl097g (compat-openssl097g-1548)NessusSuSE Local Security Checks
medium
42837openSUSE Security Update : compat-openssl097g (compat-openssl097g-1548)NessusSuSE Local Security Checks
medium
42836SuSE9 Security Update : OpenSSL (YOU Patch Number 12550)NessusSuSE Local Security Checks
medium
42830SuSE 11 Security Update : libopenssl (SAT Patch Number 1540)NessusSuSE Local Security Checks
medium
42829SuSE 11 Security Update : OpenSSL (SAT Patch Number 1544)NessusSuSE Local Security Checks
medium
42826Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / current : openssl (SSA:2009-320-01)NessusSlackware Local Security Checks
medium
42470RHEL 4 : httpd (RHSA-2009:1580)NessusRed Hat Local Security Checks
high
42469RHEL 3 / 5 : httpd (RHSA-2009:1579)NessusRed Hat Local Security Checks
high
42429Mandriva Linux Security Advisory : apache (MDVSA-2009:295)NessusMandriva Local Security Checks
medium
35421Solaris 9 (x86) : 128641-30NessusSolaris Local Security Checks
medium
35419Solaris 9 (sparc) : 128640-30NessusSolaris Local Security Checks
medium
35415Solaris 10 (x86) : 128641-30 (deprecated)NessusSolaris Local Security Checks
medium
35409Solaris 10 (sparc) : 128640-30 (deprecated)NessusSolaris Local Security Checks
medium
27039Solaris 9 (x86) : 125438-22NessusSolaris Local Security Checks
high
27023Solaris 9 (sparc) : 125437-22NessusSolaris Local Security Checks
high
27010Solaris 8 (sparc) : 125437-22NessusSolaris Local Security Checks
high
27000Solaris 10 (x86) : 125438-22 (deprecated)NessusSolaris Local Security Checks
high
26988Solaris 10 (sparc) : 125437-22 (deprecated)NessusSolaris Local Security Checks
high