	Nessus
	Download
	Plugins
	Newest Plugins
	Obtain an activation code
	View all plugins
	Search
	Documentation
	Register
	Buy Now
	ProfessionalFeed Support
	Bugs
	All the Tenable Products

Newest Plugins

Samba Symlink Traversal Arbitrary File Access:
Synopsis :

The remote file server is prone to a symlink attack.

Description :

The remote Samba server is configured insecurely and allows a remote
attacker to gain read or possibly write access to arbitrary files on
the affected host. Specifically, if an attacker has a valid Samba
account for a share that is writable or there is a writable share that
is configured to be a guest account share, he can create a symlink
using directory traversal sequences and gain access to files and
directories outside that share.

Note that successful exploitation requires that the Samba server's
'wide links' parameter be set to 'yes', which is the default.

See also :

http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0100.html
http://www.youtube.com/watch?v=NN50RtZ2N74
http://www.samba.org/samba/news/symlink_attack.html

Solution :

Set 'wide links = no' in the [global] section of smbd.conf.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

HP-UX Security patch : PHSS_40230:
Synopsis :

The remote host is missing HP-UX PHSS_40230 security update

Description :

11.31 ECMT B.05.00 patch

Solution :

ftp://ftp.itrc.hp.com//superseded_patches/hp-ux_patches/11.X/PHSS_40230

Risk factor :

High

HP-UX Security patch : PHSS_40229:
Synopsis :

The remote host is missing HP-UX PHSS_40229 security update

Description :

ECMT B.05.00 patch

Solution :

ftp://ftp.itrc.hp.com//superseded_patches/hp-ux_patches/s700_800/11.X/PHSS_40229

Risk factor :

High

SuSE 11.2 Security Update: libsnmp15 (2010-02-04):
Synopsis :

The remote SuSE system is missing a security patch for libsnmp15

Description :

This update of net-snmp fixes the following bugs:
- truncated walk of hrSWRunPath (bnc#565586)
- crash when 64-bit counters wrap (bnc#523553)
- unknown host names in snmp traps (bnc#514333)
- sensitive host information disclosure (bnc#475532,
CVE-2008-6123)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=466805
https://bugzilla.novell.com/show_bug.cgi?id=473328
https://bugzilla.novell.com/show_bug.cgi?id=475532
https://bugzilla.novell.com/show_bug.cgi?id=514333
https://bugzilla.novell.com/show_bug.cgi?id=523553
https://bugzilla.novell.com/show_bug.cgi?id=565586
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6123

Solution :

Run yast to install the security patch for libsnmp15

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

MDVSA-2010:033: squid:
Synopsis :

The remote host is missing the patch for the advisory MDVSA-2010:033 (squid).

Description :

A vulnerability have been discovered and corrected in Squid 2.x,
3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15, which allows
remote attackers to cause a denial of service (assertion failure)
via a crafted DNS packet that only contains a header (CVE-2010-0308).
This update provides a fix to this vulnerability.

See also :

http://wwwnew.mandriva.com/security/advisories?name=MDVSA-2010:033

Solution :

Apply the newest security patches from Mandriva.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P)

SMB Service Config Enumeration:
Synopsis :

It is possible to enumerate configuration parameters of remote
services.

Description :

This plugin implements the QueryServiceConfig() calls to obtain,
using the SMB protocol, the launch parameters of each active service
on the remote host (executable path, log on type, etc).

Solution :

Ensure that each service is configured properly.

Risk factor :

None

Squid < 3.0.STABLE19 / 3.1.0.14 / 2.6.STABLE23 strListGetItem Function Remote DoS:
Synopsis :

The remote proxy server is prone to a denial of service attack.

Description :

According to its banner, the version of the Squid proxy caching
server installed on the remote host is older than 3.0.STABLE19 /
3.1.0.14 / 2.6.STABLE23. A bug in the 'strListGetItem()' function in
'src/HttpHeaderTools.c' can result in an infinite loop when processing
a specially crafted auth header with certain comma delimiters.

A remote attacker may be able to leverage this issue to cause a denial
of service.

See also :

http://bugs.squid-cache.org/show_bug.cgi?id=2541
http://www.nessus.org/u?d0f03356 (3.0.STABLE19 release notes)
http://www.nessus.org/u?8bf8993a (3.1.0.14 release notes)
http://www.nessus.org/u?d23f7691 (2.6.STABLE23)

Solution :

Upgrade to Squid version 3.0.STABLE19 / 3.1.0.14 / 2.6.STABLE23 or
later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

USN894-1 : linux, linux-source-2.6.15 vulnerabilities:
Synopsis :

These remote packages are missing security patches :
- linux-doc
- linux-doc-2.6.15
- linux-doc-2.6.24
- linux-doc-2.6.27
- linux-doc-2.6.28
- linux-ec2-doc
- linux-ec2-source-2.6.31
- linux-headers-2.6.15-55
- linux-headers-2.6.15-55-386
- linux-headers-2.6.15-55-686
- linux-headers-2.6.15-55-amd64-generic
- linux-headers-2.6.15-55-amd64-k8
- linux-headers-2.6.15-55-amd64-server
- linux-headers-2.6.15-55-amd64-xeon
- linux-headers-2.6.15-55-k7
- linux-headers-2.6.15-55-powerpc
- linux-head
[...]

Description :

Amerigo Wang and Eric Sesterhenn discovered that the HFS and ext4
filesystems did not correctly check certain disk structures. If a user
were tricked into mounting a specially crafted filesystem, a remote
attacker could crash the system or gain root privileges. (CVE-2009-4020,
CVE-2009-4308)

It was discovered that FUSE did not correctly check certain requests.
A local attacker with access to FUSE mounts could exploit this to
crash the system or possibly gain root privileges. Ubuntu 9.10 was not
affected. (CVE-2009-4021)

It was discovered that KVM did not correctly decode certain guest
instructions. A local attacker in a guest could exploit this to
trigger high scheduling latency in the host, leading to a denial of
service. Ubuntu 6.06 was not affected. (CVE-2009-4031)

It was discovered that the OHCI fireware driver did not correctly
handle certain ioctls. A local attacker could exploit this to crash
the system, or possibly gain root privileges. Ubuntu 6.06 was not
affected. (CVE-2009-4138)

Tavis Orm
[...]

Solution :

Upgrade to :
- linux-doc-2.6.31-19.56 (Ubuntu 9.10)
- linux-doc-2.6.15-2.6.15-55.82 (Ubuntu 6.06)
- linux-doc-2.6.24-2.6.24-27.65 (Ubuntu 8.04)
- linux-doc-2.6.27-2.6.27-17.45 (Ubuntu 8.10)
- linux-doc-2.6.28-2.6.28-18.59 (Ubuntu 9.04)
- linux-ec2-doc-2.6.31-304.10 (Ubuntu 9.10)
- linux-ec2-source-2.6.31-2.6.31-304.10 (Ubuntu 9.10)
- linux-headers-2.6.15-55-2.6.15-55.82 (Ubuntu 6.06)
- linux-headers-2.6.15-55-386-2.6.15-55.82 (Ubuntu 6.06)
- linux-headers-2.6.15-55-686-2.6.15-55.82 (Ubuntu 6.06)
- linux-h
[...]

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

SuSE Security Update: Security update for Linux kernel (kernel-6806):
Synopsis :

The remote SuSE system is missing the security patch kernel-6806

Description :

This update fixes a several security issues and various bugs in the SUSE Linux
Enterprise 10 SP 2 kernel.

The following security issues were fixed:

CVE-2009-3556: Two sysfs filers in the qla2xxx driver were worldwriteable,
so users could change SCSI attributes of the qla2xxx driver.
CVE-2009-4536: drivers/net/e1000/e1000_main.c in the e1000 driver in the
Linux kernel handles Ethernet frames that exceed the MTU by processing
certain trailing payload data as if it were a complete frame, which
allows remote attackers to bypass packet filters via a large packet with
a crafted payload.

(The e1000e driver is not included in the SLES 10 SP2 kernel, so CVE-2009-4538
does not affect this kernel.)

Solution :

Install the security patch kernel-6806

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Solaris Unbundled (sparc) : 138195-03:
Synopsis :

The remote host is missing Sun Security Patch number 138195-03

Description :

Service Tags 1.0: patch for Solaris 10.
Date this patch was last updated by Sun : Feb/04/10

See also :

http://sunsolve.sun.com/search/document.do?assetkey=1-21-138195-03-1

Solution :

You should install this patch for your system to be up-to-date.

Risk factor :

High

MDVSA-2010:032: rootcerts:
Synopsis :

The remote host is missing the patch for the advisory MDVSA-2010:032 (rootcerts).

Description :

It was brought to our attention by Ludwig Nussel at SUSE the md5
collision certificate should not be included. This update removes
the offending certificate.
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The mozilla nss library has consequently been rebuilt to pickup these
changes and are also being provided.

See also :

http://wwwnew.mandriva.com/security/advisories?name=MDVSA-2010:032

Solution :

Apply the newest security patches from Mandriva.

Risk factor :

High

CentOS : RHSA-2010-0076:
Synopsis :

The remote host is missing a security update.

Description :

The remote CentOS system is missing a security update which has been
documented in Red Hat advisory RHSA-2010-0076.

See also :

https://rhn.redhat.com/errata/RHSA-2010-0076.html

Solution :

Upgrade to the newest packages by doing :

yum update

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

IBM Tivoli Monitoring Service Console Detection:
Synopsis :

A system monitoring console was detected on the remote web server.

Description :

Tivoli Monitoring Service Console, a web interface for running system
diagnostics, is hosted on the remote web server. This software is
included with some IBM products, such as DB2.

See also :

http://www.ibm.com/software/tivoli/products/monitor/

Solution :

n/a

Risk factor :

None

OCS Inventory NG Server Administration Console header.php login Parameter SQL Injection:
Synopsis :

The remote web server is hosting a PHP application that is vulnerable
to a SQL-injection attack.

Description :

The version of the OCS Inventory NG Server Administration Console
hosted on the remote web server fails to properly sanitize user
supplied input to the 'login' parameter of the 'header.php' script.

Provided PHP's 'magic_quotes_gpc' setting is disabled, an attacker can
exploit this to bypass authentication and thereby gain access to the
administrative interface.

See also :

http://www.securityfocus.com/archive/1/509252/30/0/threaded
http://forums.ocsinventory-ng.org/viewtopic.php?id=5609

Solution :

Upgrade to OCS Inventory NG Management Server version 1.3beta4 /
1.02.2 or later as those versions have been determined to address the
vulnerability.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

OCS Inventory NG Server Administration Console Detection:
Synopsis :

The remote web server is hosting an asset management application
written in PHP.

Description :

The remote web server is hosting the OCS Inventory NG Server
Administration console, a PHP application for managing computing
assets.

See also :

http://www.ocsinventory-ng.org/

Solution :

n/a

Risk factor :

None

Linksys Router Detection:
Synopsis :

The remote device is a Linksys router.

Description :

The remote device is a Linksys router. These devices route packets
and may provide port forwarding, DMZ configuration and other
networking services.

See also :

http://www.linksysbycisco.com/

Solution :

Ensure that use of this device agrees with your organization's
acceptable use and security policies.

Risk factor :

None

FreeBSD : apache -- Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long) (5219):
Synopsis :

The remote host is missing a security update

Description :

The following package needs to be updated: apache+ipv6

See also :

http://security-tracker.debian.org/tracker/CVE-2010-0010
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0010
http://www.security-database.com/detail.php?alert=CVE-2010-0010
http://www.vupen.com/english/Reference-CVE-2010-0010.php
http://www.FreeBSD.org/ports/portaudit/cae01d7b-110d-11df-955a-00219b0fc4d8.html

Solution :

Update the package on the remote host

Risk factor :

High

SuSE Security Update: fuse (2010-01-26):
Synopsis :

The remote SuSE system is missing a security patch for fuse

Description :

A race condition in fusermount allowed users to umount any filesystem (CVE-2009-3297). This has been fixed.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=550003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3297

Solution :

Run yast to install the security patch for fuse

Risk factor :

High

Solaris 10 (x86) : 140160-02:
Synopsis :

The remote host is missing Sun Security Patch number 140160-02

Description :

SunOS 5.10_x86: rsh/rlogin/rcp/rdist patch.
Date this patch was last updated by Sun : Feb/02/10

See also :

http://sunsolve.sun.com/search/document.do?assetkey=1-21-140160-02-1

Solution :

You should install this patch for your system to be up-to-date.

Risk factor :

High

Solaris 10 (sparc) : 140159-02:
Synopsis :

The remote host is missing Sun Security Patch number 140159-02

Description :

SunOS 5.10: rsh/rlogin/rcp/rdist patch.
Date this patch was last updated by Sun : Feb/02/10

See also :

http://sunsolve.sun.com/search/document.do?assetkey=1-21-140159-02-1

Solution :

You should install this patch for your system to be up-to-date.

Risk factor :

High

RHSA-2010-0076: kernel:
Synopsis :

The remote host is missing the patch for the advisory RHSA-2010-0076

Description :

Updated kernel packages that fix multiple security issues and three bugs
are now available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* an array index error was found in the gdth driver in the Linux kernel. A
local user could send a specially-crafted IOCTL request that would cause a
denial of service or, possibly, privilege escalation. (CVE-2009-3080,
Important)

* a flaw was found in the collect_rx_frame() function in the HiSax ISDN
driver (hfc_usb) in the Linux kernel. An attacker could use this flaw to
send a specially-crafted HDLC packet that could trigger a buffer out of
bounds, possibly resulting in a denial of service. (CVE-2009-4005,
Important)

* permission issues were found in the megaraid_sas driver (for SAS based
RAID controllers) in the Linux kernel. The "dbg_lvl" and "poll_mode_io"
files on the sysfs file system ("/sys/") had world-writable permissions.
This could allow local, unprivileged users to change the behavior of the
driver. (CVE-2009-3889, CVE-2009-3939, Moderate)

* a buffer overflow flaw was found in the hfs_bnode_read() function in the
HFS file system implementation in the Linux kernel. This could lead to a
denial of service if a user browsed a specially-crafted HFS file system,
for example, by running "ls". (CVE-2009-4020, Low)

This update also fixes the following bugs:

* if a process was using ptrace() to trace a multi-threaded process, and
that multi-threaded process dumped its core, the process performing the
trace could hang in wait4(). This issue could be triggered by running
"strace -f" on a multi-threaded process that was dumping its core,
resulting in the strace command hanging. (BZ#555869)

* a bug in the ptrace() implementation could have, in some cases, caused
ptrace_detach() to create a zombie process if the process being traced
was terminated with a SIGKILL signal. (BZ#555869)

* the RHSA-2010:0020 update resolved an issue (CVE-2009-4537) in the
Realtek r8169 Ethernet driver. This update implements a better solution for
that issue. Note: This is not a security regression. The original fix was
complete. This update is adding the official upstream fix. (BZ#556406)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

See also :

http://rhn.redhat.com/errata/RHSA-2010-0076.html

Solution :

Get the newest RedHat Updates.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

MDVSA-2010:031: wireshark:
Synopsis :

The remote host is missing the patch for the advisory MDVSA-2010:031 (wireshark).

Description :

This advisory updates Wireshark to the version 1.0.11, which fixes
the following vulnerabilities:
The SMB and SMB2 dissectors could crash (CVE-2009-4377).
The Infiniband dissector could crash on some platforms (CVE-2009-2563).
Several buffer overflows were discovered and fixed in the LWRES
dissector.

See also :

http://wwwnew.mandriva.com/security/advisories?name=MDVSA-2010:031

Solution :

Apply the newest security patches from Mandriva.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)

Squid < 3.0.STABLE23 / 3.1.0.16:
Synopsis :

The remote proxy server is prone to a denial of service attack.

Description :

According to its banner, the version of the Squid proxy caching
server installed on the remote host is 2.x or older than 3.0.STABLE23
/ 3.1.0.16. Such versions reportedly fail to correctly validate DNS
packets, which can be abused by a remote attack to cause a short-term
denial of service.

Note that Nessus has relied only on the version in the proxy server's
banner, which is not updated by either of the patches the project has
released to address this issue. If the one of those has been applied
properly and the service restarted, consider this to be a false
positive.

See also :

http://www.squid-cache.org/Advisories/SQUID-2010_1.txt
http://www.nessus.org/u?9140f7e2
http://www.nessus.org/u?1e06892d
http://www.squid-cache.org/Versions/v2/HEAD/changesets/12597.patch

Solution :

Either upgrade to Squid version 3.0.STABLE23 / 3.1.0.16 or later or
apply the appropriate patch referenced in the project's advisory
above.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

MoinMoin 'sys.argv' Information Disclosure:
Synopsis :

A wiki application on the remote web server has an information
disclosure vulnerability.

Description :

The version of MoinMoin running on the remote host has an information
disclosure vulnerability. Using a specially crafted request, an
unauthenticated remote attacker can specify the directory that the
application uses for its static pages and read arbitrary files from
that directory, subject to the privileges under which the application
runs.

Note that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI'
setting to be enabled.

See also :

http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18
http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2
http://moinmo.in/SecurityFixes

Solution :

Upgrade to MoinMoin 1.9.1 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)

MoinMoin Detection:
Synopsis :

The remote web server is hosting a wiki written in Python.

Description :

The remote host is running MoinMoin, a wiki written in Python.

See also :

http://www.moinmo.in/

Solution :

n/a

Risk factor :

None

SuSE Security Update: Security update for Mozilla XULrunner (mozilla-xulrunner190-6772):
Synopsis :

The remote SuSE system is missing the security patch mozilla-xulrunner190-6772

Description :

Mozilla XULrunner was upgraded to 1.9.0.17 fixing some bugs and regressions.

The following security bug has been fixed:

CVE-2010-0220: The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox before 3.5.7 allows remote attackers to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory alert dialog, and also triggers attempted removal of an observer from an empty observers array.

Solution :

Install the security patch mozilla-xulrunner190-6772

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

SuSE Security Update: Security update for Mozilla Firefox (MozillaFirefox-6771):
Synopsis :

The remote SuSE system is missing the security patch MozillaFirefox-6771

Description :

Mozilla Firefox was upgraded to 3.5.7 fixing some bugs and regressions.

The following security bug has been fixed:

CVE-2010-0220: The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox before 3.5.7 allows remote attackers to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory alert dialog, and also triggers attempted removal of an observer from an empty observers array.

Solution :

Install the security patch MozillaFirefox-6771

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

SuSE Security Update: mozilla-xulrunner190 (2010-01-11):
Synopsis :

The remote SuSE system is missing a security patch for mozilla-xulrunner190

Description :

Mozilla XULrunner was upgraded to 1.9.0.17 fixing some bugs and regressions.

The following security bug has been fixed:

CVE-2010-0220: The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox before 3.5.7 allows remote attackers to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory alert dialog, and also triggers attempted removal of an observer from an empty observers array.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=568011

Solution :

Run yast to install the security patch for mozilla-xulrunner190

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

SuSE Security Update: avahi (2010-01-19):
Synopsis :

The remote SuSE system is missing a security patch for avahi

Description :

The avahi-daemon reflector could cause packet storms when reflecting legacy unicast mDNS traffic (CVE-2009-0758). This has been fixed.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=480865
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0758

Solution :

Run yast to install the security patch for avahi

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

SuSE Security Update: acl (2010-01-15):
Synopsis :

The remote SuSE system is missing a security patch for acl

Description :

The setfacl tool followed symbolic links in recursive (-R) mode even if the --physical (-P) option was specified (CVE-2009-4411). This has been fixed.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=567090
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4411

Solution :

Run yast to install the security patch for acl

Risk factor :

Low / CVSS Base Score : 3.7
(CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P)

SuSE Security Update: NetworkManager-gnome (2010-01-28):
Synopsis :

The remote SuSE system is missing a security patch for NetworkManager-gnome

Description :

The following bugs have been fixed:

nm-applet connected to WPA2 Enterprise networks even if the specified CA certificate file didn't exist (CVE-2009-4144).
When editing connections in nm-applet the connection object was exported via DBus disclosing potentially sensitive information to local users (CVE-2009-4145).

See also :

https://bugzilla.novell.com/show_bug.cgi?id=565549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4145

Solution :

Run yast to install the security patch for NetworkManager-gnome

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

SuSE Security Update: MozillaFirefox (2010-01-11):
Synopsis :

The remote SuSE system is missing a security patch for MozillaFirefox

Description :

Mozilla Firefox was upgraded to 3.5.7 fixing some bugs and regressions.

The following security bug has been fixed:

CVE-2010-0220: The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox before 3.5.7 allows remote attackers to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory alert dialog, and also triggers attempted removal of an observer from an empty observers array.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=568011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0220

Solution :

Run yast to install the security patch for MozillaFirefox

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

SuSE 11.2 Security Update: virtualbox-ose (2010-01-21):
Synopsis :

The remote SuSE system is missing a security patch for virtualbox-ose

Description :

This update of virtualbox-ose fixes a memory consumption
bug in the kernel code that can be used to allocate almost
all physical memory. CVE-2009-3940: CVSS v2 Base Score: 2.1
(LOW) (AV:L/AC:L/Au:N/C:N/I:N/A:P)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=556031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3940

Solution :

Run yast to install the security patch for virtualbox-ose

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P)

SuSE 11.2 Security Update: libthai (2010-01-15):
Synopsis :

The remote SuSE system is missing a security patch for libthai

Description :

very long strings could lead to a heap buffer overflow in
libthai

See also :

https://bugzilla.novell.com/show_bug.cgi?id=569615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4012

Solution :

Run yast to install the security patch for libthai

Risk factor :

High

SuSE 11.2 Security Update: NetworkManager-gnome (2010-01-26):
Synopsis :

The remote SuSE system is missing a security patch for NetworkManager-gnome

Description :

nm-applet connected to WPA2 Enterprise networks even if the
specified CA certificate file didn't exist (CVE-2009-4144).

When editing connections in nm-applet the connection object
was exported via DBus disclosing potentially sensitive
information to local users (CVE-2009-4145).

See also :

https://bugzilla.novell.com/show_bug.cgi?id=565549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4145

Solution :

Run yast to install the security patch for NetworkManager-gnome

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

SuSE 11.2 Security Update: MozillaFirefox (2010-01-11):
Synopsis :

The remote SuSE system is missing a security patch for MozillaFirefox

Description :

Mozilla Firefox was upgraded to 3.5.7 fixing some bugs and
regressions.

CVE-2010-0220: The nsObserverList::FillObserverArray
function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox
before 3.5.7 allows remote attackers to cause a denial of
service (application crash) via a crafted web site that
triggers memory consumption and an accompanying Low Memory
alert dialog, and also triggers attempted removal of an
observer from an empty observers array.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=568011

Solution :

Run yast to install the security patch for MozillaFirefox

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

SuSE 11.1 Security Update: virtualbox-ose (2010-01-26):
Synopsis :

The remote SuSE system is missing a security patch for virtualbox-ose

Description :

This update of virtualbox-ose fixes a memory consumption
bug in the kernel code that can be used to allocate almost
all physical memory. CVE-2009-3940: CVSS v2 Base Score: 2.1
(LOW) (AV:L/AC:L/Au:N/C:N/I:N/A:P)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=556031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3940

Solution :

Run yast to install the security patch for virtualbox-ose

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P)

SuSE 11.1 Security Update: libthai (2010-01-15):
Synopsis :

The remote SuSE system is missing a security patch for libthai

Description :

very long strings could lead to a heap buffer overflow in
libthai

See also :

https://bugzilla.novell.com/show_bug.cgi?id=569615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4012

Solution :

Run yast to install the security patch for libthai

Risk factor :

High

SuSE 11.1 Security Update: avahi (2010-01-19):
Synopsis :

The remote SuSE system is missing a security patch for avahi

Description :

The avahi-daemon reflector could cause packet storms when
reflecting legacy unicast mDNS traffic (CVE-2009-0758).

See also :

https://bugzilla.novell.com/show_bug.cgi?id=480865
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0758

Solution :

Run yast to install the security patch for avahi

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

This is the web site for the Nessus Vulnerability Scanner from Tenable Network Security. If you are looking for the probabilistic analysis software from Southwest Research Institute, please visit www.nessus.swri.org