[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.mitre.oval:def:11428
Fedora 7 is installed

oval:org.mitre.oval:def:11657
Fedora 4 is installed

oval:org.mitre.oval:def:11850
Fedora 2 is installed

oval:org.mitre.oval:def:11928
Fedora 5 is installed

oval:org.mitre.oval:def:12097
Fedora 6 is installed

oval:org.mitre.oval:def:12101
Fedora 3 is installed

oval:org.secpod.oval:def:1000310
The host is missing a patch 113031-04 containing security fixes.

oval:org.secpod.oval:def:100599
This tool kit is used to measure battery life and performance under different workloads on Linux. Test can be used with various workloads to simulate different types of laptop usage. The following workloads are currently implemented: a

oval:org.secpod.oval:def:101829
Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is a multithreaded server which handles connections from the Prelude sensors. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format ...

oval:org.secpod.oval:def:301524
A race condition was preventing dbus from starting correctly when user authentication was network based . This could prevent other desktop functions from working properly, such as device automounting. This update provides updated dbus and initscript packages that fix this issue. Both packages must b ...

oval:org.secpod.oval:def:301525
This update introduces a new mandriva-release-Mini package to be used for the Mandriva Mini flavor of the Mandriva Linux distribution.

oval:org.secpod.oval:def:301527
An incorrect memory deallocation was causing a crash when the GNOME display manager was exiting. This package update fixes this issue and includes additional bug fixes and translation updates.

oval:org.secpod.oval:def:400004
openSUSE 10.3 is installed

oval:org.secpod.oval:def:100311
The iputils package contains basic utilities for monitoring a network, including ping. The ping command sends a series of ICMP protocol ECHO_REQUEST packets to a specified network host to discover whether the target machine is alive and receiving network traffic.

oval:org.secpod.oval:def:1000099
The remote host is missing a patch 125719-42 containing a security fix. For more information please visit the reference link.

oval:gov.nist.usgcb.rhel:def:20106
The SELinux state should be set appropriately.

oval:gov.nist.usgcb.rhel:def:20068
Login access to non-root system accounts should be disabled

oval:gov.nist.usgcb.rhel:def:20341
The squid service should be disabled.

oval:gov.nist.usgcb.rhel:def:20085
The PATH variable should be set correctly for user root

oval:gov.nist.usgcb.rhel:def:200155
>Verify the integrity of installed packages by comparing the installed ���les with information about the ���les taken from the package metadata stored in the RPM database.

oval:gov.nist.usgcb.rhel:def:144120
Add nodev Option to /tmp Partition

oval:org.secpod.oval:def:300149
A vulnerability in the GNU C library was discovered which could escalate the privilegies for local users . Packages for 2009.0 are provided as of the Extended Maintenance Program

oval:org.secpod.oval:def:100459
D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.

oval:org.secpod.oval:def:4432
The host is missing a critical security update according to Adobe advisory, APSB11-22. The update is required to fix a denial of service vulnerability. A flaw is present in the application which fails to properly handle a crafted GIF file. Successful exploitation allows remote attackers to execute a ...

oval:org.secpod.oval:def:8139
Splunk is installed

oval:org.secpod.oval:def:4182
The host is installed with Novell iPrint client before 5.78 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted client-file-name parameter in a printer-url. Successful exploitation allows remote attackers to execute ...

oval:org.secpod.oval:def:2278
IBM Informix Dynamic Server is installed on Linux

oval:gov.nist.usgcb.xp:def:6680
Turn Off Internet File Association Service

oval:org.secpod.oval:def:4170
The host is installed with Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd2 and is prone to absolute path traversal vulnerability. A flaw is present in the application, which fails to properly handle ActiveX control in almaxcx.dll in the graphical user interface. Successful exploita ...

oval:org.secpod.oval:def:7517
CA License software is installed

oval:org.secpod.oval:def:1700
The host is installed with IBM Tivoli Storage Manager before 5.4.3.4 or 5.5.x before 5.5.3 or 6.x before 6.1.4 or 6.2.x before 6.2.2 and is prone to buffer overflow vulnerability. A flaw is present in the application which fails to handle Alternate Data Stream (aka ADS or named stream) functionality ...

oval:org.secpod.oval:def:202448
D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could ...

oval:org.secpod.oval:def:200472
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in the way large amounts of memory were allocated on 64-bit systems when using the BigDecimal class. A context-dependent attacker could u ...

oval:org.secpod.oval:def:4004
The host is installed with Oracle MySQL 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial availability impact. Successful exploitation allows remote attackers to cause a denial of service.

oval:gov.nist.usgcb.xp:def:140
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/netsh.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:243
This definition verifies that the Guest account is enabled/disabled based on the policy defined by the user.

oval:gov.nist.usgcb.vista:def:8008
Auditing of "Detailed Tracking: Process Creation" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:7704
This setting requires users password to have certain minimum number of characters

oval:org.secpod.oval:def:301237
Sebastian Krahmer of SUSE discovered that rsync could overflow when handling ACLs. An attakcer could construct a malicious set of files that, when processed, could lead to arbitrary code execution or a crash . The updated packages have been patched to correct this issue.

oval:org.secpod.oval:def:101676
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple "virtual" FTP servers, anonymous FTP, and permission-based direc ...

oval:org.secpod.oval:def:100458
Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis-1.1.8 Whe ...

oval:org.secpod.oval:def:1386
The host is installed with Apache Archiva and is prone to multiple cross-site request forgery (CSRF) vulnerabilities. The flaws are present in the application which is caused by improper validation of user-supplied input. Successful exploitation allows remote attacker to perform certain administrati ...

oval:org.secpod.oval:def:302899
Multiple vulnerabilities has been discovered and corrected in util-linux: mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a proce ...

oval:org.secpod.oval:def:103691
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage.

oval:org.secpod.oval:def:6195
The host is installed with RealPlayer before 15.0.4.53 or RealPlayer SP 1.0 through 1.1.5 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly parse ASMRuleBook data in RealMedia files. Successful exploitation allows remote attackers to e ...

oval:org.secpod.oval:def:500867
OpenLDAP is an open source suite of LDAP applications and development tools. It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport ...

oval:org.secpod.oval:def:7942
The host is installed with Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, or 7.x before 7.0.30 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to properly check for stale nonce values in conjunction with enforcement of proper credentials in the ...

oval:org.secpod.oval:def:102407
An easy-to-use telnet client mainly targets BBS users. PCMan X is a newly developed GPL"d version of PCMan, a full-featured famous BBS client formerly designed for MS Windows only. It aimed to be an easy-to-use yet full-featured telnet client facilitating BBS browsing with the ability to process dou ...

oval:org.secpod.oval:def:200473
SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey creates temporary file names for downloaded files. If a local attacker knows the name of a file SeaMonkey is going to download, they can replace the contents o ...

oval:org.secpod.oval:def:1100040
The host is missing a patch containing a security fixes, which affects the following package(s): bos.net.nfs.client.

oval:org.secpod.oval:def:500662
SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileg ...

oval:org.secpod.oval:def:300288
Multiple vulnerabilities has been discovered and corrected in Safe.pm which could lead to escalated privilegies . The updated packages have been patched to correct these issues.

oval:org.secpod.oval:def:400024
Various security issues have been found in the Mozilla suite, and the various browsers have been updated to fix these issues. Mozilla Firefox was brought to the 3.5.11 security release. Mozilla Firefox on openSUSE 11.3 was brought to the 3.6.8 security release. Mozilla Thunderbird was brought to the ...

oval:org.secpod.oval:def:400040
Specially crafted PDF documents could crash acroread or lead to execution of arbitrary code. acroread was updated to version 9.4.1 which addresses the issues.

oval:org.secpod.oval:def:2271
The host is missing an Important security update according to Microsoft security bulletin, MS11-074. The update is required to fix cross-site-scripting and information disclosure vulnerabilities. A flaw is present in the applications, which fails to properly validate inputs. Successful exploitation ...

oval:org.secpod.oval:def:1190
The host is installed with Microsoft Office Excel 2002 and is prone to remote code execution vulnerability. A flaw is present in the application, where it is not able to handle special crafted excel files. Successful exploitation allows remote attacker to take complete control of the affected system ...

oval:org.secpod.oval:def:400005
Mozilla Firefox and Thunderbird were updated to fix several security issues: * CVE-2011-2365 Miscellaneous memory safety hazards * CVE-2011-2373 Use-after-free vulnerability when viewing XUL document with script disabled * CVE-2011-2377 Memory corruption due to multipart/x-mixed-replace images * CVE ...

oval:org.secpod.oval:def:2351
The host is installed with Opera before 11.51 and is prone to unspecified vulnerability. A flaw is present in the application which is caused due to some unspecified error. Successful exploitation allows attackers to cause unknown impacts.

oval:org.secpod.oval:def:3718
The host is installed with Microsoft Windows and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the SSL and TLS protocols when Cipher-block chaining (CBC) mode of operation is used. Successful exploitation allows attackers ...

oval:org.secpod.oval:def:3719
The host is missing an important security update according to Microsoft bulletin MS12-006. The update is required to fix information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the SSL and TLS protocols when Cipher-block chaining (CBC) mode of ...

oval:org.secpod.oval:def:1100050
The host is missing a patch containing a security fixes, which affects the following package(s): perl.rte.

oval:org.secpod.oval:def:3197
The host is installed with Mozilla Firefox before 3.6.24 or 4.x through 7.0 or Thunderbird before 3.1.6 or 5.0 through 7.0 and is prone to denial of service vulnerability. A flaw is present in the applications, which fail to properly handle JavaScript files that contain many functions. Successful ex ...

oval:org.secpod.oval:def:3499
The host is installed with Winamp before 5.623 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fail to handle an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk. Successful exploitation cou ...

oval:org.secpod.oval:def:103499
Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add ...

oval:org.secpod.oval:def:4144
The host is missing an important security update according to Microsoft security bulletin, MS12-011. The update is required to fix elevation of privilege or information disclosure vulnerabilities. The flaws are present due to improper handling of URL containing malicious JavaScript elements. Success ...

oval:org.secpod.oval:def:5103
The host is missing a critical security update according to Microsoft bulletin, MS12-024. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate the digest of a signed portable executable (PE) file. Successful explo ...

oval:org.secpod.oval:def:7538
The host is installed with Oracle Java SE 7 Update 7 or earlier or 6 Update 35 or earlier and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to deployment. Successful exploitation allows attackers to affect confidentiality, integrit ...

oval:org.secpod.oval:def:7539
The host is installed with Oracle Java SE 7 Update 7 or earlier or 6 Update 35 or earlier and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to deployment. Successful exploitation allows attackers to affect confidentiality, integrit ...

oval:org.secpod.oval:def:6378
The host is missing an important security update according to Microsoft bulletin, MS12-050. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle crafted URLs. Successful exploitation results in elevation of privilege or information d ...

oval:org.secpod.oval:def:7319
The host is missing an important security update according to Microsoft security bulletin, MS12-066. The update is required to fix elevation of privilege vulnerability. A flaw is present in the applications, which fail to properly validate the HTML strings. Successful exploitation allows attackers t ...

oval:org.secpod.oval:def:7987
The host is installed with Apache Tomcat 6.x before 6.0.36 or 7.x before 7.0.28 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly restrict the request-header size. Successful exploitation allows remote attackers to cause a denial of servic ...

oval:org.secpod.oval:def:6787
The host is installed with Google Chrome before 21.0.1180.89 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:7059
The host is installed with Google Chrome before 22.0.1229.79 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors related to plug-in. Successful exploitation allows remote attackers to cause a denial of service or possibly have un ...

oval:org.secpod.oval:def:7060
The host is installed with Google Chrome before 22.0.1229.79 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle DOM topology. Successful exploitation allows remote attackers to cause a denial of service (DOM topology corruption).

oval:org.secpod.oval:def:7069
The host is installed with Google Chrome before 22.0.1229.79 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors involving SVG text references. Successful exploitation allows remote attackers to cause a denial of service or possi ...

oval:org.secpod.oval:def:7055
The host is missing a security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation allows attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:7541
The host is installed with Oracle Java SE 7 Update 7 or earlier or 6 Update 35 or earlier and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to deployment. Successful exploitation allows attackers to affect confidentiality, integrit ...

oval:org.secpod.oval:def:7542
The host is installed with Oracle Java SE 7 Update 7 or earlier, 6 Update 35 or earlier, 5.0 Update 36 or earlier or 1.4.2_38 or earlier and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Libraries. Successful exploitation allows ...

oval:org.secpod.oval:def:7540
The host is installed with Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 or earlier, 6 Update 35 or earlier or 5.0 Update 36 or earlier and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JMX. Successful ex ...

oval:org.secpod.oval:def:8029
The host is missing a security update according to MFSA 2012-96. The update is required to fix denial of service vulnerability. A flaw is present in the applications, which fails to handle the str_unescape function in the JavaScript engine. Successful exploitation allows remote attackers to execute ...

oval:org.secpod.oval:def:8021
The host is missing a security update according to MFSA 2012-101. The update is required to fix cross-site scripting (XSS) vulnerability. A flaw is present in the applications, which fail to properly handle a ~ (tilde) character in proximity to a chunk delimiter. Successful exploitation allows remot ...

oval:org.secpod.oval:def:8018
The host is missing a critical security update according to MFSA 2012-104. The update is required to fix arbitrary code execution vulnerability. A flaw is present in the applications, which fail to properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences. Success ...

oval:org.secpod.oval:def:8019
The host is missing a security update according to MFSA 2012-103. The update is required to fix cross-site scripting (XSS) vulnerability. A flaw is present in the applications, which fail to prevent use of a "top" frame name-attribute value to access the location property. Successful exploitation al ...

oval:org.secpod.oval:def:8010
The host is installed with Mozilla Firefox before 17.0, Thunderbird before 17.0 or SeaMonkey before 2.14 and is prone to security bypass vulnerability. A flaw is present in the applications, which fail to consider the compartment during property filtering. Successful exploitation allows remote attac ...

oval:org.secpod.oval:def:7543
The host is installed with Oracle Java SE 7 Update 7 or earlier or 6 Update 35 or earlier and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Hotspot. Successful exploitation allows attackers to affect confidentiality and integrit ...

oval:org.secpod.oval:def:7545
The host is installed with Oracle Java SE 7 Update 7 or earlier, 6 Update 35 or earlier or 5.0 Update 36 or earlier and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Concurrency. Successful exploitation allows remote attackers t ...

oval:org.secpod.oval:def:7546
The host is installed with Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 or earlier, 6 Update 35 or earlier or 5.0 Update 36 or earlier and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JMX. Successful ex ...

oval:org.secpod.oval:def:7544
The host is installed with Oracle Java SE 7 Update 7 or earlier, 6 Update 35 or earlier and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Libraries. Successful exploitation allows remote attackers to affect confidentiality, inte ...

oval:org.secpod.oval:def:7359
The host is installed with Google Chrome before 22.0.1229.94 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to properly handle SVG implementation in WebKit. Successful exploitation allows attackers to execute arbitrary code via unspecified vectors.

oval:org.secpod.oval:def:7362
The host is installed with Google Chrome before 22.0.1229.94 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to properly handle SVG implementation in WebKit. Successful exploitation allows attackers to execute arbitrary code via unspecified vectors.

oval:org.secpod.oval:def:8027
The host is missing a security update according to MFSA 2012-94. The update is required to fix denial of service vulnerability. A flaw is present in the applications, which fail to handle the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text. Successful exploitation all ...

oval:org.secpod.oval:def:8020
The host is missing a security update according to MFSA 2012-102. The update is required to fix cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle crafted string. Successful exploitation allows remote attackers to conduct cross-site scripting (XSS) ...

oval:org.secpod.oval:def:8033
The host is missing a security update according to MFSA 2012-106. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain function calls and crafted data. Successful exploitation allows remote attackers to execute arbitrary code ...

oval:org.secpod.oval:def:8023
The host is missing a security update according to MFSA 2012-100. The update is required to fix cross-site scripting (XSS) vulnerability. A flaw is present in the applications, which does not properly restrict write actions. Successful exploitation allows remote attackers to conduct cross-site scrip ...

oval:org.secpod.oval:def:8024
The host is missing a security update according to MFSA 2012-91. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handle memory. Successful exploitation allows remote attackers to cause a denial of service (memory c ...

oval:org.secpod.oval:def:8030
The host is missing a security update according to MFSA 2012-97. The update is required to fix cross-site request forgery (CSRF) vulnerability. A flaw is present in the applications, which assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes. ...

oval:org.secpod.oval:def:8034
The host is missing a security update according to MFSA 2012-105. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain vectors. Successful exploitation allows remote attackers to execute arbitrary code.

oval:org.secpod.oval:def:301274
The default behaviour of autofs 5 for the hosts map did not specify the nosuid and nodev mount options. This could allow a local user with control of a remote NFS server to create a setuid root executable on the exported filesystem of the remote NFS server. If this filesystem was mounted with the de ...

oval:org.secpod.oval:def:400042
Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues. On openSUSE 11.0 and 11.1 Mozilla Firefox was updated to version 3.0.18. On openSUSE 11.2 Mozilla Seamonkey was updated to version 2.0.2. Following security issues have been fixed: CVE-2010-0159: Mozilla develope ...

oval:org.mitre.oval:def:968
Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary code via a specially-crafted database query.

oval:org.mitre.oval:def:1795
Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers ...

oval:org.mitre.oval:def:591
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.

oval:org.secpod.oval:def:500572
GNOME VFS is the GNOME virtual file system. It provides a modular architecture and ships with several modules that implement support for various local and remote file systems as well as numerous protocols, including HTTP, FTP, and others. A buffer overflow flaw was discovered in the GNOME virtual fi ...

oval:gov.nist.usgcb.windowsseven:def:231
Turns off data sharing from the handwriting recognition personalization tool. The handwriting recognition personalization tool tool enables Tablet PC users to adapt handwriting recognition to their own writing style by providing writing samples. The tool can optionally share user writing samples wi ...

oval:org.secpod.oval:def:6100
The host is missing a critical security update according to Microsoft security bulletin, MS11-078. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle inheritance restrictions. Successful exploitation could allow a ...

oval:org.secpod.oval:def:1956
The host is installed with Apache CouchDB 0.8.0 through 1.0.1 and is prone to multiple cross site scripting vulnerabilities. Multiple flaws are present in the application, which fail to validate user supplied input. Successful exploitation could allow an attacker to inject arbitrary code.

oval:org.secpod.oval:def:701074
python-keyring: store and access your passwords safely Several security issues were fixed in Python Keyring.

oval:org.secpod.oval:def:700984
keystone: OpenStack identity service Two security issues were fixed in OpenStack Keystone.

oval:org.secpod.oval:def:600445
Dan Kaminsky and Moxie Marlinspike discovered that kdelibs, core libraries from the official KDE release, does not properly handle a "\0" character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers ...

oval:org.secpod.oval:def:700703
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:6364
For a sample of system components, obtain and inspect system configuration settings to verify that password parameters are set to require passwords to be at least seven characters long. For service providers only, review internal processes and customer/user documentation to verify that tha ...

oval:org.secpod.oval:def:5043
Verify the target machine is installed with McAfee VirusScan.

oval:org.secpod.oval:def:7684
For a sample of system components, examine password files to verify that passwords are unreadable during transmission and storage. For service providers only, observe password files to verify that customer passwords are encrypted.

oval:gov.nist.usgcb.windowsseven:def:51
This security setting determines if the Guest account is enabled or disabled. Default: Disabled. Note: If the Guest account is disabled and the security option Network Access: Sharing and Security Model for local accounts is set to Guest Only, network logons, such as those performed by the Microso ...

oval:gov.nist.usgcb.windowsseven:def:54
This security setting determines whether a different account name is associated with the security identifier (SID) for the account "Guest." Renaming the well-known Guest account makes it slightly more difficult for unauthorized persons to guess this user name and password combination. Def ...

oval:gov.nist.usgcb.vista:def:6630
The "Deny access to this computer from the network (SeDenyNetworkLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6612
The "Adjust memory quotas for a process (SeIncreaseQuotaPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.xp:def:23
This definition verifies that locked accounts remains locked for the defined number of minutes before they are automatically unlocked.

oval:org.secpod.oval:def:5034
Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server. (For example, web servers, database servers, and DNS should be implemented on separate servers.)

oval:org.secpod.oval:def:600306
A design flaw has been found in the TLS and SSL protocol that allows an attacker to inject arbitrary content at the beginning of a TLS/SSL connection. The attack is related to the way how TLS and SSL handle session renegotiations. CVE-2009-3555 has been assigned to this vulnerability. As a partial m ...

oval:org.secpod.oval:def:600240
Several vulnerabilities have been discovered in Asterisk, an Open Source PBX and telephony toolkit. CVE-2011-1147 Matthew Nicholson discovered that incorrect handling of UDPTL packets may lead to denial of service of the execution of arbitrary code. CVE-2011-1174 Blake Cornell discovered that incorr ...

oval:org.secpod.oval:def:700319
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user"s session. The flaw is with TLS renegotiation and potentia ...

oval:org.secpod.oval:def:2184
The host is installed with Wireshark 1.6.1 and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to validate the IKE packet. Successful exploitation could allow attackers to crash the application.

oval:org.secpod.oval:def:701010
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:701011
gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement GnuPG could be tricked into downloading a different key when downloading from a key server.

oval:org.secpod.oval:def:700510
apr: The Apache Portable Runtime Library - apache2: a scalable, extensible web server A denial of service issue exists that affects the Apache web server.

oval:org.secpod.oval:def:700389
Paul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary comm ...

oval:org.secpod.oval:def:700412
Multiple insecure temporary file handling vulnerabilities were discovered in Red Hat Cluster. A local attacker could exploit these to overwrite arbitrary local files via symlinks. It was discovered that CMAN did not properly handle malformed configuration files. An attacker could cause a denial of ...

oval:org.secpod.oval:def:700705
bzip2: high-quality block-sorting file compressor - utilities Executables compressed by bzexe could be made to run programs as your login.

oval:org.secpod.oval:def:700410
Micha Krause discovered that Bind did not correctly validate certain dynamic DNS update packets. An unauthenticated remote attacker could send specially crafted traffic to crash the DNS server, leading to a denial of service.

oval:org.mitre.oval:def:188
Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document.

oval:org.secpod.oval:def:3884
The host is missing an update according to Apple advisory, APPLE-SA-2009-08-12-1. The update is required to fix a denial of service vulnerability. A flaw is present in the dns_db_findrdataset function in db.c, which fails to handle maliciously crafted update message. Successful exploitation could al ...

oval:org.secpod.oval:def:7537
The host is installed with Oracle Java SE 7 Update 7 or earlier, 6 Update 35 or earlier, 5.0 Update 36 or earlier, and 1.4.2_38 or earlier or JavaFX 2.2 or earlier and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle specially crafted content. Succes ...

oval:org.secpod.oval:def:200470
The kdegraphics packages contain applications for the K Desktop Environment, including KPDF, a viewer for Portable Document Format files. Petr Gajdos and Christian Kornacker of SUSE reported a buffer overflow flaw in KPDF"s Type 1 font parser. A specially-crafted PDF file with an embedded Type 1 fo ...

oval:org.mitre.oval:def:7757
Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content. The Common Vulnerabilities and Exposures project identifies the following problems: The DMO_Vid ...

oval:org.secpod.oval:def:4640
The host is installed with Apple Mac OS X 10.5.8, 10.6 before 10.6.5 or Adobe Flash Player before 9.0.289.0, 10.x before 10.1.102.64 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow remote a ...

oval:org.secpod.oval:def:103690
The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

oval:org.secpod.oval:def:7524
The host is installed with Adobe Shockwave Player 11.6.7.637 or earlier and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation allows attackers to execute arbitrary code.

oval:org.secpod.oval:def:7529
The host is missing a critical security update according to Adobe advisory, APSB12-23. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle memory. Successful exploitation allows attackers to execute remote code.

oval:org.secpod.oval:def:5259
The host is installed with Adobe Shockwave Player before 11.5.9.620 and is prone to denial of service (memory corruption) vulnerability. A flaw is present in Font Xtra.x32 module of the application, which fails to avoid memory corruptions. Successful exploitation allows a remote attacker to corrupt ...

oval:org.secpod.oval:def:1100051
The host is missing a patch containing a security fixes, which affects the following package(s): perl.rte.

*XCCDF
xccdf_com.secpod_benchmark_sample-definitions

© 2013 SecPod Technologies