HP LaserJet Enterprise Printers, HP PageWide Enterprise Printers, HP LaserJet Managed Printers, HP OfficeJet Enterprise Printers Security Vulnerabilities

RHEL 6 : pywbem (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. pywbem: failure to check certificate hostname (CVE-2013-6444) PyWBEM 0.7 and earlier uses a separate...

RHEL 7 : xchat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. xchat/hexchat: does not verify the server hostname matches the domain name in the subject's Common Name (CN) or...

RHEL 7 : python-beaker (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-beaker: Deserialization of Untrusted Data which can lead to Arbitrary code execution (CVE-2013-7489) ...

RHEL 7 : rhev-guest-tools (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. rhevm: rhev agent service unquoted search path (CVE-2013-2151) Note that Nessus has not tested for this issue but...

RHEL 7 : python-suds (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-suds: Insecure temporary directory use when initializing file-based URL cache (CVE-2013-2217) Note that...

RHEL 5 : libxfixes (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXfixes: Insufficient validation of server responses results in Integer overflow (CVE-2016-7944) ...

RHEL 6 : tuned (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tuned: insecure permissions of pmqos-static.pid (CVE-2013-1820) Note that Nessus has not tested for this issue but...

RHEL 5 : xfsprogs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. xfsprogs: xfs_metadump information disclosure flaw (CVE-2012-2150) Note that Nessus has not tested for this issue...

RHEL 6 : gtk2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gdk-pixbuf: DoS (GLib error and application abort) due to an integer overflow in the XBM image file...

RHEL 5 : dtach (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. dtach: Memory portion (random stack data) disclosure to the client by unclean client disconnect (CVE-2012-3368) ...

RHEL 5 : libpng (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libpng: underflow read in png_check_keyword() (CVE-2015-8540) The png_push_read_zTXt function in...

RHEL 5 : libxp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libXp: Integer overflow leading to heap-based buffer overflow (CVE-2013-2062) Note that Nessus has not tested for...

RHEL 6 : kdelibs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kdelibs: prints passwords contained in HTTP URLs in error messages (CVE-2013-2074) kf5-kio, kdelibs:...

RHEL 5 : libfs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libFS: Sign extension issues resulting in heap-based buffer overflow (CVE-2013-1996) Note that Nessus has not tested...

RHEL 5 : shadow-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. shadow-utils: TOCTOU race conditions by copying and removing directory trees (CVE-2013-4235) Note that Nessus has...

RHEL 6 : scipy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. scipy: weave /tmp and current directory issues (CVE-2013-4251) Note that Nessus has not tested for this issue but...

RHEL 5 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. subversion: Command injection through clients via malicious svn+ssh URLs (CVE-2017-9800) Svnserve in...

RHEL 5 : arts (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. arts,kdelibs3: Use of mktemp(3) allows attacker to hijack the IPC (CVE-2015-7543) Note that Nessus has not tested...

RHEL 7 : pngcrush (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. pngcrush: double-free in sPLT and png.c file (CVE-2015-7700) Note that Nessus has not tested for this issue but has...

RHEL 7 : texlive (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. texlive: mpost allows to run non-whitelisted external programs (CVE-2016-10243) mktexlsr revision 22855...

RHEL 6 : qemu-kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. QEMU: net: ignore packets with large size (CVE-2018-17963) Buffer overflow in the send_control_msg...

RHEL 5 : net-snmp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. net-snmp: Heap corruption in snmp_pdu_parse function in snmplib/snmp_api.c (CVE-2018-1000116) ...

RHEL 7 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. firefox: Possible integer overflow to fix inside XML_Parse in Expat (CVE-2016-9063) mod_lua.c in the...

RHEL 7 : sox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. sox: two heap out-of-bounds access issues (oCERT-2014-010) (CVE-2014-8145) sox: null pointer dereference...

RHEL 6 : coreutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. coreutils: memory corruption flaw in parse_datetime() (CVE-2014-9471) coreutils: Non-privileged session...

RHEL 7 : libdwarf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libdwarf: heap-based buffer over-read in dwarf_formsdata() (CVE-2017-9055) Use-after-free vulnerability...

RHEL 6 : qpid-cpp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. qpid-cpp: anonymous access to qpidd cannot be prevented (CVE-2015-0223) qpid-cpp: AMQP 0-10 protocol...

RHEL 7 : ecryptfs-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ecryptfs-utils: default salt is used for wrapping passphrase (CVE-2014-9687) Note that Nessus has not tested for...

RHEL 5 : php53 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in phar_set_inode() (CVE-2015-3329) php: memory corruption in phar_parse_tarfile...

RHEL 6 : tcpdump (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tcpdump: multiple overflow issues in protocol decoding (CVE-2017-5486) Integer underflow in the...

RHEL 5 : vorbis-tools (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. vorbis-tools: division by zero on crafted WAV file (CVE-2014-9638) vorbis-tools: Invalid memory...

RHEL 7 : lcms2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165) Unspecified vulnerability in Oracle Java...

RHEL 6 : polkit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. polkit: Improper handling of user with uid > INT_MAX leading to authentication bypass (CVE-2018-19788) ...

RHEL 6 : nss_compat_ossl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nss_compat_ossl: incorrect multi-keyword mode cipherstring parsing (CVE-2015-3278) Note that Nessus has not tested...

RHEL 7 : nss_compat_ossl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nss_compat_ossl: incorrect multi-keyword mode cipherstring parsing (CVE-2015-3278) Note that Nessus has not tested...

RHEL 5 : perl-xml-libxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-XML-LibXML: Use-after-free by controlling the arguments to a replaceChild call (CVE-2017-10672) The...

RHEL 7 : mysql-connector-java (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018) (CVE-2018-3258) ...

RHEL 6 : cyrus-imapd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. cyrus-imapd: Out of bounds heap read in index_urlfetch (CVE-2015-8076) Note that Nessus has not tested for this...

RHEL 5 : cyrus-imapd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. cyrus-imapd: Out of bounds heap read in index_urlfetch (CVE-2015-8076) Note that Nessus has not tested for this...

RHEL 7 : a2ps (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. a2ps: output_file() format string flaw (CVE-2015-8107) Note that Nessus has not tested for this issue but has...

RHEL 7 : dhcp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. dhcp: UDP payload length not properly checked (CVE-2015-8605) Note that Nessus has not tested for this issue but has...

RHEL 7 : pcsc-lite (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. pcsc-lite: Use-after-free of cardsList due to SCardReleaseContext invocations (CVE-2016-10109) Note that Nessus has...

RHEL 7 : gdm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gdm: use-after-free in the GDM daemon (CVE-2018-14424) gdm3 3.14.2 and possibly later has an information...

RHEL 7 : freeradius (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer ...

RHEL 6 : java-1.5.0-ibm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842) (CVE-2015-4803) ...

RHEL 7 : dosfstools (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. dosfstools: Heap-buffer-overflows in read_fat() and get_fat() functions (CVE-2016-4804) The set_fat...

RHEL 5 : screen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. screen: Stack overflow due to deep recursion causing process freeze (CVE-2015-6806) Note that Nessus has not tested...

RHEL 7 : yelp-xsl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jquery-ui: XSS vulnerability in jQuery.ui.dialog title option (CVE-2010-5312) jquery-ui: XSS...

RHEL 6 : acpid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. acpid: blocked writes can lead to acpid daemon hang (CVE-2011-1159) acpid: Unsafe umask for actions...

RHEL 5 : acpid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. acpid: blocked writes can lead to acpid daemon hang (CVE-2011-1159) acpid: Unsafe umask for actions...