| Security Issues and Fixes: 192.168.200.155 |
| Type |
Port |
Issue and Fix |
| Informational |
domain (53/tcp) |
A DNS server is running on this port. If you do not use it, disable it.
Risk factor : Low
Nessus ID : 11002 |
| Informational |
domain (53/tcp) |
Synopsis :
It is possible to obtain the version number of the remote DNS server.
Description :
The remote host is running BIND, an open-source DNS server. It is possible
to extract the version number of the remote installation by sending
a special DNS request for the text 'version.bind' in the domain 'chaos'.
Solution :
It is possible to hide the version number of bind by using the 'version'
directive in the 'options' section in named.conf
Risk factor :
None
Plugin output :
The version of the remote BIND server is : 9.3.3rc2
Other references : OSVDB:23
Nessus ID : 10028 |
| Informational |
netbios-ns (137/udp) |
Synopsis :
It is possible to obtain the network name of the remote host.
Description :
The remote host listens on udp port 137 and replies to NetBIOS nbtscan
requests. By sending a wildcard request it is possible to obtain the
name of the remote system and the name of its domain.
Risk factor :
None
Plugin output :
The following 9 NetBIOS names have been gathered :
GATEKEEPER = Computer name
GATEKEEPER = Messenger Service
GATEKEEPER = File Server Service
__MSBROWSE__ = Master Browser
GROVEAVENUE = Master Browser
GROVEAVENUE = Domain Master Browser
GROVEAVENUE = Domain Controllers
GROVEAVENUE = Browser Service Elections
GROVEAVENUE = Workgroup / Domain name
This SMB server seems to be a SAMBA server (MAC address is NULL).
CVE : CVE-1999-0621
Other references : OSVDB:13577
Nessus ID : 10150 |
| Vulnerability |
general/tcp |
Synopsis :
The Guest account has excessive privileges.
Description :
Using the supplied credentials it was possible to determine that the
guest user belongs to groups other than guest users or domain guests.
Guest users should not have any privileges so you should fix this.
Solution :
Edit local or domain policy to restrict the guest account.
Risk factor :
High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
Nessus ID : 10907 |
| Vulnerability |
general/tcp |
Updated libxslt packages that fix a security issue are now available.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
libxslt is a C library, based on libxml, for parsing of XML files into
other textual formats (eg HTML, plain text and other XML representations of
the underlying data) It uses the standard XSLT stylesheet transformation
mechanism and, being written in plain ANSI C, is designed to be simple to
incorporate into other applications
Anthony de Almeida Lopes reported the libxslt library did not properly
process long "transformation match" conditions in the XSL stylesheet files.
An attacker could create a malicious XSL file that would cause a crash, or,
possibly, execute and arbitrary code with the privileges of the application
using libxslt library to perform XSL transformations. (CVE-2008-1767)
All users are advised to upgrade to these updated packages, which contain a
backported patch to resolve this issue.
Solution : http://rhn.redhat.com/errata/RHSA-2008-0287.html
Risk factor : High
Plugin output :
Remote package installed : libxslt-1.1.17-2
Should be : libxslt-1.1.17-2.el5_1.1
CVE : CVE-2008-1767
Nessus ID : 32421 |
| Vulnerability |
general/tcp |
Updated kernel packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
These updated packages fix the following security issues:
* on AMD64 architectures, the possibility of a kernel crash was discovered
by testing the Linux kernel process-trace ability. This could allow a local
unprivileged user to cause a denial of service (kernel crash).
(CVE-2008-1615, Important)
* on 64-bit architectures, the possibility of a timer-expiration value
overflow was found in the Linux kernel high-resolution timers
functionality, hrtimer. This could allow a local unprivileged user to setup
a large interval value, forcing the timer expiry value to become negative,
causing a denial of service (kernel hang). (CVE-2007-6712, Important)
* the possibility of a kernel crash was found in the Linux kernel IPsec
protocol implementation, due to improper handling of fragmented ESP
packets. When an attacker controlling an intermediate router fragmented
these packets into very small pieces, it would cause a kernel crash on the
receiving node during packet reassembly. (CVE-2007-6282, Important)
* a potential denial of service attack was discovered in the Linux kernel
PWC USB video driver. A local unprivileged user could use this flaw to
bring the kernel USB subsystem into the busy-waiting state, causing a
denial of service. (CVE-2007-5093, Low)
As well, these updated packages fix the following bugs:
* in certain situations, a kernel hang and a possible panic occurred when
disabling the cpufreq daemon. This may have prevented system reboots from
completing successfully.
* continual "softlockup" messages, which occurred on the guest's console
after a successful save and restore of a Red Hat Enterprise Linux 5
para-virtualized guest, have been resolved.
* in the previous kernel packages, the kernel may not have reclaimed NFS
locks after a system reboot.
Red Hat Enterprise Linux 5 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.
Solution : http://rhn.redhat.com/errata/RHSA-2008-0275.html
Risk factor : High
Plugin output :
Remote package installed : kernel-headers-2.6.18-53.1.14.el5
Should be : kernel-headers-2.6.18-53.1.21.el5
CVE : CVE-2007-5093, CVE-2007-6282, CVE-2007-6712, CVE-2008-1615
Nessus ID : 32391 |
| Vulnerability |
general/tcp |
Updated samba packages that fix a security issue and two bugs are now
available for Red Hat Enterprise Linux 5.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Samba is a suite of programs used by machines to share files, printers, and
other information.
A heap-based buffer overflow flaw was found in the way Samba clients handle
over-sized packets. If a client connected to a malicious Samba server, it
was possible to execute arbitrary code as the Samba client user. It was
also possible for a remote user to send a specially crafted print request
to a Samba server that could result in the server executing the vulnerable
client code, resulting in arbitrary code execution with the permissions of
the Samba server. (CVE-2008-1105)
Red Hat would like to thank Alin Rad Pop of Secunia Research for
responsibly disclosing this issue.
This update also addresses two issues which prevented Samba from joining
certain Windows domains with tightened security policies, and prevented
certain signed SMB content from working as expected:
* when some Windows 2000-based domain controllers were set to use
mandatory signing, Samba clients would drop the connection because of an
error when generating signatures. This presented as a "Server packet had
invalid SMB signature" error to the Samba client. This update corrects the
signature generation error.
* Samba servers using the "net ads join" command to connect to a Windows
Server 2003-based domain would fail with "failed to get schannel session
key from server" and "NT_STATUS_ACCESS_DENIED" errors. This update
correctly binds to the NETLOGON share, allowing Samba servers to connect to
the domain properly.
Users of Samba are advised to upgrade to these updated packages, which
contain a backported patch to resolve these issues.
Solution : http://rhn.redhat.com/errata/RHSA-2008-0290.html
Risk factor : High
Plugin output :
Remote package installed : samba-3.0.25b-1.el5_1.4
Should be : samba-3.0.28-1.el5_2.1
CVE : CVE-2008-1105
Nessus ID : 32472 |
| Vulnerability |
general/tcp |
Updated bind packages that fix two security issues, several bugs, and add
enhancements are now available for Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.
It was discovered that the bind packages created the "rndc.key" file with
insecure file permissions. This allowed any local user to read the content
of this file. A local user could use this flaw to control some aspects of
the named daemon by using the rndc utility, for example, stopping the named
daemon. This problem did not affect systems with the bind-chroot package
installed. (CVE-2007-6283)
A buffer overflow flaw was discovered in the "inet_network()" function, as
implemented by libbind. An attacker could use this flaw to crash an
application calling this function, with an argument provided from an
untrusted source. (CVE-2008-0122)
As well, these updated packages fix the following bugs:
* when using an LDAP backend, missing function declarations caused
segmentation faults, due to stripped pointers on machines where pointers
are longer than integers.
* starting named may have resulted in named crashing, due to a race
condition during D-BUS connection initialization. This has been resolved in
these updated packages.
* the named init script returned incorrect error codes, causing the
"status" command to return an incorrect status. In these updated packages,
the named init script is Linux Standard Base (LSB) compliant.
* in these updated packages, the "rndc [command] [zone]" command, where
[command] is an rndc command, and [zone] is the specified zone, will find
the [zone] if the zone is unique to all views.
* the default named log rotation script did not work correctly when using
the bind-chroot package. In these updated packages, installing
bind-chroot creates the symbolic link "/var/log/named.log", which points
to "/var/named/chroot/var/log/named.log", which resolves this issue.
* a previous bind update incorrectly changed the permissions on the
"/etc/openldap/schema/dnszone.schema" file to mode 640, instead of mode
644, which resulted in OpenLDAP not being able to start. In these updated
packages, the permissions are correctly set to mode 644.
* the "checkconfig" parameter was missing in the named usage report. For
example, running the "service named" command did not return "checkconfig"
in the list of available options.
* due to a bug in the named init script not handling the rndc return value
correctly, the "service named stop" and "service named restart" commands
failed on certain systems.
* the bind-chroot spec file printed errors when running the "%pre" and
"%post" sections. Errors such as the following occurred:
Locating //etc/named.conf failed:
[FAILED]
This has been resolved in these updated packages.
* installing the bind-chroot package creates a "/dev/random" file in the
chroot environment; however, the "/dev/random" file had an incorrect
SELinux label. Starting named resulted in an 'avc: denied { getattr } for
pid=[pid] comm="named" path="/dev/random"' error being logged. The
"/dev/random" file has the correct SELinux label in these updated packages.
* in certain situations, running the "bind +trace" command resulted in
random segmentation faults.
As well, these updated packages add the following enhancements:
* support has been added for GSS-TSIG (RFC 3645).
* the "named.root" file has been updated to reflect the new address for
L.ROOT-SERVERS.NET.
* updates BIND to the latest 9.3 maintenance release.
All users of bind are advised to upgrade to these updated packages, which
resolve these issues and add these enhancements.
Solution : http://rhn.redhat.com/errata/RHSA-2008-0300.html
Risk factor : High
Plugin output :
Remote package installed : bind-9.3.3-10.el5
Should be : bind-9.3.4-6.P1.el5
CVE : CVE-2007-6283, CVE-2008-0122
Nessus ID : 32424 |
| Vulnerability |
general/tcp |
Updated libvorbis packages that fix various security issues are now
available for Red Hat Enterprise Linux 3, 4, and 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
The libvorbis packages contain runtime libraries for use in programs that
support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and
royalty-free, general-purpose compressed audio format.
Will Drewry of the Google Security Team reported several flaws in the way
libvorbis processed audio data. An attacker could create a carefully
crafted OGG audio file in such a way that it could cause an application
linked with libvorbis to crash, or execute arbitrary code when it was
opened. (CVE-2008-1419, CVE-2008-1420, CVE-2008-1423)
Moreover, additional OGG file sanity-checks have been added to prevent
possible exploitation of similar issues in the future.
Users of libvorbis are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.
Solution : http://rhn.redhat.com/errata/RHSA-2008-0270.html
Risk factor : High
Plugin output :
Remote package installed : libvorbis-1.1.2-3.el5.0
Should be : libvorbis-1.1.2-3.el5_1.2
CVE : CVE-2008-1419, CVE-2008-1420, CVE-2008-1423
Nessus ID : 32355 |
| Vulnerability |
general/tcp |
Updated xen packages that fix several security issues and a bug are now
available for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
The xen packages contain tools for managing the virtual machine monitor in
Red Hat Virtualization.
These updated packages fix the following security issues:
Daniel P. Berrange discovered that the hypervisor's para-virtualized
framebuffer (PVFB) backend failed to validate the format of messages
serving to update the contents of the framebuffer. This could allow a
malicious user to cause a denial of service, or compromise the privileged
domain (Dom0). (CVE-2008-1944)
Markus Armbruster discovered that the hypervisor's para-virtualized
framebuffer (PVFB) backend failed to validate the frontend's framebuffer
description. This could allow a malicious user to cause a denial of
service, or to use a specially crafted frontend to compromise the
privileged domain (Dom0). (CVE-2008-1943)
Chris Wright discovered a security vulnerability in the QEMU block format
auto-detection, when running fully-virtualized guests. Such
fully-virtualized guests, with a raw formatted disk image, were able
to write a header to that disk image describing another format. This could
allow such guests to read arbitrary files in their hypervisor's host.
(CVE-2008-2004)
Ian Jackson discovered a security vulnerability in the QEMU block device
drivers backend. A guest operating system could issue a block device
request and read or write arbitrary memory locations, which could lead to
privilege escalation. (CVE-2008-0928)
Tavis Ormandy found that QEMU did not perform adequate sanity-checking of
data received via the "net socket listen" option. A malicious local
administrator of a guest domain could trigger this flaw to potentially
execute arbitrary code outside of the domain. (CVE-2007-5730)
Steve Kemp discovered that the xenbaked daemon and the XenMon utility
communicated via an insecure temporary file. A malicious local
administrator of a guest domain could perform a symbolic link attack,
causing arbitrary files to be truncated. (CVE-2007-3919)
As well, in the previous xen packages, it was possible for Dom0 to fail to
flush data from a fully-virtualized guest to disk, even if the guest
explicitly requested the flush. This could cause data integrity problems on
the guest. In these updated packages, Dom0 always respects the request to
flush to disk.
Users of xen are advised to upgrade to these updated packages, which
resolve these issues.
Solution : http://rhn.redhat.com/errata/RHSA-2008-0194.html
Risk factor : High
Plugin output :
Remote package installed : xen-libs-3.0.3-41.el5
Should be : xen-libs-3.0.3-41.el5_1.5
CVE : CVE-2007-3919, CVE-2007-5730, CVE-2008-0928, CVE-2008-1943, CVE-2008-1944, CVE-2008-2004
Nessus ID : 32354 |
| Vulnerability |
general/tcp |
An updated gnome-screensaver package that fixes a security flaw is now
available for Red Hat Enterprise Linux FasTrack 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
gnome-screensaver is the GNOME project's official screen saver program.
A flaw was found in the way gnome-screensaver verified user passwords. When
a system used a remote directory service for login credentials, a local
attacker able to cause a network outage could cause gnome-screensaver to
crash, unlocking the screen. (CVE-2008-0887)
Users of gnome-screensaver should upgrade to this updated package, which
contains a backported patch to correct this issue.
Solution : http://rhn.redhat.com/errata/RHSA-2008-0218.html
Risk factor : High
Plugin output :
Remote package installed : gnome-screensaver-2.16.1-5.el5_1.1
Should be : gnome-screensaver-2.16.1-8.el5
CVE : CVE-2008-0887
Nessus ID : 32420 |
| Vulnerability |
general/tcp |
Updated kernel packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
These updated packages fix the following security issues:
* the absence of a protection mechanism when attempting to access a
critical section of code has been found in the Linux kernel open file
descriptors control mechanism, fcntl. This could allow a local unprivileged
user to simultaneously execute code, which would otherwise be protected
against parallel execution. As well, a race condition when handling locks
in the Linux kernel fcntl functionality, may have allowed a process
belonging to a local unprivileged user to gain re-ordered access to the
descriptor table. (CVE-2008-1669, Important)
* a possible hypervisor panic was found in the Linux kernel. A privileged
user of a fully virtualized guest could initiate a stress-test File
Transfer Protocol (FTP) transfer between the guest and the hypervisor,
possibly leading to hypervisor panic. (CVE-2008-1619, Important)
* the absence of a protection mechanism when attempting to access a
critical section of code, as well as a race condition, have been found
in the Linux kernel file system event notifier, dnotify. This could allow a
local unprivileged user to get inconsistent data, or to send arbitrary
signals to arbitrary system processes. (CVE-2008-1375, Important)
Red Hat would like to thank Nick Piggin for responsibly disclosing the
following issue:
* when accessing kernel memory locations, certain Linux kernel drivers
registering a fault handler did not perform required range checks. A local
unprivileged user could use this flaw to gain read or write access to
arbitrary kernel memory, or possibly cause a kernel crash.
(CVE-2008-0007, Important)
* the absence of sanity-checks was found in the hypervisor block backend
driver, when running 32-bit paravirtualized guests on a 64-bit host. The
number of blocks to be processed per one request from guest to host, or
vice-versa, was not checked for its maximum value, which could have allowed
a local privileged user of the guest operating system to cause a denial of
service. (CVE-2007-5498, Important)
* it was discovered that the Linux kernel handled string operations in the
opposite way to the GNU Compiler Collection (GCC). This could allow a local
unprivileged user to cause memory corruption. (CVE-2008-1367, Low)
As well, these updated packages fix the following bugs:
* on IBM System z architectures, when running QIOASSIST enabled QDIO
devices in an IBM z/VM environment, the output queue stalled under heavy
load. This caused network performance to degrade, possibly causing network
hangs and outages.
* multiple buffer overflows were discovered in the neofb video driver. It
was not possible for an unprivileged user to exploit these issues, and as
such, they have not been handled as security issues.
* when running Microsoft Windows in a HVM, a bug in vmalloc/vfree caused
network performance to degrade.
* on certain architectures, a bug in the libATA sata_nv driver may have
caused infinite reboots, and an "ata1: CPB flags CMD err flags 0x11" error.
* repeatedly hot-plugging a PCI Express card may have caused "Bad DLLP"
errors.
* a NULL pointer dereference in NFS, which may have caused applications to
crash, has been resolved.
* when attempting to kexec reboot, either manually or via a panic-triggered
kdump, the Unisys ES7000/one hanged after rebooting in the new kernel,
after printing the "Memory: 32839688k/33685504k available" line.
Red Hat Enterprise Linux 5 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.
Solution : http://rhn.redhat.com/errata/RHSA-2008-0233.html
Risk factor : High
Plugin output :
Remote package installed : kernel-headers-2.6.18-53.1.14.el5
Should be : kernel-headers-2.6.18-53.1.19.el5
CVE : CVE-2007-5498, CVE-2008-0007, CVE-2008-1367, CVE-2008-1375, CVE-2008-1619, CVE-2008-1669
Nessus ID : 32161 |
| Vulnerability |
general/tcp |
Updated mysql packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 5.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld), and
many different client programs and libraries.
MySQL did not require privileges such as "SELECT" for the source table in a
"CREATE TABLE LIKE" statement. An authenticated user could obtain sensitive
information, such as the table structure. (CVE-2007-3781)
A flaw was discovered in MySQL that allowed an authenticated user to gain
update privileges for a table in another database, via a view that refers
to the external table. (CVE-2007-3782)
MySQL did not require the "DROP" privilege for "RENAME TABLE" statements.
An authenticated user could use this flaw to rename arbitrary tables.
(CVE-2007-2691)
A flaw was discovered in the mysql_change_db function when returning from
SQL SECURITY INVOKER stored routines. An authenticated user could use this
flaw to gain database privileges. (CVE-2007-2692)
MySQL allowed an authenticated user to bypass logging mechanisms via SQL
queries that contain the NULL character, which were not properly handled by
the mysql_real_query function. (CVE-2006-0903)
MySQL allowed an authenticated user to access a table through a previously
created MERGE table, even after the user's privileges were revoked from
the original table, which might violate intended security policy. This is
addressed by allowing the MERGE storage engine to be disabled, which can
be done by running mysqld with the "--skip-merge" option. (CVE-2006-4031)
MySQL evaluated arguments in the wrong security context, which allowed an
authenticated user to gain privileges through a routine that had been made
available using "GRANT EXECUTE". (CVE-2006-4227)
Multiple flaws in MySQL allowed an authenticated user to cause the MySQL
daemon to crash via crafted SQL queries. This only caused a temporary
denial of service, as the MySQL daemon is automatically restarted after the
crash. (CVE-2006-7232, CVE-2007-1420, CVE-2007-2583)
As well, these updated packages fix the following bugs:
* a separate counter was used for "insert delayed" statements, which caused
rows to be discarded. In these updated packages, "insert delayed"
statements no longer use a separate counter, which resolves this issue.
* due to a bug in the Native POSIX Thread Library, in certain situations,
"flush tables" caused a deadlock on tables that had a read lock. The mysqld
daemon had to be killed forcefully. Now, "COND_refresh" has been replaced
with "COND_global_read_lock", which resolves this issue.
* mysqld crashed if a query for an unsigned column type contained a
negative value for a "WHERE [column] NOT IN" subquery.
* in master and slave server situations, specifying "on duplicate key
update" for "insert" statements did not update slave servers.
* in the mysql client, empty strings were displayed as "NULL". For
example, running "insert into [table-name] values (' ');" resulted in a
"NULL" entry being displayed when querying the table using "select * from
[table-name];".
* a bug in the optimizer code resulted in certain queries executing much
slower than expected.
* on 64-bit PowerPC architectures, MySQL did not calculate the thread stack
size correctly, which could have caused MySQL to crash when overly-complex
queries were used.
Note: these updated packages upgrade MySQL to version 5.0.45. For a full
list of bug fixes and enhancements, refer to the MySQL release notes:
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0.html
All mysql users are advised to upgrade to these updated packages, which
resolve these issues.
Solution : http://rhn.redhat.com/errata/RHSA-2008-0364.html
Risk factor : High
Plugin output :
Remote package installed : mysql-5.0.22-2.2.el5_1.1
Should be : mysql-5.0.45-7.el5
CVE : CVE-2006-0903, CVE-2006-4031, CVE-2006-4227, CVE-2006-7232, CVE-2007-1420, CVE-2007-2583, CVE-2007-2691, CVE-2007-2692, CVE-2007-3781, CVE-2007-3782
Nessus ID : 32425 |
| Vulnerability |
general/tcp |
Updated gnutls packages that fix several security issues are now available
for Red Hat Enterprise Linux 5.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
The GnuTLS Library provides support for cryptographic algorithms and
protocols such as TLS. GnuTLS includes libtasn1, a library developed for
ASN.1 structures management that includes DER encoding and decoding.
Flaws were found in the way GnuTLS handles malicious client connections. A
malicious remote client could send a specially crafted request to a service
using GnuTLS that could cause the service to crash. (CVE-2008-1948,
CVE-2008-1949, CVE-2008-1950)
We believe it is possible to leverage the flaw CVE-2008-1948 to execute
arbitrary code but have been unable to prove this at the time of releasing
this advisory. Red Hat Enterprise Linux 5 includes applications, such as
CUPS, that would be directly vulnerable to any such an exploit, however.
Consequently, we have assigned it critical severity.
Users of GnuTLS are advised to upgrade to these updated packages, which
contain a backported patch that corrects these issues.
Solution : http://rhn.redhat.com/errata/RHSA-2008-0489.html
Risk factor : High
Plugin output :
Remote package installed : gnutls-1.4.1-2
Should be : gnutls-1.4.1-3.el5_1
CVE : CVE-2008-1948, CVE-2008-1949, CVE-2008-1950
Nessus ID : 32428 |
| Vulnerability |
general/tcp |
An updated nss_ldap package that fixes a security issue and several bugs is
now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
The nss_ldap package contains the nss_ldap and pam_ldap modules. The
nss_ldap module is a plug-in which allows applications to retrieve
information about users and groups from a directory server. The pam_ldap
module allows PAM-aware applications to use a directory server to verify
user passwords.
A race condition was discovered in nss_ldap which affected certain
applications which make LDAP connections, such as Dovecot. This could cause
nss_ldap to answer a request for information about one user with
information about a different user. (CVE-2007-5794)
In addition, these updated packages fix the following bugs:
* a build error prevented the nss_ldap module from being able to use DNS to
discover the location of a directory server. For example, when the
/etc/nsswitch.conf configuration file was configured to use "ldap", but no
"host" or "uri" option was configured in the /etc/ldap.conf configuration
file, no directory server was contacted, and no results were returned.
* the "port" option in the /etc/ldap.conf configuration file on client
machines was ignored. For example, if a directory server which you were
attempting to use was listening on a non-default port (i.e. not ports 389
or 636), it was only possible to use that directory server by including the
port number in the "uri" option. In this updated package, the "port" option
works as expected.
* pam_ldap failed to change an expired password if it had to follow a
referral to do so, which could occur, for example, when using a slave
directory server in a replicated environment. An error such as the
following occurred after entering a new password: "LDAP password
information update failed: Can't contact LDAP server Insufficient 'write'
privilege to the 'userPassword' attribute"
This has been resolved in this updated package.
* when the "pam_password exop_send_old" password-change method was
configured in the /etc/ldap.conf configuration file, a logic error in the
pam_ldap module caused client machines to attempt to change a user's
password twice. First, the pam_ldap module attempted to change the password
using the "exop" request, and then again using an LDAP modify request.
* on Red Hat Enterprise Linux 5.1, rebuilding nss_ldap-253-5.el5 when the
krb5-*-1.6.1-17.el5 packages were installed failed due to an error such as
the following:
+ /builddir/build/SOURCES/dlopen.sh ./nss_ldap-253/nss_ldap.so
dlopen() of "././nss_ldap-253/nss_ldap.so" failed:
./././nss_ldap-253/nss_ldap.so: undefined symbol: request_key
error: Bad exit status from /var/tmp/rpm-tmp.62652 (%build)
The missing libraries have been added, which resolves this issue.
When recursively enumerating the set of members in a given group, the
module would allocate insufficient space for storing the set of member
names if the group itself contained other groups, thus corrupting the heap.
This update includes a backported fix for this bug.
Users of nss_ldap should upgrade to these updated packages, which contain
backported patches to correct this issue and fix these bugs.
Solution : http://rhn.redhat.com/errata/RHSA-2008-0389.html
Risk factor : High
Plugin output :
Remote package installed : nss_ldap-253-5.el5
Should be : nss_ldap-253-12.el5
CVE : CVE-2007-5794
Nessus ID : 32426 |
| Informational |
general/tcp |
Synopsis :
The remote service implements TCP timestamps.
Description :
The remote host implements TCP timestamps, as defined by RFC1323.
A side effect of this feature is that the uptime of the remote
host can sometimes be computed.
See also :
http://www.ietf.org/rfc/rfc1323.txt
Risk factor :
None
Nessus ID : 25220 |
| Informational |
general/tcp |
Information about this scan :
Nessus version : 3.2.1
Plugin feed version : 200806110034
Type of plugin feed : Registered (7 days delay)
Scanner IP : 192.168.200.155
Port scanner(s) : nessus_tcp_scanner
Port range : default
Thorough tests : no
Experimental tests : no
Paranoia level : 1
Report Verbosity : 1
Safe checks : yes
Optimize the test : yes
Max hosts : 20
Max checks : 4
Recv timeout : 5
Scan Start Date : 2008/6/11 14:48
Scan duration : 257 sec
Nessus ID : 19506 |
| Informational |
general/tcp |
Remote operating system : Linux Kernel 2.6.18-53.1.14.el5xen on Red Hat Enterprise Linux Server release 5.1 (Tikanga)
Confidence Level : 100
Method : LinuxDistribution
The remote host is running Linux Kernel 2.6.18-53.1.14.el5xen on Red Hat Enterprise Linux Server release 5.1 (Tikanga)
Nessus ID : 11936 |
| Informational |
general/tcp |
Synopsis :
This plugin enumerates IPv6 interfaces on a remote host.
Description :
By connecting to the remote Unix / Linux host with the supplied
credentials, this plugin enumerates network interfaces configured with
IPv6 addresses.
Solution :
Disable IPv6 if you do not actually using it. Otherwise, disable any
unused IPv6 interfaces.
Risk factor :
None
Plugin output :
The following IPv6 interfaces are set on the remote host :
- fe80::215:17ff:fe5a:9130 (on interface eth0)
- fe80::215:17ff:fe5a:9131 (on interface eth1)
- ::1 (on interface lo)
- fe80::fcff:ffff:feff:ffff (on interface peth0)
- fe80::fcff:ffff:feff:ffff (on interface veth3)
- fe80::200:ff:fe00:0 (on interface virbr0)
- fe80::200:ff:fe00:0 (on interface xenbr0)
Nessus ID : 25202 |
| Informational |
general/tcp |
Synopsis :
This plugin enumerates IPv4 interfaces on a remote host.
Description :
By connecting to the remote host with the supplied credentials, this
plugin enumerates network interfaces configured with IPv4 addresses.
Solution :
Disable any unused IPv4 interfaces.
Risk factor :
None
Plugin output :
The following IPv4 addresses are set on the remote host :
- 192.168.200.155 (on interface eth0)
- 41.208.24.117 (on interface eth1)
- 41.208.24.115 (on interface eth1:1)
- 127.0.0.1 (on interface lo)
- 192.168.122.1 (on interface virbr0)
Nessus ID : 25203 |
| Informational |
general/tcp |
Synopsis :
It is possible to enumerate installed software on the remote host, via SSH.
Description :
This plugin lists the software installed on the remote host by calling the
appropriate command (rpm -qa on RPM-based Linux distributions, etc...)
Solution :
Remove software that is not compliant with your company policy.
Risk factor :
None
Plugin output :
Here is the list of packages installed on the remote Red Hat Linux system :
termcap-5.5-1.20060701.1|1
glib2-2.12.3-2.fc6|(none)
libSM-1.0.1-3.1|(none)
info-4.8-14.el5|(none)
gawk-3.1.5-14.el5|(none)
cyrus-sasl-lib-2.1.22-4|(none)
db4-4.3.29-9.fc6|(none)
libgcrypt-1.2.3-1|(none)
libattr-2.4.32-1.1|(none)
libgpg-error-1.4-2|(none)
beecrypt-4.1.2-10.1.1|(none)
libart_lgpl-2.3.17-4|(none)
ed-0.2-38.2.2|(none)
file-4.17-9.0.1.el5|(none)
db4-4.3.29-9.fc6|(none)
libXau-1.0.1-3.1|(none)
psutils-1.17-26.1|(none)
iputils-20020927-43.el5|(none)
mkisofs-2.01-10|9
libnl-1.0-0.10.pre5.4|(none)
sqlite-3.3.6-2|(none)
libXdmcp-1.0.1-2.1|(none)
libX11-1.0.3-8.0.1.el5|(none)
libXxf86vm-1.0.1-3.1|(none)
libXfixes-4.0.1-2.1|(none)
libXrandr-1.1.1-3.1|(none)
libXTrap-1.0.0-3.1|(none)
perl-URI-1.35-3|(none)
anacron-2.3-45.el5|(none)
libhugetlbfs-1.0.1-1.el5|(none)
cyrus-sasl-plain-2.1.22-4|(none)
libtheora-1.0alpha7-1|0
ftp-0.17-33.fc6|(none)
unzip-5.52-2.2.1|(none)
hdparm-6.6-2|(none)
zip-2.31-1.2.2|(none)
eject-2.1.5-4.2.el5|(none)
libxklavier-3.0-3.el5|(none)
libacl-2.2.39-2.1.el5|(none)
libcroco-0.6.1-2.1|(none)
libsysfs-2.0.0-6|(none)
libao-0.8.6-5|(none)
words-3.0-9|(none)
shadow-utils-4.0.17-12.el5|2
pygobject2-2.12.1-5.el5|(none)
audit-1.5.5-7.el5|(none)
libselinux-python-1.33.4-4.el5|(none)
bind-libs-9.3.3-10.el5|30
freeglut-2.4.0-7.1.el5|(none)
gamin-python-0.1.7-8.el5|(none)
readahead-1.3-7.el5|1
lockdev-1.0.1-10|(none)
libXft-2.1.10-1.1|(none)
pango-1.14.9-3.el5|(none)
nfs-utils-lib-1.0.8-7.2.z2|(none)
pam-0.99.6.2-3.26.el5|(none)
policycoreutils-1.33.12-12.el5|(none)
lockdev-1.0.1-10|(none)
openssh-clients-4.3p2-24.el5|(none)
irqbalance-0.55-6.el5|2
python-ldap-2.2.0-2.1|0
nss_ldap-253-5.el5|(none)
rpm-libs-4.4.2-47.el5|(none)
gtk2-2.10.4-19.el5|(none)
bluez-gnome-0.5-5.fc6|(none)
at-spi-1.7.11-2.fc6|(none)
pcmciautils-014-5|(none)
usbutils-0.71-2.1|(none)
mkbootdisk-1.5.3-2.1|(none)
Deployment_Guide-en-US-5.1.0-11|(none)
pm-utils-0.99.3-6.el5.17|(none)
system-config-network-tui-1.3.99-2.el5|(none)
pygobject2-doc-2.12.1-5.el5|(none)
libgfortran-4.1.2-14.el5|(none)
boost-1.33.1-10.el5|(none)
keyutils-libs-devel-1.2-1.el5|(none)
libart_lgpl-devel-2.3.17-4|(none)
libgcrypt-devel-1.2.3-1|(none)
libXvMC-1.0.2-2.1|(none)
cscope-15.5-15.fc6.1|(none)
diffstat-1.41-1.2.2|(none)
pfmon-3.2-0.060926.4.el5|(none)
libacl-devel-2.2.39-2.1.el5|(none)
xorg-x11-xtrans-devel-1.0.1-1.1.fc6|(none)
libtermcap-devel-2.0.8-46.1|(none)
libdrm-devel-2.0.2-1.1|(none)
libgtop2-devel-2.14.4-3.el5|(none)
libcap-devel-1.10-26|(none)
expat-devel-1.95.8-8.2.1|(none)
automake16-1.6.3-8|(none)
libselinux-devel-1.33.4-4.el5|(none)
libXft-devel-2.1.10-1.1|(none)
libSM-devel-1.0.1-3.1|(none)
libglade2-devel-2.6.0-2|(none)
openssh-askpass-4.3p2-24.el5|(none)
pyspi-0.6.1-1.el5|(none)
libwmf-0.2.8.4-10.1|(none)
scrollkeeper-0.3.14-9.el5|(none)
perl-SGMLSpm-1.03ii-16.2.1|(none)
rhgb-0.16.4-8.el5|(none)
system-config-printer-0.7.32.5-1.el5|(none)
gail-devel-1.9.2-1.fc6|(none)
xmlsec1-devel-1.2.9-8.1|(none)
GConf2-devel-2.14.0-9.el5|(none)
lockdev-devel-1.0.1-10|(none)
pygobject2-devel-2.12.1-5.el5|(none)
gjdoc-0.7.7-12.el5|(none)
sane-backends-libs-1.0.18-5.el5|(none)
gnome-desktop-2.16.0-1.fc6|(none)
gnome-panel-2.16.1-6.el5|(none)
xsane-0.991-4.el5|(none)
sabayon-apply-2.12.4-5.el5|(none)
gnome-vfs2-2.16.2-4.el5|(none)
gucharmap-1.8.0-1.fc6|(none)
gthumb-2.7.8-5.el5|(none)
gdm-2.16.0-31.0.1.el5|1
gnome-terminal-2.16.0-3.el5|(none)
gnome-python2-2.16.0-1.fc6|(none)
gnome-python2-extras-2.14.2-4.fc6|(none)
gstreamer-plugins-base-0.10.9-6.el5|(none)
gnome-session-2.16.0-6.el5|(none)
xorg-x11-drv-siliconmotion-1.4.1-2.1|(none)
xorg-x11-drv-sis-0.9.1-7|(none)
xorg-x11-drv-dynapro-1.1.0-2|(none)
xorg-x11-drv-savage-2.1.1-5.fc6|(none)
xorg-x11-drv-tdfx-1.2.1-3.1|(none)
xorg-x11-drv-vmware-10.13.0-2.1|(none)
firstboot-1.4.27.3-1.el5|(none)
pygtk2-devel-2.10.1-8.el5|(none)
libXvMC-devel-1.0.2-2.1|(none)
libXdamage-devel-1.0.3-2.1|(none)
libXxf86vm-devel-1.0.1-3.1|(none)
libXfontcache-devel-1.0.2-3.1|(none)
rpm-devel-4.4.2-47.el5|(none)
libbonoboui-devel-2.16.0-1.fc6|(none)
gnome-panel-devel-2.16.1-6.el5|(none)
librsvg2-devel-2.16.1-1.el5|(none)
gnome-vfs2-devel-2.16.2-4.el5|(none)
xen-libs-3.0.3-41.el5|(none)
libxml2-2.6.26-2.1.2.1|(none)
fontconfig-2.4.1-7.el5|(none)
libpng-devel-1.2.10-7.1.el5_0.1|2
ghostscript-8.15.2-9.1.el5_1.1|(none)
pcre-6.6-2.el5_1.7|(none)
postgresql-libs-8.1.11-1.el5_1.1|(none)
samba-client-3.0.25b-1.el5_1.4|0
rsh-0.17-38.el5|(none)
hal-devel-0.5.8.1-25.el5_1.1|(none)
libXfont-devel-1.2.2-1.0.3.el5_1|(none)
kernel-xen-2.6.18-53.1.13.el5|(none)
jakarta-commons-collections-3.1-6jpp.1|0
sun-jaf-1.1-3jpp|0
java-1.4.2-gcj-compat-devel-1.4.2.0-40jpp.112|0
ant-1.6.5-2jpp.2|0
jakarta-commons-validator-1.1.4-5jpp.1|0
sun-javadb-demo-10.3.1-4.1|(none)
jss-4.2.5-1.fc6|(none)
postgresql-server-8.1.11-1.el5_1.1|(none)
pcre-devel-6.6-2.el5_1.7|(none)
perl-DBI-1.602-1.el5.rf|(none)
libtool-ltdl-devel-1.5.22-6.1|(none)
perl-IO-Zlib-1.09-1.el5.rf|(none)
perl-Unicode-Map8-0.12-1.el5.rf|(none)
perl-XML-SAX-0.16-1.el5.rf|(none)
dhcp-3.0.5-7.el5|12
tzdata-2007k-2.el5|(none)
poppler-0.5.4-4.4.el5_1|(none)
libvirt-0.2.3-9.el5_1.1|(none)
jpackage-utils-1.7.5-1jpp|0
tomcat5-servlet-2.4-api-5.5.23-0jpp.3.0.3.el5_1|0
clamav-0.93-2.el5.rf|(none)
kernel-xen-devel-2.6.18-53.1.14.el5|(none)
setup-2.5.58-1.el5|(none)
libstdc++-4.1.2-14.el5|(none)
atk-1.12.2-1.fc6|(none)
freetype-2.2.1-19.el5|(none)
freetype-2.2.1-19.el5|(none)
make-3.81-1.1|1
libtiff-3.8.2-7.el5|(none)
gnutls-1.4.1-2|(none)
hesiod-3.1.0-8|(none)
lcms-1.15-1.2.2|(none)
desktop-file-utils-0.10-7|(none)
keyutils-libs-1.2-1.el5|(none)
gamin-0.1.7-8.el5|(none)
libogg-1.1.3-3.el5|2
bzip2-1.0.3-3|(none)
cdparanoia-libs-alpha9.8-27.2|(none)
netpbm-10.35-6.fc6|(none)
bluez-libs-3.7-1|(none)
lcms-1.15-1.2.2|(none)
libdrm-2.0.2-1.1|(none)
libXt-1.0.2-3.1.fc6|(none)
libxkbfile-1.0.3-3.1|(none)
libXxf86misc-1.0.1-3.1|(none)
libXxf86vm-1.0.1-3.1|(none)
libXres-1.0.1-3.1|(none)
libXmu-1.0.2-5|(none)
perl-libwww-perl-5.805-1.1.1|(none)
xorg-x11-twm-1.0.1-3.1|1
libiec61883-1.0.0-11.fc6|(none)
libsoup-2.2.98-2.el5|(none)
libxslt-1.1.17-2|(none)
shared-mime-info-0.19-3.el5|(none)
talk-0.17-29.2.2|(none)
cdrdao-1.2.1-2|(none)
rdate-1.4-6|(none)
rdist-6.1.5-44|1
liboil-0.3.8-2.1|(none)
libXxf86dga-1.0.1-3.1|(none)
cyrus-sasl-plain-2.1.22-4|(none)
libaio-0.3.106-3.2|(none)
grub-0.97-13|(none)
desktop-backgrounds-basic-2.0-37|(none)
emacs-leim-21.4-19.el5|(none)
parted-1.8.1-12.el5|(none)
rhpl-0.194.1-1|(none)
psmisc-22.2-5|(none)
python-elementtree-1.2.6-5|(none)
pyOpenSSL-0.6-1.p24.7.2.2|(none)
libutempter-1.1.4-3.fc6|(none)
alsa-utils-1.0.14-2.rc4.el5|(none)
stunnel-4.15-2|(none)
cryptsetup-luks-1.0.3-2.2.el5|(none)
newt-0.52.2-9|(none)
libuser-0.54.7-2.el5.2|(none)
qt-3.3.6-23.el5|1
SysVinit-2.86-14|(none)
dhcdbd-2.2-1.el5|(none)
authconfig-5.3.12-2.el5|(none)
system-config-printer-libs-0.7.32.5-1.el5|(none)
setools-3.0-3.el5|(none)
ipsec-tools-0.6.5-8.el5|(none)
xorg-x11-utils-7.1-2.fc6|(none)
pam_krb5-2.2.14-1|(none)
hwdata-0.211-1|(none)
libgnomecanvas-2.14.0-4.1|(none)
libglade2-2.6.0-2|(none)
bluez-utils-3.7-2|(none)
gnome-keyring-0.6.0-1.fc6|(none)
redhat-lsb-3.1-12.3.EL|(none)
coolkey-1.1.0-5.el5|(none)
gmp-4.1.4-10.el5|(none)
xmlsec1-1.2.9-8.1|(none)
atk-devel-1.12.2-1.fc6|(none)
ORBit2-devel-2.14.3-4.el5|(none)
giflib-4.1.3-7.1.el5.1|(none)
libpfm-3.2-0.060926.4.el5|(none)
glib2-devel-2.12.3-2.fc6|(none)
swig-1.3.29-2.el5|(none)
rcs-5.7-30.1|(none)
libmng-devel-1.0.9-5.1|(none)
giflib-devel-4.1.3-7.1.el5.1|(none)
boost-devel-1.33.1-10.el5|(none)
libgtop2-devel-2.14.4-3.el5|(none)
pcsc-lite-devel-1.3.1-7|(none)
libtiff-devel-3.8.2-7.el5|(none)
pstack-1.2-7.2.2|(none)
kudzu-devel-1.2.57.1.15-1|(none)
apr-1.2.7-11|(none)
libXext-devel-1.0.1-2.1|(none)
libXi-devel-1.0.1-3.1|(none)
opensp-1.5.2-4|(none)
apr-util-1.2.7-6|(none)
libXt-devel-1.0.2-3.1.fc6|(none)
python-devel-2.4.3-19.el5|(none)
python-devel-2.4.3-19.el5|(none)
authconfig-gtk-5.3.12-2.el5|(none)
vte-0.14.0-2.el5|(none)
gnome-user-docs-2.16.0-2.fc6|(none)
libX11-devel-1.0.3-8.0.1.el5|(none)
libSM-devel-1.0.1-3.1|(none)
psgml-1.2.5-4.3|(none)
pam-devel-0.99.6.2-3.26.el5|(none)
mesa-libGL-devel-6.5.1-7.5.el5|(none)
libXdmcp-devel-1.0.1-2.1|(none)
system-config-soundcard-2.0.6-1.el5|(none)
libgnome-2.16.0-6.el5|(none)
libgnomeprintui22-2.12.1-6|(none)
gtkhtml2-2.11.0-3|(none)
xorg-x11-fonts-ISO8859-1-100dpi-7.1-2.1.el5|(none)
nautilus-extensions-2.16.2-6.el5|(none)
libgail-gnome-1.1.3-1.2.1|(none)
nautilus-open-terminal-0.6-6.el5|(none)
gok-1.2.0-2.el5|(none)
xorg-x11-drv-mouse-1.1.1-1.1|(none)
gnome-python2-applet-2.16.0-1.fc6|(none)
setroubleshoot-1.8.11-4.el5|(none)
gstreamer-0.10.9-3.el5|(none)
sound-juicer-2.16.0-3.el5|(none)
xorg-x11-drv-fpit-1.1.0-1.1|(none)
xorg-x11-drv-s3virge-1.9.1-2.1|(none)
xorg-x11-drv-aiptek-1.0.1-2|(none)
xorg-x11-drv-vga-4.1.0-2.1|(none)
xorg-x11-drv-i810-1.6.5-9.6.el5|(none)
xorg-x11-drv-elo2300-1.1.0-1.1|(none)
libXaw-devel-1.0.2-8.1|(none)
libXevie-devel-1.0.1-3.1|(none)
libXxf86dga-devel-1.0.1-3.1|(none)
libXxf86misc-devel-1.0.1-3.1|(none)
coolkey-devel-1.1.0-5.el5|(none)
libgnomeprint22-devel-2.12.1-9.el5|(none)
bug-buddy-2.16.0-2.el5|1
gnome-panel-devel-2.16.1-6.el5|(none)
libwvstreams-4.2.2-2.1|(none)
xen-3.0.3-41.el5|(none)
quagga-0.98.6-5.el5|0
glibc-2.5-18.el5_1.1|(none)
dbus-1.0.0-6.3.el5_1|(none)
rhn-client-tools-0.4.16-2.el5_1.9|(none)
flac-1.1.2-28.el5_0.1|(none)
cairo-1.2.4-3.el5_1|(none)
rhn-setup-0.4.16-2.el5_1.9|(none)
dbus-x11-1.0.0-6.3.el5_1|(none)
mcstrans-0.2.6-1.el5_1.1|(none)
yum-rhn-plugin-0.5.2-5.el5_1.2|(none)
dbus-devel-1.0.0-6.3.el5_1|(none)
e2fsprogs-devel-1.39-10.el5_1.1|(none)
gpg-pubkey-c431416d-3db4c821|(none)
regexp-1.4-2jpp.2|0
bcel-5.1-8jpp.1|0
gnu-crypto-sasl-jdk1.4-2.1.0-2jpp.1|0
axis-1.2.1-2jpp.6|0
sun-javadb-common-10.3.1-4.1|(none)
gpg-pubkey-4f2a6fd2-3f9d9d3b|(none)
cyrus-sasl-gssapi-2.1.22-4|(none)
fedora-ds-1.1.0-3.fc6|(none)
ldapsdk-4.17-3jpp|1
mod_ssl-2.2.3-11.el5_1.3|1
vaclook-1.2.6.1-2|(none)
expect-5.43.0-5.1|(none)
libtool-ltdl-1.5.22-6.1|(none)
courier-authlib-pipe-0.60.2-1.rh5Server|(none)
perl-IO-Socket-SSL-1.13-1.el5.rf|(none)
maildrop-man-2.0.4-1.5Server|(none)
perl-Crypt-SmbHash-0.12-1.2.el5.rf|(none)
sun-mail-1.4-3jpp|0
firefox-1.5.0.12-15.el5_1|(none)
xrestop-0.4-1.el5.rf|(none)
lftp-3.7.0-1.el5.rf|(none)
kpartx-0.4.7-12.el5_1.3|(none)
kernel-headers-2.6.18-53.1.14.el5|(none)
ImageMagick-6.2.8.0-4.el5_1.1|(none)
subversion-1.4.6-0.1.el5.rf|(none)
libgcc-4.1.2-14.el5|(none)
cracklib-dicts-2.8.9-3.3|(none)
chkconfig-1.3.30.1-1|(none)
mktemp-1.5-23.2.2|3
audit-libs-1.5.5-7.el5|(none)
expat-1.95.8-8.2.1|(none)
libtermcap-2.0.8-46.1|(none)
nspr-4.6.5-3.el5|(none)
libstdc++-4.1.2-14.el5|(none)
libSM-1.0.1-3.1|(none)
procps-3.2.7-8.1.el5|(none)
gdbm-1.8.0-26.2.1|(none)
pkgconfig-0.21-1.fc6|1
cpio-2.6-20|(none)
libtiff-3.8.2-7.el5|(none)
elfutils-libelf-0.125-3.el5|(none)
ncurses-5.5-24.20060715|(none)
cyrus-sasl-lib-2.1.22-4|(none)
binutils-2.17.50.0.6-5.el5|(none)
libart_lgpl-2.3.17-4|(none)
slang-2.0.6-4.el5|(none)
less-394-5.el5|(none)
m4-1.4.5-3.el5.1|(none)
ORBit2-2.14.3-4.el5|(none)
wireless-tools-28-2.el5|1
libraw1394-1.2.1-1.fc6|(none)
readline-5.1-1.1|(none)
ORBit2-2.14.3-4.el5|(none)
libdaemon-0.10-5.el5|(none)
perl-Compress-Zlib-1.42-1.fc6|(none)
groff-1.18.1.1-11.1|(none)
audiofile-0.2.6-5|1
bc-1.06-21|(none)
pcsc-lite-libs-1.3.1-7|(none)
mailx-8.1.1-44.2.2|(none)
mingetty-1.07-5.2.2|(none)
libdaemon-0.10-5.el5|(none)
aspell-0.60.3-7.1|12
wireless-tools-28-2.el5|1
keyutils-libs-1.2-1.el5|(none)
xorg-x11-filesystem-7.1-2.fc6|(none)
libXrender-0.9.1-3.1|(none)
libXi-1.0.1-3.1|(none)
libXcursor-1.1.7-1.1|(none)
startup-notification-0.8-4.1|(none)
libXtst-1.0.1-3.1|(none)
libXaw-1.0.2-8.1|(none)
libXi-1.0.1-3.1|(none)
libXdamage-1.0.3-2.1|(none)
libdmx-1.0.2-3.1|(none)
libXfontcache-1.0.2-3.1|(none)
libXdamage-1.0.3-2.1|(none)
libXres-1.0.1-3.1|(none)
rmt-0.4b41-2.fc6|(none)
libxklavier-3.0-3.el5|(none)
xorg-x11-font-utils-7.1-2|1
cdparanoia-alpha9.8-27.2|(none)
gnome-speech-0.4.5-1.fc6|(none)
iptstate-1.4-1.1.2.2|(none)
numactl-0.9.8-2.el5|(none)
libcroco-0.6.1-2.1|(none)
nano-1.3.12-1.1|(none)
mgetty-1.1.33-9.fc6|(none)
nc-1.84-10.fc6|(none)
libgtop2-2.14.4-3.el5|(none)
traceroute-2.0.1-2.el5|3
symlinks-1.2-24.2.2|(none)
unix2dos-2.2-26.2.2|(none)
dos2unix-3.1-27.1|(none)
libieee1284-0.2.9-4.el5|(none)
libdv-0.104-4.fc6.1|0
libXTrap-1.0.0-3.1|(none)
libXfontcache-1.0.2-3.1|(none)
libvorbis-1.1.2-3.el5.0|1
libxslt-1.1.17-2|(none)
libgtop2-2.14.4-3.el5|(none)
pam_smb-1.1.7-7.2.1|(none)
hesiod-3.1.0-8|(none)
aspell-en-6.0-2.1|50
gnome-mime-data-2.4.2-3.1|(none)
specspo-13-1.el5|(none)
redhat-release-notes-5Server-9|(none)
libselinux-1.33.4-4.el5|(none)
cryptsetup-luks-1.0.3-2.2.el5|(none)
nss_db-2.2-35.1|(none)
openssl-0.9.8b-8.3.el5_0.2|(none)
mesa-libGL-6.5.1-7.5.el5|(none)
dbus-python-0.70-7.el5|(none)
mesa-libGLU-6.5.1-7.5.el5|(none)
man-1.6d-1.1|(none)
gettext-0.14.6-4.el5|(none)
rpm-libs-4.4.2-47.el5|(none)
system-config-securitylevel-tui-1.6.29.1-1.el5|(none)
yum-metadata-parser-1.0-8.fc6|(none)
cracklib-2.8.9-3.3|(none)
wget-1.10.2-7.el5|(none)
wpa_supplicant-0.4.8-10.1.fc6|1
MAKEDEV-3.23-1.2|(none)
OpenIPMI-2.0.6-5.el5.4|(none)
sox-12.18.1-1|(none)
tmpwatch-2.9.7-1.1.el5.1|(none)
pyxf86config-0.3.31-2.fc6|(none)
slrn-0.9.8.1pl1-1.2.2|(none)
pkinit-nss-0.7.3-1.el5|(none)
xorg-x11-xinit-1.0.2-13.el5|(none)
mlocate-0.15-1.el5|(none)
lsof-4.78-3|(none)
libgssapi-0.10-2|(none)
cracklib-2.8.9-3.3|(none)
gnupg-1.4.5-13|(none)
PyQt-3.16-4|(none)
initscripts-8.45.17.EL-1|(none)
portmap-4.0-65.2.2.1|(none)
ypbind-1.19-8.el5|3
kbd-1.12-19.el5|(none)
foomatic-3.0.2-38.1.el5|(none)
avahi-0.6.16-1.el5|(none)
avahi-glib-0.6.16-1.el5|(none)
mdadm-2.5.4-3.el5|(none)
nfs-utils-1.0.9-24.el5|1
quota-3.13-1.2.3.2.el5|1
dhcpv6_client-0.10-33.el5|(none)
setuptool-1.19.2-1|(none)
pam_krb5-2.2.14-1|(none)
xterm-215-5.el5|(none)
avahi-glib-0.6.16-1.el5|(none)
pam_ccreds-3-5|(none)
neon-0.25.5-5.1|(none)
libutempter-1.1.4-3.fc6|(none)
GConf2-2.14.0-9.el5|(none)
libglade2-2.6.0-2|(none)
notification-daemon-0.3.5-8.el5|(none)
redhat-artwork-5.0.9-1.el5|(none)
gail-1.9.2-1.fc6|(none)
htmlview-4.0.0-1.el5|(none)
python-urlgrabber-3.1.0-2|(none)
metacity-2.16.0-8.el5|(none)
gtk2-engines-2.8.0-3.el5|(none)
metacity-2.16.0-8.el5|(none)
yum-updatesd-3.0.1-5.el5|(none)
gnome-icon-theme-2.16.0.1-4.el5|(none)
sgml-common-0.6.3-18|(none)
ifd-egate-0.05-15|(none)
kudzu-1.2.57.1.15-1|(none)
rhnsd-4.6.1-1.el5|(none)
xorg-x11-util-macros-1.0.2-4.fc6|(none)
indent-2.2.9-14.fc6|(none)
glib2-devel-2.12.3-2.fc6|(none)
xmlsec1-1.2.9-8.1|(none)
freetype-devel-2.2.1-19.el5|(none)
libtermcap-devel-2.0.8-46.1|(none)
libIDL-devel-0.8.7-1.fc6|(none)
libsepol-devel-1.15.2-1.el5|(none)
libstdc++-devel-4.1.2-14.el5|(none)
ORBit2-devel-2.14.3-4.el5|(none)
elfutils-0.125-3.el5|(none)
patchutils-0.2.31-2.2.2|(none)
dev86-0.16.17-2.2|(none)
flex-2.5.4a-41.fc6|(none)
byacc-1.9-29.2.2|(none)
libXcomposite-0.3-5.1|(none)
libvorbis-devel-1.1.2-3.el5.0|1
readline-devel-5.1-1.1|(none)
libXau-devel-1.0.1-3.1|(none)
boost-devel-1.33.1-10.el5|(none)
gdbm-devel-1.8.0-26.2.1|(none)
gpm-devel-1.20.1-74.1|(none)
netpbm-devel-10.35-6.fc6|(none)
libattr-devel-2.4.32-1.1|(none)
libogg-devel-1.1.3-3.el5|2
ncurses-devel-5.5-24.20060715|(none)
jakarta-commons-logging-1.0.4-6jpp.1|0
jakarta-commons-digester-1.7-5jpp.1|0
jakarta-commons-el-1.0-7jpp.1|0
jakarta-commons-dbcp-1.2.1-7jpp.1|0
jakarta-commons-discovery-0.3-4jpp.1|1
jakarta-commons-launcher-0.9-6jpp.1|0
log4j-1.2.13-3jpp.2|0
mx4j-3.0.1-6jpp.4|1
sun-javadb-core-10.3.1-4.1|(none)
sun-javadb-javadoc-10.3.1-4.1|(none)
gpg-pubkey-1ac70ce6-41bebeef|(none)
mod_nss-1.0.3-4.el5|(none)
lm_sensors-2.10.0-3.1|(none)
samba-3.0.25b-1.el5_1.4|0
xml-commons-resolver11-1.3.03-11jpp|0
postgresql-8.1.11-1.el5_1.1|(none)
postgresql-devel-8.1.11-1.el5_1.1|(none)
caching-nameserver-9.3.3-10.el5|30
libvirt-python-0.2.3-9.el5_1.1|(none)
tomcat5-jasper-5.5.23-0jpp.3.0.3.el5_1|0
cups-libs-1.2.4-11.14.el5_1.6|1
kernel-xen-2.6.18-53.1.14.el5|(none)
libtiff-devel-3.8.2-7.el5|(none)
atk-devel-1.12.2-1.fc6|(none)
bzip2-devel-1.0.3-3|(none)
automake15-1.5-16|(none)
pciutils-devel-2.2.3-4|(none)
elfutils-libelf-devel-0.125-3.el5|(none)
libX11-devel-1.0.3-8.0.1.el5|(none)
autoconf-2.59-12|(none)
libxslt-devel-1.1.17-2|(none)
openssl-devel-0.9.8b-8.3.el5_0.2|(none)
libXfixes-devel-4.0.1-2.1|(none)
libXinerama-devel-1.0.1-2.1|(none)
mesa-libGL-devel-6.5.1-7.5.el5|(none)
openjade-1.3.2-27|(none)
NetworkManager-glib-0.6.4-6.el5|1
kexec-tools-1.101-194.4.el5|(none)
cvs-1.11.22-5.el5|(none)
libXpm-devel-3.5.5-3|(none)
cyrus-sasl-devel-2.1.22-4|(none)
apr-util-1.2.7-6|(none)
Xaw3d-1.5E-10.1|(none)
docbook-style-xsl-1.69.1-5.1|(none)
system-config-language-1.1.18-1.el5|(none)
automake-1.9.6-2.1|(none)
gnome-doc-utils-0.8.0-2.fc6|(none)
libtool-1.5.22-6.1|(none)
system-config-services-0.9.4-1.el5|(none)
system-config-rootpassword-1.1.9.1-1|(none)
mesa-libGLU-devel-6.5.1-7.5.el5|(none)
libglade2-devel-2.6.0-2|(none)
curl-devel-7.15.5-2.el5|(none)
openssl-devel-0.9.8b-8.3.el5_0.2|(none)
libXft-devel-2.1.10-1.1|(none)
libbonobo-devel-2.16.0-1.fc6|(none)
newt-devel-0.52.2-9|(none)
liberation-fonts-0.2-2.el5|(none)
libICE-devel-1.0.1-2.1|(none)
libXcursor-devel-1.1.7-1.1|(none)
hal-cups-utils-0.6.2-5|(none)
esc-1.0.0-32.el5|(none)
xorg-x11-drv-vesa-1.3.0-8.1.el5|(none)
libbonoboui-2.16.0-1.fc6|(none)
libgnomeprintui22-2.12.1-6|(none)
gtksourceview-1.8.0-1.fc6|(none)
vnc-server-4.1.2-9.el5|(none)
libgsf-1.14.1-6.1|(none)
xorg-x11-fonts-ISO8859-1-75dpi-7.1-2.1.el5|(none)
xorg-x11-fonts-Type1-7.1-2.1.el5|(none)
libbonoboui-2.16.0-1.fc6|(none)
gnome-mount-0.5-3.el5|(none)
gcalctool-5.8.25-1.el5|(none)
libgsf-1.14.1-6.1|(none)
yelp-2.16.0-15.el5|(none)
NetworkManager-gnome-0.6.4-6.el5|1
file-roller-2.16.0-2.fc6|(none)
gnome-power-manager-2.16.0-8.el5|(none)
desktop-printing-0.19-20.el5|(none)
krb5-auth-dialog-0.7-1|(none)
gnome-python2-gconf-2.16.0-1.fc6|(none)
gnome-python2-bonobo-2.16.0-1.fc6|(none)
gnome-python2-libegg-2.14.2-4.fc6|(none)
system-config-network-1.3.99-2.el5|(none)
pirut-1.2.10-1.el5|(none)
policycoreutils-gui-1.33.12-12.el5|(none)
xorg-x11-drv-void-1.1.0-3.1|(none)
gnome-volume-manager-2.15.0-4.el5|(none)
gnome-applets-2.16.0.1-19.el5|1
rhpxl-0.41.1-1.el5|(none)
xorg-x11-drv-spaceorb-1.1.0-1.1|(none)
xorg-x11-drv-sisusb-0.8.1-4.1|(none)
xorg-x11-drv-summa-1.1.0-1.1|(none)
xorg-x11-drv-elographics-1.1.0-1.1|(none)
xorg-x11-drv-digitaledge-1.1.0-1.1|(none)
xorg-x11-drv-joystick-1.1.0-1.1|(none)
xorg-x11-drv-palmax-1.1.0-1.1|(none)
xorg-x11-drv-hyperpen-1.1.0-2|(none)
xorg-x11-drv-jamstudio-1.1.0-1.1|(none)
xorg-x11-drv-ati-6.6.3-3.2.el5|(none)
xorg-x11-drv-ur98-1.1.0-1.1|(none)
system-config-display-1.0.48-2.el5|(none)
lrzsz-0.12.20-22.1|(none)
startup-notification-devel-0.8-4.1|(none)
Xaw3d-devel-1.5E-10.1|(none)
at-spi-devel-1.7.11-2.fc6|(none)
Xaw3d-devel-1.5E-10.1|(none)
libXcomposite-devel-0.3-5.1|(none)
libXevie-devel-1.0.1-3.1|(none)
libXres-devel-1.0.1-3.1|(none)
libXtst-devel-1.0.1-3.1|(none)
libXTrap-devel-1.0.0-3.1|(none)
rpm-devel-4.4.2-47.el5|(none)
gnome-vfs2-devel-2.16.2-4.el5|(none)
libgnomeprintui22-devel-2.12.1-6|(none)
evolution-data-server-devel-1.8.0-25.el5|(none)
devhelp-0.12-11.el5|(none)
eel2-devel-2.16.1-1.el5|(none)
libgnomeui-devel-2.16.0-5.el5|(none)
xen-libs-3.0.3-41.el5|(none)
Virtualization-en-US-5.1.0-12|(none)
gpg-pubkey-37017186-45761324|(none)
gpg-pubkey-c431416d-3db4c821|(none)
glibc-2.5-18.el5_1.1|(none)
fontconfig-2.4.1-7.el5|(none)
cairo-1.2.4-3.el5_1|(none)
libpng-1.2.10-7.1.el5_0.1|2
libxml2-python-2.6.26-2.1.2.1|(none)
hal-0.5.8.1-25.el5_1.1|(none)
dbus-1.0.0-6.3.el5_1|(none)
samba-common-3.0.25b-1.el5_1.4|0
postgresql-libs-8.1.11-1.el5_1.1|(none)
libexif-0.6.13-4.0.2.el5_1.1|(none)
hal-0.5.8.1-25.el5_1.1|(none)
openldap-2.3.27-8.el5_1.3|(none)
libicu-3.6-5.11.1|(none)
selinux-policy-2.4.6-106.el5_1.3|(none)
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5|(none)
logrotate-3.7.4-8|(none)
telnet-0.17-39.el5|1
openldap-devel-2.3.27-8.el5_1.3|(none)
glibc-devel-2.5-18.el5_1.1|(none)
cairo-devel-1.2.4-3.el5_1|(none)
libxml2-devel-2.6.26-2.1.2.1|(none)
openldap-devel-2.3.27-8.el5_1.3|(none)
xorg-x11-server-Xorg-1.1.1-48.26.el5_1.5|(none)
postfix-2.3.3-2|2
gnarwl-3.3-1|(none)
gamin-devel-0.1.7-8.el5|(none)
expect-5.43.0-5.1|(none)
mysql-5.0.22-2.2.el5_1.1|(none)
libtool-ltdl-1.5.22-6.1|(none)
courier-authlib-devel-0.60.2-1.rh5Server|(none)
openldap-servers-2.3.27-8.el5_1.3|(none)
perl-Digest-HMAC-1.01-15|(none)
spamassassin-3.2.4-1.el5.rf|(none)
openldap-clients-2.3.27-8.el5_1.3|(none)
perl-Convert-ASN1-0.21-2.el5.rf|(none)
smbldap-tools-0.9.4-1.el5.rf|(none)
speex-1.0.5-4.el5_1.1|(none)
virt-manager-0.4.0-3.el5_1.1|(none)
rhn-virtualization-host-1.0.1-55|(none)
libvirt-0.2.3-9.el5_1.1|(none)
krb5-devel-1.6.1-17.el5_1.1|(none)
device-mapper-multipath-0.4.7-12.el5_1.3|(none)
idm-console-framework-1.1.1-2.fc6|(none)
java-1.6.0-sun-compat-1.6.0.06-1jpp|0
tomcat5-common-lib-5.5.23-0jpp.3.0.3.el5_1|0
perl-Parse-RecDescent-1.94-1.el5.rf|(none)
libgcc-4.1.2-14.el5|(none)
basesystem-8.0-5.1.1|(none)
zlib-1.2.3-3|(none)
zlib-1.2.3-3|(none)
atk-1.12.2-1.fc6|(none)
libjpeg-6b-37|(none)
libusb-0.1.12-5.1|(none)
ncurses-5.5-24.20060715|(none)
readline-5.1-1.1|(none)
libsepol-1.15.2-1.el5|(none)
libICE-1.0.1-2.1|(none)
bzip2-libs-1.0.3-3|(none)
libjpeg-6b-37|(none)
tcp_wrappers-7.6-40.4.el5|(none)
libogg-1.1.3-3.el5|2
sqlite-3.3.6-2|(none)
tcl-8.4.13-3.fc6|(none)
libacl-2.2.39-2.1.el5|(none)
nspr-4.6.5-3.el5|(none)
libgcrypt-1.2.3-1|(none)
iproute-2.6.18-4.el5|(none)
libfontenc-1.0.2-2.2.el5|(none)
gnutls-1.4.1-2|(none)
libcap-1.10-26|(none)
nss-tools-3.11.7-1.3.el5|(none)
time-1.7-27.2.2|(none)
libIDL-0.8.7-1.fc6|(none)
pax-3.4-1.2.2|(none)
dmidecode-2.7-1.28.2.el5|1
beecrypt-4.1.2-10.1.1|(none)
libIDL-0.8.7-1.fc6|(none)
libvolume_id-095-14.9.el5|(none)
libvorbis-1.1.2-3.el5.0|1
perl-String-CRC32-1.4-2.fc6|(none)
gpm-1.20.1-74.1|(none)
procmail-3.22-17.1|(none)
grep-2.5.1-54.2.el5|(none)
libevent-1.1a-3.2.1|(none)
ethtool-5-1.el5|(none)
libvolume_id-095-14.9.el5|(none)
svrcore-4.0.4-3.el5|(none)
audiofile-0.2.6-5|1
libattr-2.4.32-1.1|(none)
netpbm-10.35-6.fc6|(none)
libXext-1.0.1-2.1|(none)
libXrandr-1.1.1-3.1|(none)
libXfixes-4.0.1-2.1|(none)
libXrender-0.9.1-3.1|(none)
redhat-menus-6.7.8-2.el5|(none)
libXpm-3.5.5-3|(none)
libXinerama-1.0.1-2.1|(none)
redhat-logos-4.9.16-1|(none)
libXevie-1.0.1-3.1|(none)
libXv-1.0.1-4.1|(none)
tclx-8.4.0-5.fc6|(none)
libXevie-1.0.1-3.1|(none)
crontabs-1.10-8|(none)
xorg-x11-xkb-utils-1.0.2-2.1|(none)
netpbm-progs-10.35-6.fc6|(none)
dvd+rw-tools-7.0-0.el5.3|(none)
sysfsutils-2.0.0-6|(none)
crash-4.0-4.6.1|(none)
attr-2.4.32-1.1|(none)
fbset-2.1-22|(none)
svrcore-4.0.4-3.el5|(none)
mcelog-0.7-1.22.fc6|1
cdrecord-2.01-10|9
gstreamer-tools-0.10.9-3.el5|(none)
vconfig-1.9-2.1|(none)
pam_smb-1.1.7-7.2.1|(none)
tree-1.5.0-4|(none)
setarch-2.0-1.1|(none)
brlapi-0.4.1-1.fc6|(none)
libaio-0.3.106-3.2|(none)
libXScrnSaver-1.1.0-3.1|(none)
libXv-1.0.1-4.1|(none)
numactl-0.9.8-2.el5|(none)
libtermcap-2.0.8-46.1|(none)
pam_passwdqc-1.0.2-1.2.2|(none)
dump-0.4b41-2.fc6|(none)
bitstream-vera-fonts-1.10-7|(none)
comps-extras-11.1-1.1|(none)
man-pages-2.39-10.el5|(none)
gnome-audio-2.0.0-3.1.1|(none)
device-mapper-1.02.20-1.el5|(none)
mesa-libGLU-6.5.1-7.5.el5|(none)
libselinux-1.33.4-4.el5|(none)
findutils-4.2.27-4.1|1
python-2.4.3-19.el5|(none)
module-init-tools-3.3-0.pre3.1.34.el5|(none)
newt-0.52.2-9|(none)
net-tools-1.60-73|(none)
audit-libs-python-1.5.5-7.el5|(none)
rpm-python-4.4.2-47.el5|(none)
ntsysv-1.3.30.1-1|(none)
python-sqlite-1.1.7-1.2.1|(none)
PyXML-0.8.4-4|(none)
OpenIPMI-libs-2.0.6-5.el5.4|(none)
tcsh-6.14-12.el5|(none)
vim-minimal-7.0.109-3.el5.3|2
amtu-1.0.4-4|(none)
esound-0.2.36-3|1
irda-utils-0.9.17-2.fc6|(none)
gnome-menus-2.16.0-2.fc6|(none)
elinks-0.11.1-5.1.0.1.el5|(none)
psacct-6.3.2-41.1|(none)
a2ps-4.13b-57.1.el5|(none)
tcpdump-3.9.4-11.el5|14
nss_db-2.2-35.1|(none)
dbus-glib-0.70-5|(none)
libXft-2.1.10-1.1|(none)
pam-0.99.6.2-3.26.el5|(none)
paps-0.6.6-17.el5|(none)
libpcap-0.9.4-11.el5|14
pycairo-1.2.0-1.1|(none)
passwd-0.73-1|(none)
openssh-4.3p2-24.el5|(none)
vixie-cron-4.1-72.el5|4
avahi-0.6.16-1.el5|(none)
mkinitrd-5.1.19.6-19|(none)
gphoto2-2.2.0-3.el5|(none)
mutt-1.4.2.2-3.0.2.el5|5
openssh-server-4.3p2-24.el5|(none)
mkinitrd-5.1.19.6-19|(none)
microcode_ctl-1.17-1.42.el5|1
rng-utils-2.0-1.14.1.fc6|1
pam_ccreds-3-5|(none)
pam_pkcs11-0.5.3-23|(none)
xorg-x11-apps-7.1-4.0.1.el5|(none)
esound-0.2.36-3|1
pam_pkcs11-0.5.3-23|(none)
curl-7.15.5-2.el5|(none)
gnome-menus-2.16.0-2.fc6|(none)
gtk2-2.10.4-19.el5|(none)
GConf2-2.14.0-9.el5|(none)
libwnck-2.16.0-4.fc6|(none)
gtk2-engines-2.8.0-3.el5|(none)
gail-1.9.2-1.fc6|(none)
rhnlib-2.2.5-1.el5|(none)
gnome-mag-0.13.1-1.fc6|(none)
pygtk2-libglade-2.10.1-8.el5|(none)
gnome-mag-0.13.1-1.fc6|(none)
yum-3.0.1-5.el5|(none)
ghostscript-fonts-5.50-13.1.1|(none)
logwatch-7.3-5|(none)
pcsc-lite-1.3.1-7|(none)
smartmontools-5.36-3.1.el5|1
busybox-1.2.0-3|1
libgomp-4.1.2-14.el5|(none)
elfutils-libs-0.125-3.el5|(none)
zlib-devel-1.2.3-3|(none)
libXau-devel-1.0.1-3.1|(none)
libattr-devel-2.4.32-1.1|(none)
slang-devel-2.0.6-4.el5|(none)
gcc-4.1.2-14.el5|(none)
audiofile-devel-0.2.6-5|1
gcc-gfortran-4.1.2-14.el5|(none)
libXcomposite-0.3-5.1|(none)
valgrind-3.2.1-6.el5|1
texinfo-4.8-14.el5|(none)
joystick-1.2.15-20.2.2|(none)
splint-3.1.1-16.el5|(none)
libXvMC-1.0.2-2.1|(none)
giflib-devel-4.1.3-7.1.el5.1|(none)
libvorbis-devel-1.1.2-3.el5.0|1
readline-devel-5.1-1.1|(none)
libfontenc-devel-1.0.2-2.2.el5|(none)
hesiod-devel-3.1.0-8|(none)
gpm-devel-1.20.1-74.1|(none)
gmp-devel-4.1.4-10.el5|(none)
libdrm-devel-2.0.2-1.1|(none)
sqlite-devel-3.3.6-2|(none)
bzip2-devel-1.0.3-3|(none)
libcap-devel-1.10-26|(none)
eclipse-ecj-3.2.1-18.el5|1
libgcj-devel-4.1.2-14.el5|(none)
jakarta-commons-fileupload-1.0-6jpp.1|1
jakarta-commons-daemon-1.0.1-6jpp.1|1
geronimo-specs-1.0-0.M2.2jpp.12|0
saxon-6.5.3-5jpp|0
jakarta-oro-2.0.8-3jpp.1|0
sun-javadb-client-10.3.1-4.1|(none)
postgresql-contrib-8.1.11-1.el5_1.1|(none)
postgresql-jdbc-8.1.407-2jpp|0
gpg-pubkey-6b8d79e6-3f49313d|(none)
jdk-1.6.0_06-fcs|2000
perl-Crypt-PasswdMD5-1.3-1.2.el5.rf|(none)
krb5-libs-1.6.1-17.el5_1.1|(none)
gnome-screensaver-2.16.1-5.el5_1.1|(none)
tomcat5-jsp-2.0-api-5.5.23-0jpp.3.0.3.el5_1|0
fedora-ds-admin-console-1.1.1-2.fc6|(none)
Nessus-3.2.1-es5|(none)
db4-devel-4.3.29-9.fc6|(none)
expat-devel-1.95.8-8.2.1|(none)
libart_lgpl-devel-2.3.17-4|(none)
redhat-rpm-config-8.0.45-22.el5|(none)
pygtk2-codegen-2.10.1-8.el5|(none)
apr-1.2.7-11|(none)
libselinux-devel-1.33.4-4.el5|(none)
cyrus-sasl-devel-2.1.22-4|(none)
libgcj-4.1.2-14.el5|(none)
libgcj-4.1.2-14.el5|(none)
xml-common-0.6.3-18|(none)
libICE-devel-1.0.1-2.1|(none)
libXrandr-devel-1.1.1-3.1|(none)
gtk2-devel-2.10.4-19.el5|(none)
libXdmcp-devel-1.0.1-2.1|(none)
libwmf-0.2.8.4-10.1|(none)
usermode-gtk-1.88-3.el5|(none)
oprofile-0.9.2-6.el5|(none)
frysk-0.0.1.2007.06.21.rh2-4.el5|(none)
pango-devel-1.14.9-3.el5|(none)
newt-perl-1.08-9.2.2|(none)
Xaw3d-1.5E-10.1|(none)
docbook-dtds-1.0-30.1|(none)
docbook-style-dsssl-1.79-4.1|(none)
system-config-securitylevel-1.6.29.1-1.el5|(none)
alsa-lib-devel-1.0.14-1.rc4.el5|(none)
ntp-4.2.2p1-7.el5|(none)
gtk-doc-1.7-1.fc6|(none)
lockdev-devel-1.0.1-10|(none)
libuser-devel-0.54.7-2.el5.2|(none)
gail-devel-1.9.2-1.fc6|(none)
libXmu-devel-1.0.2-5|(none)
curl-devel-7.15.5-2.el5|(none)
gnome-themes-2.16.0-1.fc6|(none)
GConf2-devel-2.14.0-9.el5|(none)
gnome-keyring-devel-0.6.0-1.fc6|(none)
libXrender-devel-0.9.1-3.1|(none)
dejavu-lgc-fonts-2.10-1|(none)
libXfixes-devel-4.0.1-2.1|(none)
java-1.4.2-gcj-compat-1.4.2.0-40jpp.112|0
chkfontpath-1.10.1-1.1|(none)
xorg-x11-xfs-1.0.2-4|1
libgnomeui-2.16.0-5.el5|(none)
libgnomeprint22-2.12.1-9.el5|(none)
evolution-data-server-1.8.0-25.el5|(none)
sane-frontends-1.0.14-1.2.2|(none)
librsvg2-2.16.1-1.el5|(none)
gtkhtml3-3.12.0-1.fc6|(none)
xorg-x11-fonts-100dpi-7.1-2.1.el5|(none)
xorg-x11-fonts-truetype-7.1-2.1.el5|(none)
libgnomeui-2.16.0-5.el5|(none)
eel2-2.16.1-1.el5|(none)
evolution-data-server-1.8.0-25.el5|(none)
gnome-netstatus-2.12.0-5.el5|(none)
librsvg2-2.16.1-1.el5|(none)
nautilus-2.16.2-6.el5|(none)
gnome-utils-2.16.0-3.el5|1
eog-2.16.0.1-6.el5|(none)
gnome-system-monitor-2.16.0-3.el5|(none)
gnome-python2-canvas-2.16.0-1.fc6|(none)
sabayon-2.12.4-5.el5|(none)
gnome-python2-gtkhtml2-2.14.2-4.fc6|(none)
gnome-python2-gtksourceview-2.16.0-1.fc6|(none)
gedit-2.16.0-5.el5|1
system-config-lvm-1.0.22-1.0.el5|(none)
gnome-media-2.16.1-3.el5|(none)
control-center-2.16.0-14.el5|1
orca-1.0.0-5.el5|(none)
xorg-x11-drv-microtouch-1.1.0-1.1|(none)
xorg-x11-drv-penmount-1.1.0-2.1|(none)
xorg-x11-drv-tek4957-1.1.0-1.1|(none)
xorg-x11-drv-cirrus-1.1.0-2.fc6|(none)
xorg-x11-drv-via-0.2.1-9|(none)
xorg-x11-drv-magellan-1.1.0-1.1|(none)
xorg-x11-drv-nv-2.1.2-1.el5|(none)
xorg-x11-drv-dummy-0.2.0-2.1|(none)
xorg-x11-drv-s3-0.4.1-2.1|(none)
xorg-x11-drv-fbdev-0.3.0-2|(none)
xorg-x11-drv-mga-1.4.2-6.el5|(none)
linuxwacom-0.7.4.3-2.el5|0
bridge-utils-1.1-2|(none)
dbus-glib-devel-0.70-5|(none)
pygtk2-devel-2.10.1-8.el5|(none)
at-spi-devel-1.7.11-2.fc6|(none)
SDL-devel-1.2.10-8.el5|(none)
libXdamage-devel-1.0.3-2.1|(none)
libXScrnSaver-devel-1.1.0-3.1|(none)
libXres-devel-1.0.1-3.1|(none)
libXtst-devel-1.0.1-3.1|(none)
libXTrap-devel-1.0.0-3.1|(none)
rpm-build-4.4.2-47.el5|(none)
libgnomeui-devel-2.16.0-5.el5|(none)
gnome-desktop-devel-2.16.0-1.fc6|(none)
libbonoboui-devel-2.16.0-1.fc6|(none)
eel2-devel-2.16.1-1.el5|(none)
gnome-desktop-devel-2.16.0-1.fc6|(none)
dogtail-0.6.1-2.el5|(none)
wvdial-1.54.0-5.2.2.1|(none)
gnome-python2-gnomekeyring-2.16.0-1.fc6|(none)
gnome-applet-vm-0.1.2-1.el5|(none)
glibc-common-2.5-18.el5_1.1|(none)
openldap-2.3.27-8.el5_1.3|(none)
libXfont-1.2.2-1.0.3.el5_1|(none)
perl-5.8.8-10.el5_0.2|4
libXfont-1.2.2-1.0.3.el5_1|(none)
util-linux-2.13-0.45.el5_1.1|(none)
fontconfig-devel-2.4.1-7.el5|(none)
glibc-headers-2.5-18.el5_1.1|(none)
tk-8.4.13-5.el5_1.1|(none)
e2fsprogs-libs-1.39-10.el5_1.1|(none)
hplip-1.6.7-4.1.el5_0.3|(none)
autofs-5.0.1-0.rc2.55.el5.3|1
gdb-6.5-25.el5_1.1|(none)
selinux-policy-targeted-2.4.6-106.el5_1.3|(none)
gd-devel-2.0.33-9.4.el5_1.1|(none)
hal-devel-0.5.8.1-25.el5_1.1|(none)
gd-devel-2.0.33-9.4.el5_1.1|(none)
libxml2-devel-2.6.26-2.1.2.1|(none)
kernel-xen-devel-2.6.18-53.1.13.el5|(none)
xorg-x11-drv-keyboard-1.1.0-3|(none)
adminutil-1.1.5-1.fc6|(none)
mozldap-tools-6.0.5-1.el5|(none)
fedora-ds-base-1.1.0-3.fc6|(none)
samba-common-3.0.25b-1.el5_1.4|0
xml-commons-resolver10-1.3.03-11jpp|0
clamsmtp-1.9-1|(none)
pcre-6.6-2.el5_1.7|(none)
tcl-8.4.13-3.fc6|(none)
perl-PlRPC-0.2020-1.el5.rf|(none)
mysql-devel-5.0.22-2.2.el5_1.1|(none)
libtool-ltdl-devel-1.5.22-6.1|(none)
courier-authlib-userdb-0.60.2-1.rh5Server|(none)
courier-imap-4.3.0-1.5Server|(none)
perl-Digest-SHA1-2.11-1.2.1|(none)
perl-Net-DNS-0.63-1.el5.rf|(none)
maildrop-devel-2.0.4-1.5Server|(none)
perl-Unicode-String-2.09-1.2.el5.rf|(none)
perl-Jcode-2.06-1.el5.rf|(none)
perl-XML-NamespaceSupport-1.09-1.2.1|(none)
jdk-1.6.0_05-fcs|2000
cadaver-0.22.5-1.el5.rf|(none)
squid-2.6.STABLE6-5.el5_1.3|7
rhn-virtualization-common-1.0.1-55|(none)
mtr-0.72-1.el5.rf|2
krb5-devel-1.6.1-17.el5_1.1|(none)
perl-HTML-Parser-3.56-1.el5.rf|(none)
fedora-idm-console-1.1.1-1.fc6|(none)
clamav-db-0.93-2.el5.rf|(none)
clamd-0.93-2.el5.rf|(none)
filesystem-2.4.0-1|(none)
popt-1.10.2-47.el5|(none)
audit-libs-1.5.5-7.el5|(none)
sed-4.1.5-5.fc6|(none)
libsepol-1.15.2-1.el5|(none)
popt-1.10.2-47.el5|(none)
libgpg-error-1.4-2|(none)
libidn-0.6.5-1.1|(none)
libusb-0.1.12-5.1|(none)
slang-2.0.6-4.el5|(none)
libmng-1.0.9-5.1|(none)
gamin-0.1.7-8.el5|(none)
libsysfs-2.0.0-6|(none)
libfontenc-1.0.2-2.2.el5|(none)
pcsc-lite-libs-1.3.1-7|(none)
vim-common-7.0.109-3.el5.3|2
libXdmcp-1.0.1-2.1|(none)
libhugetlbfs-lib-1.0.1-1.el5|(none)
libidn-0.6.5-1.1|(none)
elfutils-libelf-0.125-3.el5|(none)
libXmu-1.0.2-5|(none)
libXext-1.0.1-2.1|(none)
startup-notification-0.8-4.1|(none)
libXpm-3.5.5-3|(none)
libXxf86dga-1.0.1-3.1|(none)
libXtst-1.0.1-3.1|(none)
redhat-release-5Server-5.1.0.2|(none)
libXScrnSaver-1.1.0-3.1|(none)
libavc1394-0.5.3-1.fc6|(none)
jwhois-3.2.3-8.el5|(none)
enscript-1.6.4-4.1.el5|(none)
libmusicbrainz-2.1.1-4.1|(none)
finger-0.17-32.2.1.1|(none)
pam_passwdqc-1.0.2-1.2.2|(none)
libFS-1.0.0-3.1|(none)
libXxf86misc-1.0.1-3.1|(none)
libsoup-2.2.98-2.el5|(none)
tcp_wrappers-7.6-40.4.el5|(none)
emacspeak-23.0-2.1|(none)
xkeyboard-config-0.8-7.fc6|(none)
gnome-backgrounds-2.15.92-1.fc6|(none)
freeglut-2.4.0-7.1.el5|(none)
coreutils-5.97-12.1.el5|(none)
rpm-4.4.2-47.el5|(none)
tar-1.15.1-23.0.1.el5|2
dmraid-1.0.0.rc13-4.el5|(none)
lvm2-2.02.26-3.el5|(none)
m2crypto-0.16-6.el5.1|(none)
sip-4.4.5-3|(none)
mtools-3.9.10-2.fc6|(none)
conman-0.1.9.2-8.el5|(none)
parted-1.8.1-12.el5|(none)
gettext-0.14.6-4.el5|(none)
at-3.1.8-82.fc6|(none)
ppp-2.4.4-1.el5|(none)
usermode-1.88-3.el5|(none)
sysklogd-1.4.1-40.el5|(none)
which-2.16-7|(none)
fetchmail-6.3.6-1.1.el5|(none)
libgnomecups-0.2.2-8|(none)
rp-pppoe-3.5-32.1|(none)
nss_ldap-253-5.el5|(none)
libuser-0.54.7-2.el5.2|(none)
hicolor-icon-theme-0.9-2.1|(none)
pygtk2-2.10.1-8.el5|(none)
libgnomecanvas-2.14.0-4.1|(none)
notify-python-0.1.0-3.fc6|(none)
libwnck-2.16.0-4.fc6|(none)
redhat-lsb-3.1-12.3.EL|(none)
NetworkManager-0.6.4-6.el5|1
firstboot-tui-1.4.27.3-1.el5|(none)
imake-1.0.2-3|(none)
gmp-4.1.4-10.el5|(none)
giflib-4.1.3-7.1.el5.1|(none)
libogg-devel-1.1.3-3.el5|2
gcc-c++-4.1.2-14.el5|(none)
bison-2.3-2.1|(none)
doxygen-1.4.7-1.1|1
ctags-5.6-1.1|(none)
libmng-devel-1.0.9-5.1|(none)
freetype-devel-2.2.1-19.el5|(none)
hesiod-devel-3.1.0-8|(none)
gmp-devel-4.1.4-10.el5|(none)
pcsc-lite-devel-1.3.1-7|(none)
db4-devel-4.3.29-9.fc6|(none)
zlib-devel-1.2.3-3|(none)
kudzu-devel-1.2.57.1.15-1|(none)
xorg-x11-proto-devel-7.1-9.fc6|(none)
libXcursor-devel-1.1.7-1.1|(none)
glib-java-0.2.6-3.fc6|(none)
gtk2-devel-2.10.4-19.el5|(none)
SDL-1.2.10-8.el5|(none)
SDL-1.2.10-8.el5|(none)
systemtap-runtime-0.5.14-1.el5|(none)
bitmap-fonts-0.3-5.1.1|(none)
systemtap-0.5.14-1.el5|(none)
pam-devel-0.99.6.2-3.26.el5|(none)
libXmu-devel-1.0.2-5|(none)
automake17-1.7.9-7|(none)
libuser-devel-0.54.7-2.el5.2|(none)
libXext-devel-1.0.1-2.1|(none)
libXrandr-devel-1.1.1-3.1|(none)
system-config-users-1.2.51-1.el5|(none)
gnome-vfs2-2.16.2-4.el5|(none)
libgnomeprint22-2.12.1-9.el5|(none)
eel2-2.16.1-1.el5|(none)
xorg-x11-fonts-75dpi-7.1-2.1.el5|(none)
gnome-desktop-2.16.0-1.fc6|(none)
gnome-panel-2.16.1-6.el5|(none)
nautilus-cd-burner-2.16.0-7.el5|(none)
evince-0.6.0-8.el5|(none)
gtkhtml3-3.12.0-1.fc6|(none)
im-chooser-0.3.3-6.el5|(none)
gnome-python2-gnomevfs-2.16.0-1.fc6|(none)
gnome-python2-gnomeprint-2.16.0-1.fc6|(none)
alacarte-0.10.0-1.fc6|(none)
gstreamer-plugins-good-0.10.4-4.el5|(none)
control-center-2.16.0-14.el5|1
xorg-x11-drv-trident-1.2.1-3.fc6|(none)
xorg-x11-drv-dmc-1.1.0-2|(none)
xorg-x11-drv-ast-0.81.0-3|(none)
xorg-x11-drv-magictouch-1.0.0.5-2.1|(none)
xorg-x11-drv-calcomp-1.1.0-1.1|(none)
synaptics-0.14.4-8.fc6|(none)
libXv-devel-1.0.1-4.1|(none)
SDL-devel-1.2.10-8.el5|(none)
libXaw-devel-1.0.2-8.1|(none)
libXScrnSaver-devel-1.1.0-3.1|(none)
libXxf86dga-devel-1.0.1-3.1|(none)
libXxf86misc-devel-1.0.1-3.1|(none)
coolkey-devel-1.1.0-5.el5|(none)
libcroco-devel-0.6.1-2.1|(none)
glade2-2.12.1-6.el5|(none)
evolution-data-server-devel-1.8.0-25.el5|(none)
isdn4k-utils-3.2-50.1|(none)
libpng-1.2.10-7.1.el5_0.1|2
net-snmp-libs-5.3.1-19.el5_1.4|1
hpijs-1.6.7-4.1.el5_0.3|1
dbus-devel-1.0.0-6.3.el5_1|(none)
libicu-3.6-5.11.1|(none)
gd-2.0.33-9.4.el5_1.1|(none)
e2fsprogs-1.39-10.el5_1.1|(none)
rhn-setup-gnome-0.4.16-2.el5_1.9|(none)
rhn-check-0.4.16-2.el5_1.9|(none)
libpng-devel-1.2.10-7.1.el5_0.1|2
gpg-pubkey-c431416d-3db4c821|(none)
jakarta-commons-pool-1.3-5jpp.1|0
gcc-java-4.1.2-14.el5|(none)
wsdl4j-1.5.2-4jpp.1|0
jakarta-commons-modeler-1.1-8jpp.3.el5|0
jdk-1.6.0_04-fcs|2000
perl-Mozilla-LDAP-1.5.2-4.el5|(none)
cyrus-sasl-md5-2.1.22-4|(none)
xml-commons-resolver12-1.3.03-11jpp|0
distcache-1.4.5-14.1|(none)
vacation-1.2.6.1-2|(none)
perl-Net-Daemon-0.43-1.el5.rf|(none)
mysql-devel-5.0.22-2.2.el5_1.1|(none)
courier-authlib-ldap-0.60.2-1.rh5Server|(none)
perl-Net-SSLeay-1.32-1.el5.rf|(none)
maildrop-2.0.4-1.5Server|(none)
perl-Unicode-MapUTF8-1.11-1.2.el5.rf|(none)
dnsmasq-2.41-1.el5.rf|(none)
sos-1.7-9.2.el5|(none)
krb5-libs-1.6.1-17.el5_1.1|(none)
fedora-ds-admin-1.1.2-2.fc6|(none)
fedora-ds-console-1.1.1-2.fc6|(none)
ImageMagick-6.2.8.0-4.el5_1.1|(none)
tomcat5-server-lib-5.5.23-0jpp.3.0.3.el5_1|0
nash-5.1.19.6-19|(none)
glib2-2.12.3-2.fc6|(none)
libICE-1.0.1-2.1|(none)
bash-3.1-16.1|(none)
nss-3.11.7-1.3.el5|(none)
expat-1.95.8-8.2.1|(none)
diffutils-2.8.1-15.2.2|(none)
libcap-1.10-26|(none)
libXau-1.0.1-3.1|(none)
iptables-1.3.5-1.2.1|(none)
nss-3.11.7-1.3.el5|(none)
gzip-1.3.5-9.el5|(none)
libbonobo-2.16.0-1.fc6|(none)
patch-2.5.4-29.2.2|(none)
libbonobo-2.16.0-1.fc6|(none)
iptables-ipv6-1.3.5-1.2.1|(none)
cpp-4.1.2-14.el5|(none)
dosfstools-2.11-6.2.el5|(none)
checkpolicy-1.33.1-2.el5|(none)
libdrm-2.0.2-1.1|(none)
bzip2-libs-1.0.3-3|(none)
libX11-1.0.3-8.0.1.el5|(none)
libXinerama-1.0.1-2.1|(none)
libXt-1.0.2-3.1.fc6|(none)
libXcursor-1.1.7-1.1|(none)
xorg-x11-xauth-1.0.1-2.1|1
xorg-x11-server-utils-7.1-4.fc6|(none)
libxkbfile-1.0.3-3.1|(none)
mailcap-2.1.23-1.fc6|(none)
dcraw-0.0.20060521-1.1|(none)
acl-2.2.39-2.1.el5|(none)
aspell-0.60.3-7.1|12
ttmkfdir-3.0.9-23.el5|(none)
cpuspeed-1.2.1-1.48.el5|1
setserial-2.17-19.2.2|(none)
cdda2wav-2.01-10|9
libXaw-1.0.2-8.1|(none)
libmng-1.0.9-5.1|(none)
gpm-1.20.1-74.1|(none)
gdbm-1.8.0-26.2.1|(none)
rootfiles-8.1-1.1.1|(none)
mesa-libGL-6.5.1-7.5.el5|(none)
device-mapper-1.02.20-1.el5|(none)
dbus-glib-0.70-5|(none)
alsa-lib-1.0.14-1.rc4.el5|(none)
libsemanage-1.9.1-3.el5|(none)
python-numeric-23.7-2.2.2|(none)
neon-0.25.5-5.1|(none)
bind-utils-9.3.3-10.el5|30
glx-utils-6.5.1-7.5.el5|(none)
pyorbit-2.14.1-1.1|(none)
ksh-20060214-1.4|(none)
vim-enhanced-7.0.109-3.el5.3|2
openssl-0.9.8b-8.3.el5_0.2|(none)
pango-1.14.9-3.el5|(none)
curl-7.15.5-2.el5|(none)
udev-095-14.9.el5|(none)
dhclient-3.0.5-7.el5|12
cyrus-sasl-2.1.22-4|(none)
alsa-lib-1.0.14-1.rc4.el5|(none)
yp-tools-2.9-0.1|(none)
acpid-1.0.4-5|(none)
prelink-0.3.9-2.1|(none)
sudo-1.6.8p12-10|(none)
libgnomecups-0.2.2-8|(none)
pciutils-2.2.3-4|(none)
libnotify-0.4.2-6.el5|(none)
at-spi-1.7.11-2.fc6|(none)
pinfo-0.6.9-1.fc6|(none)
gnome-keyring-0.6.0-1.fc6|(none)
yum-security-1.0.4-3.el5|(none)
rhel-instnum-1.0.7-1.el5|(none)
ccid-1.0.1-6.el5|(none)
coolkey-1.1.0-5.el5|(none)
pciutils-devel-2.2.3-4|(none)
boost-1.33.1-10.el5|(none)
libidn-devel-0.6.5-1.1|(none)
libjpeg-devel-6b-37|(none)
libgpg-error-devel-1.4-2|(none)
ltrace-0.5-6.45svn.fc6|(none)
strace-4.5.16-1.el5.1|(none)
valgrind-3.2.1-6.el5|1
libacl-devel-2.2.39-2.1.el5|(none)
xorg-x11-xtrans-devel-1.0.1-1.1.fc6|(none)
gdbm-devel-1.8.0-26.2.1|(none)
netpbm-devel-10.35-6.fc6|(none)
slang-devel-2.0.6-4.el5|(none)
ncurses-devel-5.5-24.20060715|(none)
libjpeg-devel-6b-37|(none)
automake14-1.4p6-13|(none)
elfutils-libelf-devel-static-0.125-3.el5|(none)
libXrender-devel-0.9.1-3.1|(none)
pango-devel-1.14.9-3.el5|(none)
libXt-devel-1.0.2-3.1.fc6|(none)
libgnomecanvas-devel-2.14.0-4.1|(none)
xsri-2.1.0-10.fc6|1
vorbis-tools-1.1.1-3.el5|1
zenity-2.16.0-2.el5|(none)
docbook-utils-0.6.14-5.1|(none)
esound-devel-0.2.36-3|1
system-config-kdump-1.0.12-1.el5|(none)
libgnomecanvas-devel-2.14.0-4.1|(none)
xmlsec1-devel-1.2.9-8.1|(none)
libbonobo-devel-2.16.0-1.fc6|(none)
newt-devel-0.52.2-9|(none)
antlr-2.7.6-4jpp.2|0
sane-backends-1.0.18-5.el5|(none)
urw-fonts-2.3-6.1.1|(none)
xorg-x11-fonts-base-7.1-2.1.el5|(none)
nautilus-extensions-2.16.2-6.el5|(none)
xorg-x11-fonts-misc-7.1-2.1.el5|(none)
libgnome-2.16.0-6.el5|(none)
nautilus-cd-burner-2.16.0-7.el5|(none)
gnome-vfs2-smb-2.16.2-4.el5|(none)
vino-2.13.5-6.el5|(none)
gnome-utils-2.16.0-3.el5|1
gnome-python2-desktop-2.16.0-1.fc6|(none)
system-config-date-1.8.12-1.el5|(none)
gstreamer-0.10.9-3.el5|(none)
system-config-keyboard-1.2.11-1.el5|(none)
xorg-x11-drv-evdev-1.0.0.5-3.el5|1
xorg-x11-drv-vmmouse-12.4.0-2.1|(none)
xorg-x11-drv-acecad-1.1.0-2.1|(none)
xorg-x11-drv-mutouch-1.1.0-2|(none)
xorg-x11-drv-voodoo-1.1.0-3.1|(none)
xorg-x11-drv-citron-2.2.0-1.1|(none)
xorg-x11-drivers-7.1-4.1.el5|(none)
pycairo-devel-1.2.0-1.1|(none)
libXvMC-devel-1.0.2-2.1|(none)
libXcomposite-devel-0.3-5.1|(none)
libXxf86vm-devel-1.0.1-3.1|(none)
libXfontcache-devel-1.0.2-3.1|(none)
libgnome-devel-2.16.0-6.el5|(none)
libgnomeprintui22-devel-2.12.1-6|(none)
libgsf-devel-1.14.1-6.1|(none)
libgnome-devel-2.16.0-6.el5|(none)
minicom-2.1-3|(none)
e2fsprogs-libs-1.39-10.el5_1.1|(none)
libxml2-2.6.26-2.1.2.1|(none)
gd-2.0.33-9.4.el5_1.1|(none)
libsane-hpaio-1.6.7-4.1.el5_0.3|(none)
mozldap-6.0.5-1.el5|(none)
ghostscript-8.15.2-9.1.el5_1.1|(none)
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5|(none)
nscd-2.5-18.el5_1.1|(none)
glibc-devel-2.5-18.el5_1.1|(none)
libXfont-devel-1.2.2-1.0.3.el5_1|(none)
python-virtinst-0.103.0-3.el5_1.1|(none)
jakarta-commons-beanutils-1.7.0-5jpp.1|0
jakarta-commons-httpclient-3.0-7jpp.1|1
xerces-j2-2.7.1-7jpp.2|0
geronimo-specs-compat-1.0-0.M2.2jpp.12|0
struts-1.2.9-4jpp.5|0
sun-javadb-docs-10.3.1-4.1|(none)
httpd-2.2.3-11.el5_1.3|(none)
xml-commons-1.3.03-11jpp|0
postgresql-devel-8.1.11-1.el5_1.1|(none)
pcre-devel-6.6-2.el5_1.7|(none)
mysql-5.0.22-2.2.el5_1.1|(none)
courier-authlib-0.60.2-1.rh5Server|(none)
perl-Archive-Tar-1.38-1.el5.rf|(none)
perl-Unicode-Map-0.112-1.el5.rf|(none)
perl-LDAP-0.33-3.fc6|1
bind-9.3.3-10.el5|30
syslinux-3.63-1.el5.rf|(none)
rsync-3.0.2-1.el5.rf|(none)
krb5-workstation-1.6.1-17.el5_1.1|(none)
perl-HTML-Tagset-3.20-1.el5.rf|(none)
cups-libs-1.2.4-11.14.el5_1.6|1
cups-1.2.4-11.14.el5_1.6|1
iptraf-3.0.0-5.el5|(none)
Nessus ID : 22869 |
| Informational |
general/tcp |
Nessus can run commands on localhost to check if patches are applied
The output of "uname -a" is :
Linux gatekeeper.fma.co.za 2.6.18-53.1.14.el5xen #1 SMP Tue Feb 19 07:33:17 EST 2008 x86_64 x86_64 x86_64 GNU/Linux
The remote Red Hat system is :
Red Hat Enterprise Linux Server release 5.1 (Tikanga)
Local security checks have been enabled for this host.
Nessus ID : 12634 |
| Informational |
sunrpc (111/udp) |
Synopsis :
An ONC RPC service is running on the remote host.
Description :
By sending a DUMP request to the portmapper it was possible to
enumerate the ONC RPC services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port.
Risk factor :
None
Plugin output :
The following RPC services are available on UDP port 111 :
- program: 100000 (portmapper), version: 2
Nessus ID : 11111 |
| Informational |
unknown (862/udp) |
Synopsis :
An ONC RPC service is running on the remote host.
Description :
By sending a DUMP request to the portmapper it was possible to
enumerate the ONC RPC services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port.
Risk factor :
None
Plugin output :
The following RPC services are available on UDP port 862 :
- program: 100024 (status), version: 1
Nessus ID : 11111 |
| Informational |
unknown (865/tcp) |
Synopsis :
An ONC RPC service is running on the remote host.
Description :
By sending a DUMP request to the portmapper it was possible to
enumerate the ONC RPC services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port.
Risk factor :
None
Plugin output :
The following RPC services are available on TCP port 865 :
- program: 100024 (status), version: 1
Nessus ID : 11111 |
| Warning |
domain (53/udp) |
Synopsis :
The remote name server allows recursive queries to be performed
by the host running nessusd.
Description :
It is possible to query the remote name server for third party names.
If this is your internal nameserver, then forget this warning.
If you are probing a remote nameserver, then it allows anyone
to use it to resolve third parties names (such as www.nessus.org).
This allows hackers to do cache poisoning attacks against this
nameserver.
If the host allows these recursive queries via UDP,
then the host can be used to 'bounce' Denial of Service attacks
against another network or system.
See also :
http://www.cert.org/advisories/CA-1997-22.html
Solution :
Restrict recursive queries to the hosts that should
use this nameserver (such as those of the LAN connected to it).
If you are using bind 8, you can do this by using the instruction
'allow-recursion' in the 'options' section of your named.conf
If you are using bind 9, you can define a grouping of internal addresses
using the 'acl' command
Then, within the options block, you can explicitly state:
'allow-recursion { hosts_defined_in_acl }'
For more info on Bind 9 administration (to include recursion), see:
http://www.nominum.com/content/documents/bind9arm.pdf
If you are using another name server, consult its documentation.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVE : CVE-1999-0024
BID : 136, 678
Nessus ID : 10539 |
| Warning |
domain (53/udp) |
Synopsis :
Remote DNS server is vulnerable to cache snooping attacks.
Description :
The remote DNS server answers to queries for third-party domains which
do not have the recursion bit set.
This may allow a remote attacker to determine which domains have
recently been resolved via this name server, and therefore which hosts
have been recently visited.
For instance, if an attacker was interested in whether your company
utilizes the online services of a particular financial institution,
they would be able to use this attack to build a statistical model
regarding company usage of aforementioned financial institution. Of
course, the attack can also be used to find B2B partners, web-surfing
patterns, external mail servers, and more...
See also :
For a much more detailed discussion of the potential risks of allowing
DNS cache information to be queried anonymously, please see:
http://www.rootsecure.net/content/downloads/pdf/dns_cache_snooping.pdf
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Nessus ID : 12217 |
| Informational |
domain (53/udp) |
A DNS server is running on this port. If you do not use it, disable it.
Risk factor : Low
Nessus ID : 11002 |
| Informational |
imap (143/tcp) |
An IMAP server is running on this port.
Nessus ID : 22964 |
| Informational |
imap (143/tcp) |
Synopsis :
An IMAP server is running on the remote host.
Description :
An IMAP (Internet Message Access Protocol) server is
installed and running on the remote host.
Risk factor :
None
Plugin output :
The remote imap server banner is :
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE STARTTLS] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.
Nessus ID : 11414 |
| Warning |
ldap (389/tcp) |
Synopsis :
The remote LDAP server allows anonymous access.
Description :
The LDAP server on the remote host is currently configured such that a
user can connect to it without authentication - via a 'NULL BIND' -
and query it for information. Although the queries that are allowed
are likely to be fairly restricted, this may result in disclosure of
information that an attacker could find useful.
Solution :
Configure the LDAP server so that it does not allow NULL BINDs.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Other references : OSVDB:9723
Nessus ID : 10723 |
| Warning |
ldap (389/tcp) |
Synopsis :
It is possible to disclose LDAP information.
Description :
Improperly configured LDAP servers will allow the directory BASE
to be set to NULL. This allows information to be culled without
any prior knowledge of the directory structure. Coupled with a
NULL BIND, an anonymous user can query your LDAP server using a
tool such as 'LdapMiner'
Solution:
Disable NULL BASE queries on your LDAP server
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Nessus ID : 10722 |
| Informational |
ldap (389/tcp) |
Synopsis :
There is an LDAP server active on the remote host.
Description :
The remote host is running a Lightweight Directory Access Protocol, or
LDAP, server. LDAP is a protocol for providing access to directory
services over TCP/IP.
See also :
http://en.wikipedia.org/wiki/LDAP
Risk factor :
None
Nessus ID : 20870 |
| Informational |
ldap (389/tcp) |
Synopsis :
It is possible to discover information about the remote LDAP server.
Description :
By sending a search request with a filter set to 'objectClass=*', it
is possible to extract information about the remote LDAP server.
Risk factor :
None
Plugin output :
[+]-objectClass:
| top
[+]-namingContexts:
| dc=fma, dc=co, dc=za
[+]-supportedExtension:
| 2.16.840.1.113730.3.5.7
| 2.16.840.1.113730.3.5.8
| 2.16.840.1.113730.3.5.3
| 2.16.840.1.113730.3.5.5
| 2.16.840.1.113730.3.5.6
| 2.16.840.1.113730.3.5.9
| 2.16.840.1.113730.3.5.4
| 1.3.6.1.4.1.4203.1.11.1
[+]-supportedControl:
| 2.16.840.1.113730.3.4.2
| 2.16.840.1.113730.3.4.3
| 2.16.840.1.113730.3.4.4
| 2.16.840.1.113730.3.4.5
| 1.2.840.113556.1.4.473
| 2.16.840.1.113730.3.4.9
| 2.16.840.1.113730.3.4.16
| 2.16.840.1.113730.3.4.15
| 2.16.840.1.113730.3.4.17
| 2.16.840.1.113730.3.4.19
| 1.3.6.1.4.1.42.2.27.8.5.1
| 1.3.6.1.4.1.42.2.27.9.5.2
| 2.16.840.1.113730.3.4.14
| 2.16.840.1.113730.3.4.20
| 1.3.6.1.4.1.1466.29539.12
| 2.16.840.1.113730.3.4.12
| 2.16.840.1.113730.3.4.18
| 2.16.840.1.113730.3.4.13
[+]-supportedSASLMechanisms:
| EXTERNAL
| PLAIN
| LOGIN
| CRAM-MD5
| GSSAPI
| DIGEST-MD5
| ANONYMOUS
[+]-supportedLDAPVersion:
| 2
| 3
[+]-vendorName:
| Fedora Project
[+]-vendorVersion:
| Fedora-Directory/1.1.0 B2007.355.1657
[+]-dataversion:
| 020080605114305
[+]-netscapemdsuffix:
| cn=ldap://dc=gatekeeper,dc=fma,dc=co,dc=za:389
Nessus ID : 25701 |
| Warning |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to enumerate remote network shares.
Description :
By connecting to the remote host using a NULL (or guest) session
Nessus was able to enumerate the network share names.
Risk factor :
None
Plugin output :
Here is the list of the SMB shares of this host :
IPC$
FMA
CL3100DN
2018D
Nessus ID : 10395 |
| Informational |
microsoft-ds (445/tcp) |
A CIFS server is running on this port
Nessus ID : 11011 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to obtain network information.
Description :
It was possible to obtain the browse list of the remote
Windows system by send a request to the LANMAN pipe.
The browse list is the list of the nearest Windows systems
of the remote host.
Risk factor :
None
Plugin output :
Here is the browse list of the remote host :
ANTECT1 ( os: 0.0 )
CRIMSON ( os: 0.0 )
GATEKEEPER ( os: 0.0 )
Other references : OSVDB:300
Nessus ID : 10397 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to retrieve the remote host's password policy using the
supplied credentials.
Description :
Using the supplied credentials it was possible to extract the password
policy for the remote Windows host. The password policy must be
conform to the Informational System Policy.
Risk factor :
None
Plugin output :
The following password policy is defined on the remote host:
Minimum password len: 5
Password history len: 0
Maximum password age (d): No limit
Password must meet complexity requirements: Disabled
Minimum password age (d): 0
Forced logoff time (s): Not set
Locked account time (s): 1800
Time between failed logon (s): 1800
Number of invalid logon before locked out (s): 0
Nessus ID : 17651 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to enumerate domain users.
Description :
Using the host SID, it is possible to enumerates the domain
users on the remote Windows system. (we only enumerated users
name whose ID is between 1000 and 2000 or whatever preferences
you set).
Risk factor :
None
Plugin output :
- Guest account name : nobody (id 501)
- root (id 1000)
- antect1$ (id 1001)
- amber$ (id 1002)
- Domain Admins (id 1025)
CVE : CVE-2000-1200
BID : 959
Other references : OSVDB:714
Nessus ID : 10399 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to enumerate local users on the remote Windows host.
Description :
Using the host SID, it is possible to enumerate local users on the
remote Windows system.
Note that Nessus enumerates only users with a UID in the configured
range, by default 1000 and 2000.
Risk factor :
None
Plugin output :
- Guest account name : nobody (id 501)
- root (id 1000)
- antect1$ (id 1001)
- amber$ (id 1002)
- Domain Admins (id 1025)
CVE : CVE-2000-1200
BID : 959
Other references : OSVDB:714
Nessus ID : 10860 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to obtain the domain SID.
Description :
By emulating the call to LsaQueryInformationPolicy() it was
possible to obtain the domain SID (Security Identifier).
The domain SID can then be used to get the list of users
of the domain
Risk factor :
None
Plugin output :
The remote domain SID value is :
1-5-21--1352227386-766326913--1627270014
CVE : CVE-2000-1200
BID : 959
Nessus ID : 10398 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to obtain the host SID for the remote host.
Description :
By emulating the call to LsaQueryInformationPolicy(), it was possible
to obtain the host SID (Security Identifier).
The host SID can then be used to get the list of local users.
Risk factor :
None
Plugin output :
The remote host SID value is :
1-5-21--1352227386-766326913--1627270014
CVE : CVE-2000-1200
BID : 959
Nessus ID : 10859 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to log into the remote host.
Description :
The remote host is running one of the Microsoft Windows operating
systems. It was possible to log into it using a NULL session.
A NULL session (no login/password) allows to get information about
the remote host.
See also :
http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP
http://support.microsoft.com/support/kb/articles/Q246/2/61.ASP
Risk factor :
None
CVE : CVE-2002-1117
BID : 494
Nessus ID : 26920 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to log into the remote host.
Description :
The remote host is running one of the Microsoft Windows operating
systems. It was possible to log into it using one of the following
account :
- NULL session
- Guest account
- Given Credentials
See also :
http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP
http://support.microsoft.com/support/kb/articles/Q246/2/61.ASP
Risk factor :
none
Plugin output :
- NULL sessions are enabled on the remote host
CVE : CVE-1999-0504, CVE-1999-0505, CVE-1999-0506, CVE-2000-0222, CVE-2002-1117, CVE-2005-3595
BID : 494, 990, 11199
Nessus ID : 10394 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
It is possible to obtain information about the remote operating
system.
Description :
It is possible to get the remote operating system name and
version (Windows and/or Samba) by sending an authentication
request to port 139 or 445.
Risk factor :
None
Plugin output :
The remote Operating System is : Unix
The remote native lan manager is : Samba 3.0.25b-1.el5_1.4
The remote SMB Domain Name is : GROVEAVENUE
Nessus ID : 10785 |
| Informational |
microsoft-ds (445/tcp) |
Synopsis :
An SMB server is running on the remote host.
Description :
The remote host is running a SAMBA server, a CIFS/SMB
server for Unix.
See also :
http://www.samba.org
Risk factor :
None
Nessus ID : 25240 |
| Informational |
sunrpc (111/tcp) |
Synopsis :
An ONC RPC portmapper is running on the remote host.
Description :
The RPC portmapper is running on this port.
The portmapper allows to get the port number of each RPC service
running on the remote host either by sending multiple lookup
requests or by sending a DUMP request.
Risk factor :
None
Nessus ID : 10223 |
| Informational |
sunrpc (111/tcp) |
Synopsis :
An ONC RPC service is running on the remote host.
Description :
By sending a DUMP request to the portmapper it was possible to
enumerate the ONC RPC services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port.
Risk factor :
None
Plugin output :
The following RPC services are available on TCP port 111 :
- program: 100000 (portmapper), version: 2
Nessus ID : 11111 |
| Informational |
netbios-ssn (139/tcp) |
An SMB server is running on this port
Nessus ID : 11011 |
| Warning |
imaps (993/tcp) |
Synopsis :
The remote service encrypts traffic using a protocol with known
weaknesses.
Description :
The remote service accepts connections encrypted using SSL 2.0, which
reportedly suffers from several cryptographic flaws and has been
deprecated for several years. An attacker may be able to exploit
these issues to conduct man-in-the-middle attacks or decrypt
communications between the affected service and clients.
See also :
http://www.schneier.com/paper-ssl.pdf
Solution :
Consult the application's documentation to disable SSL 2.0 and use SSL
3.0 or TLS 1.0 instead.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Nessus ID : 20007 |
| Warning |
imaps (993/tcp) |
Synopsis :
The remote service supports the use of weak SSL ciphers.
Description :
The remote host supports the use of SSL ciphers that offer either weak
encryption or no encryption at all.
See also :
http://www.openssl.org/docs/apps/ciphers.html
Solution :
Reconfigure the affected application if possible to avoid use of weak
ciphers.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin output :
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
SSLv2
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
SSLv3
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
TLSv1
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 26928 |
| Informational |
imaps (993/tcp) |
An SSLv2 server answered on this port.
Nessus ID : 22964 |
| Informational |
imaps (993/tcp) |
Synopsis :
The remote service encrypts communications using SSL.
Description :
This script detects which SSL ciphers are supported by the remote
service for encrypting communications.
See also :
http://www.openssl.org/docs/apps/ciphers.html
Risk factor :
None
Plugin output :
Here is the list of SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
SSLv2
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
SSLv3
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
TLSv1
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
SSLv2
DES-CBC-MD5 Kx=RSA Au=RSA Enc=DES(56) Mac=MD5
SSLv3
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
TLSv1
EXP1024-DES-CBC-SHA Kx=RSA(1024) Au=RSA Enc=DES(56) Mac=SHA1 export
EXP1024-RC4-SHA Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=SHA1 export
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
SSLv2
DES-CBC3-MD5 Kx=RSA Au=RSA Enc=3DES(168) Mac=MD5
RC2-CBC-MD5 Kx=RSA Au=RSA Enc=RC2(128) Mac=MD5
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
SSLv3
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
TLSv1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 21643 |
| Informational |
imaps (993/tcp) |
Synopsis :
An IMAP server is running on the remote host.
Description :
An IMAP (Internet Message Access Protocol) server is
installed and running on the remote host.
Risk factor :
None
Plugin output :
The remote imap server banner is :
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=PLAIN] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.
Nessus ID : 11414 |
| Informational |
imaps (993/tcp) |
An IMAP server is running on this port through SSLv2.
Nessus ID : 22964 |
| Informational |
postgresql (5432/tcp) |
Synopsis :
A database service is listening on the remote host.
Description :
The remote service is a PostgreSQL database server, or a derivative
such as EnterpriseDB.
See also :
http://www.postgresql.org/
Solution :
Limit incoming traffic to this port if desired.
Risk factor :
None
Nessus ID : 26024 |
| Warning |
ndl-aas (3128/tcp) |
The proxy accepts gopher:// requests.
Gopher is an old network protocol which predates HTTP and
is nearly unused today. As a result, gopher-compatible
software is generally less audited and more likely to contain
security bugs than others.
By making gopher requests, an attacker may evade your firewall
settings, by making connections to port 70, or may even exploit
arcane flaws in this protocol to gain more privileges on this
host (see the attached CVE id for such an example).
Solution : reconfigure your proxy so that it refuses gopher requests.
Risk factor : Medium
CVE : CVE-2002-0371
BID : 4930
Other references : OSVDB:3004
Nessus ID : 11305 |
| Informational |
ndl-aas (3128/tcp) |
Synopsis :
The remote web proxy server accepts requests.
Description :
The remote web proxy accepts unauthenticated HTTP requests from the
Nessus scanner. By routing requests through the affected proxy, a
user may be able to gain some degree of anonymity while browsing web
sites, which will see requests as originating from the remote host
itself rather than the user's host.
Solution:
Make sure access to the proxy is limited to valid users / hosts.
Risk factor :
None
Nessus ID : 10195 |
| Informational |
ndl-aas (3128/tcp) |
Synopsis :
Some information about the remote HTTP configuration can be extracted.
Description :
This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive and HTTP pipelining are enabled,
etc...
This test is informational only and does not denote any security
problem
Solution :
None.
Risk factor :
None
Plugin output :
Protocol version : HTTP/1.0
SSL : no
Pipelining : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Server: squid/2.6.STABLE6
Date: Wed, 11 Jun 2008 12:51:44 GMT
Content-Type: text/html
Content-Length: 1069
Expires: Wed, 11 Jun 2008 12:51:44 GMT
X-Squid-Error: ERR_CONNECT_FAIL 111
X-Cache: MISS from gatekeeper.fma.co.za
X-Cache-Lookup: MISS from gatekeeper.fma.co.za:3128
Via: 1.0 gatekeeper.fma.co.za:3128 (squid/2.6.STABLE6)
Connection: close
Nessus ID : 24260 |
| Informational |
ndl-aas (3128/tcp) |
Synopsis :
A web server is running on the remote host.
Description :
This plugin attempts to determine the type and the version of
the remote web server.
Risk factor :
None
Plugin output :
The remote web server type is :
squid/2.6.STABLE6
Nessus ID : 10107 |
| Informational |
ndl-aas (3128/tcp) |
The GET method revealed those proxies on the way to this web server :
HTTP/1.0 gatekeeper.fma.co.za:3128 (squid/2.6.STABLE6)
Nessus ID : 11040 |
| Informational |
ndl-aas (3128/tcp) |
A web server seems to be running on this port
Nessus ID : 11153 |
| Informational |
pop3 (110/tcp) |
A POP3 server is running on this port.
Nessus ID : 22964 |
| Informational |
pop3 (110/tcp) |
Synopsis :
A POP server is listening on the remote port
Description :
The remote host is running a POP server.
Solution :
Disable this service if you do not use it.
Risk factor :
None
Plugin output :
Remote POP server banner :
+OK Hello there.
Nessus ID : 10185 |
| Warning |
pop3s (995/tcp) |
Synopsis :
The remote service supports the use of weak SSL ciphers.
Description :
The remote host supports the use of SSL ciphers that offer either weak
encryption or no encryption at all.
See also :
http://www.openssl.org/docs/apps/ciphers.html
Solution :
Reconfigure the affected application if possible to avoid use of weak
ciphers.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin output :
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
SSLv3
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 26928 |
| Informational |
pop3s (995/tcp) |
An SSLv3 server answered on this port.
Nessus ID : 22964 |
| Informational |
pop3s (995/tcp) |
Synopsis :
The remote service encrypts communications using SSL.
Description :
This script detects which SSL ciphers are supported by the remote
service for encrypting communications.
See also :
http://www.openssl.org/docs/apps/ciphers.html
Risk factor :
None
Plugin output :
Here is the list of SSL ciphers supported by the remote server :
Low Strength Ciphers (< 56-bit key)
SSLv3
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
SSLv3
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
SSLv3
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 21643 |
| Informational |
pop3s (995/tcp) |
Synopsis :
A POP server is listening on the remote port
Description :
The remote host is running a POP server.
Solution :
Disable this service if you do not use it.
Risk factor :
None
Plugin output :
Remote POP server banner :
+OK Hello there.
Nessus ID : 10185 |
| Informational |
pop3s (995/tcp) |
A POP3 server is running on this port through SSLv3.
Nessus ID : 22964 |
| Informational |
urd (465/tcp) |
A TLSv1 server answered on this port.
Nessus ID : 22964 |
| Informational |
urd (465/tcp) |
Synopsis :
An SMTP server is listening on the remote port.
Description :
The remote host is running a mail (SMTP) server on this port.
Since SMTP servers are the targets of spammers, it is recommended you
disable it if you do not use it.
Solution :
Disable this service if you do not use it, or filter incoming traffic
to this port.
Risk factor :
None
Plugin output :
Remote SMTP server banner :
220 gatekeeper.fma.co.za ESMTP Postfix
Nessus ID : 10263 |
| Informational |
urd (465/tcp) |
Synopsis :
The remote service encrypts communications using SSL.
Description :
This script detects which SSL ciphers are supported by the remote
service for encrypting communications.
See also :
http://www.openssl.org/docs/apps/ciphers.html
Risk factor :
None
Plugin output :
Here is the list of SSL ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
SSLv3
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
TLSv1
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 21643 |
| Informational |
urd (465/tcp) |
An SMTP server is running on this port through TLSv1.
Nessus ID : 22964 |
| Informational |
nessus (1241/tcp) |
A TLSv1 server answered on this port.
Nessus ID : 22964 |
| Informational |
nessus (1241/tcp) |
Synopsis :
The remote service encrypts communications using SSL.
Description :
This script detects which SSL ciphers are supported by the remote
service for encrypting communications.
See also :
http://www.openssl.org/docs/apps/ciphers.html
Risk factor :
None
Plugin output :
Here is the list of SSL ciphers supported by the remote server :
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
TLSv1
EXP1024-DES-CBC-SHA Kx=RSA(1024) Au=RSA Enc=DES(56) Mac=SHA1 export
EXP1024-RC4-SHA Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=SHA1 export
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
TLSv1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Nessus ID : 21643 |
| Informational |
nessus (1241/tcp) |
Synopsis :
A Nessus daemon is listening on the remote port.
Description :
A Nessus daemon is listening on the remote port. It is not
recommended to let anyone connect to this port.
Also, make sure that the remote Nessus installation has
been authorized.
Solution :
Filter incoming traffic to this port.
Risk factor :
None
Nessus ID : 10147 |
| Informational |
ssh (22/tcp) |
An SSH server is running on this port.
Nessus ID : 22964 |
| Informational |
ssh (22/tcp) |
Synopsis :
An SSH server is running on the remote host.
Description :
This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.
Risk factor :
None
Plugin output :
The remote SSH daemon supports the following versions of the
SSH protocol :
. 1.99
. 2.0
SSHv2 host key fingerprint : a1:dc:e5:3b:66:2b:5a:96:e9:6d:17:d1:89:f9:5c:15
Nessus ID : 10881 |
| Informational |
ssh (22/tcp) |
Synopsis :
An SSH server is listening on this port.
Description :
It is possible to obtain information about the remote SSH
server by sending an empty authentication request.
Risk factor :
None
Plugin output :
SSH version : SSH-2.0-OpenSSH_4.3
SSH supported authentication : publickey,gssapi-with-mic,password
Nessus ID : 10267 |