Upload
lamthien
View
215
Download
2
Embed Size (px)
Citation preview
2016-JAN-07FSL version 7.5.783
MCAFEE FOUNDSTONE FSL UPDATE
To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.
NEW CHECKS
19476 - IBM WebSphere Application Server Multiple Vulerabilities Prior To 8.5.5.8
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2015-2017, CVE-2015-7450
DescriptionMultiple vulnerabilities are present in some versions of IBM WebSphere Application Server.
ObservationIBM WebSphere Application Server is a Java application server.
Multiple vulnerabilities are present in some versions of IBM WebSphere Application Server. The flaws occur due to a Java object deserialization issue and an HTTP response splitting issue. Successful exploitation could allow an attacker to obtain sensitive information or to execute arbitrary code.
91990 - Oracle Enterprise Linux ELSA-2016-0001 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2015-7201, CVE-2015-7205, CVE-2015-7212, CVE-2015-7213, CVE-2015-7214
DescriptionThe scan detected that the host is missing the following update:ELSA-2016-0001
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://oss.oracle.com/pipermail/el-errata/2016-January/005656.htmlhttp://oss.oracle.com/pipermail/el-errata/2016-January/005657.html
OEL7x86_64thunderbird-38.5.0-1.0.1.el7_2
OEL6x86_64thunderbird-38.5.0-1.0.1.el6_7
i386thunderbird-38.5.0-1.0.1.el6_7
130351 - Debian Linux 7.0, 8.0 DSA-3432-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2015-7201, CVE-2015-7205, CVE-2015-7212, CVE-2015-7213, CVE-2015-7214
DescriptionThe scan detected that the host is missing the following update:DSA-3432-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3432
Debian 8.0allicedove_38.5.0-1~deb8u1
Debian 7.0allicedove_38.5.0-1~deb7u1
141050 - Red Hat Enterprise Linux RHSA-2016-0001 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2015-7201, CVE-2015-7205, CVE-2015-7212, CVE-2015-7213, CVE-2015-7214
DescriptionThe scan detected that the host is missing the following update:RHSA-2016-0001
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://rhn.redhat.com/errata/RHSA-2016-0001.html
RHEL6Si386thunderbird-38.5.0-1.el6_7thunderbird-debuginfo-38.5.0-1.el6_7
x86_64thunderbird-38.5.0-1.el6_7thunderbird-debuginfo-38.5.0-1.el6_7
RHEL6WSx86_64thunderbird-38.5.0-1.el6_7thunderbird-debuginfo-38.5.0-1.el6_7
i386
thunderbird-38.5.0-1.el6_7thunderbird-debuginfo-38.5.0-1.el6_7
RHEL5Dx86_64thunderbird-debuginfo-38.5.0-1.el5_11thunderbird-38.5.0-1.el5_11
i386thunderbird-debuginfo-38.5.0-1.el5_11thunderbird-38.5.0-1.el5_11
RHEL7Dx86_64thunderbird-38.5.0-1.el7_2thunderbird-debuginfo-38.5.0-1.el7_2
RHEL6Dx86_64thunderbird-38.5.0-1.el6_7thunderbird-debuginfo-38.5.0-1.el6_7
i386thunderbird-38.5.0-1.el6_7thunderbird-debuginfo-38.5.0-1.el6_7
RHEL7WSx86_64thunderbird-38.5.0-1.el7_2thunderbird-debuginfo-38.5.0-1.el7_2
144120 - SuSE Linux 13.1, 13.2 openSUSE-SU-2015:2406-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-7201, CVE-2015-7205, CVE-2015-7210, CVE-2015-7212, CVE-2015-7213, CVE-2015-7214, CVE-2015-7222
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2015:2406-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2015-12/msg00140.html
SuSE Linux 13.1x86_64MozillaThunderbird-38.5.0-70.71.1MozillaThunderbird-translations-common-38.5.0-70.71.1MozillaThunderbird-devel-38.5.0-70.71.1MozillaThunderbird-debuginfo-38.5.0-70.71.1MozillaThunderbird-debugsource-38.5.0-70.71.1MozillaThunderbird-translations-other-38.5.0-70.71.1MozillaThunderbird-buildsymbols-38.5.0-70.71.1
i586
MozillaThunderbird-38.5.0-70.71.1MozillaThunderbird-translations-common-38.5.0-70.71.1MozillaThunderbird-devel-38.5.0-70.71.1MozillaThunderbird-debuginfo-38.5.0-70.71.1MozillaThunderbird-debugsource-38.5.0-70.71.1MozillaThunderbird-translations-other-38.5.0-70.71.1MozillaThunderbird-buildsymbols-38.5.0-70.71.1
SuSE Linux 13.2x86_64MozillaThunderbird-translations-common-38.5.0-34.2MozillaThunderbird-buildsymbols-38.5.0-34.2MozillaThunderbird-38.5.0-34.2MozillaThunderbird-debuginfo-38.5.0-34.2MozillaThunderbird-debugsource-38.5.0-34.2MozillaThunderbird-translations-other-38.5.0-34.2MozillaThunderbird-devel-38.5.0-34.2
i586MozillaThunderbird-translations-common-38.5.0-34.2MozillaThunderbird-buildsymbols-38.5.0-34.2MozillaThunderbird-38.5.0-34.2MozillaThunderbird-debuginfo-38.5.0-34.2MozillaThunderbird-debugsource-38.5.0-34.2MozillaThunderbird-translations-other-38.5.0-34.2MozillaThunderbird-devel-38.5.0-34.2
144121 - SuSE Linux 11.4 openSUSE-SU-2015:2403-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2015:2403-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2015-12/msg00138.html
SuSE Linux 11.4x86_64flash-player-11.2.202.559-179.1flash-player-gnome-11.2.202.559-179.1flash-player-kde4-11.2.202.559-179.1
i586flash-player-11.2.202.559-179.1flash-player-gnome-11.2.202.559-179.1flash-player-kde4-11.2.202.559-179.1
144122 - SuSE SLED 12 SUSE-SU-2015:2401-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2015:2401-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2015-December/001772.html
SuSE SLED 12x86_64flash-player-gnome-11.2.202.559-117.1flash-player-11.2.202.559-117.1
178144 - Gentoo Linux GLSA-201512-10 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2015-0798, CVE-2015-0799, CVE-2015-0801, CVE-2015-0802, CVE-2015-0803, CVE-2015-0804, CVE-2015-0805, CVE-2015-0806, CVE-2015-0807, CVE-2015-0808, CVE-2015-0810, CVE-2015-0811, CVE-2015-0812, CVE-2015-0813, CVE-2015-0814, CVE-2015-0815, CVE-2015-0816, CVE-2015-2706, CVE-2015-2721, CVE-2015-2722, CVE-2015-2724, CVE-2015-2725, CVE-2015-2726, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729, CVE-2015-2730, CVE-2015-2731, CVE-2015-2733, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740, CVE-2015-2741, CVE-2015-2742, CVE-2015-2743, CVE-2015-2808, CVE-2015-4000, CVE-2015-4153, CVE-2015-4495, CVE-2015-4513, CVE-2015-4514, CVE-2015-4515, CVE-2015-4518, CVE-2015-7181, CVE-2015-7182, CVE-2015-7183, CVE-2015-7187, CVE-2015-7188, CVE-2015-7189, CVE-2015-7191, CVE-2015-7192, CVE-2015-7193, CVE-2015-7194, CVE-2015-7195, CVE-2015-7196, CVE-2015-7197, CVE-2015-7198, CVE-2015-7199, CVE-2015-7200, CVE-2015-7201, CVE-2015-7202, CVE-2015-7203, CVE-2015-7204, CVE-2015-7205, CVE-2015-7207, CVE-2015-7208, CVE-2015-7210, CVE-2015-7211, CVE-2015-7212, CVE-2015-7213, CVE-2015-7214, CVE-2015-7215, CVE-2015-7216, CVE-2015-7217, CVE-2015-7218, CVE-2015-7219, CVE-2015-7220, CVE-2015-7221, CVE-2015-7222, CVE-2015-7223
DescriptionThe scan detected that the host is missing the following update:GLSA-201512-10
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201512-10
Affected packages: www-client/firefox < 38.5.0www-client/firefox-bin < 38.5.0mail-client/thunderbird < 38.5.0mail-client/thunderbird-bin < 38.5.0
181757 - FreeBSD qemu Denial Of Service Vulnerability In IDE Disk/CD/DVD-ROM Emulation (bbc97005-b14e-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2015-6855
DescriptionThe scan detected that the host is missing the following update:qemu -- denial of service vulnerability in IDE disk/CD/DVD-ROM emulation (bbc97005-b14e-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/bbc97005-b14e-11e5-9728-002590263bf5.html
Affected packages: qemu < 2.4.1qemu-devel < 2.4.1qemu-sbruno < 2.5.50.g20151224qemu-user-static < 2.5.50.g20151224
190153 - Fedora Linux 22 FEDORA-2015-eb896290d3 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-eb896290d3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html
Fedora Core 22
pcre-8.38-1.fc22
19481 - Open Automation Software OPC Systems.NET DLL Hijacking Vulnerability
Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2015-7917
DescriptionA DLL Hijacking vulnerability is present in some versions of Open Automation Software OPC Systems.NET.
ObservationOpen Automation Software OPC Systems.NET is a complete suite for SCADA and HMI applications.
A DLL Hijacking vulnerability is present in some versions of OPC Systems.NET. This flaw is caused when a local user runs the application and loads a malicious DLL file. Successful exploitation could allow an attacker to execute of arbitrary code with the same privilege level as the affected software.
19489 - (VMSA-2015-0009) VMware vRealize Orchestrator (vCenter Orchestrator) Apache Commons-Collections Deserialization Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2015-6934
DescriptionA deserialization vulnerability is present in some versions of VMware vCenter Orchestrator.
ObservationVMware vCenter Orchestrator integrates with VMware vCloud Suite and automates IT tasks.
A deserialization vulnerability is present in some versions of VMware vCenter Orchestrator. The flaw lies in Apache Commons-collections. Successful exploitation could allow an attacker to execute remote code.
19490 - (VMSA-2015-0009) VMware vRealize Orchestrator (vCenter Orchestrator) Apache Commons-Collections Deserialization Vulnerability
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2015-6934
DescriptionA deserialization vulnerability is present in some versions of VMware vCenter Orchestrator.
ObservationVMware vCenter Orchestrator integrates with VMware vCloud Suite and automates IT tasks.
A deserialization vulnerability is present in some versions of VMware vCenter Orchestrator. The flaw lies in Apache Commons-collections. Successful exploitation could allow an attacker to execute remote code.
19486 - Joomla! Remote Code Execution Vulnerability (20151201)
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-2015-8562
DescriptionA vulnerability is present in some versions of Joomla!.
ObservationJoomla! is a content management system.
A vulnerability is present in some versions of Joomla!. The flaw is due to improper handling of the HTTP User-Agent header. Successful exploitation could allow an attacker to inject arbitrary PHP code.
19488 - Joomla Directory Traversal Vulnerability (20151203)
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-2015-8564
DescriptionA vulnerability is present in some versions of Joomla!.
ObservationJoomla! is a content management system.
A vulnerability is present in some versions of Joomla!. The flaw is due to improper sanitization of input data from the XML install file included in an extension's package archive. Successful exploitation could allow an attacker to perform a directory traversal attack.
19491 - Joomla CSRF Vulnerability (20151202)
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-2015-8563
DescriptionA vulnerability is present in some versions of Joomla!.
ObservationJoomla! is a content management system.
A vulnerability is present in some versions of Joomla!. The flaw lies in the com_templates component. Successful exploitation could allow an attacker to hijack the authentication of a user.
19497 - Cisco Prime Network Services Controller Arbitrary Command Execution Privilege Escalation
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2015-6426
DescriptionA vulnerability in some versions of Cisco Prime Network Service could lead to privilege escalation.
ObservationA vulnerability in some versions of Cisco Prime Network Service could lead to privilege escalation.
The flaw is due to insufficient validation of local commands. Successful exploitation could allow a local user to gain elevated privileges.
19498 - Joomla! Directory Traversal Vulnerability (20151204)
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-2015-8565
DescriptionA vulnerability is present in some versions of Joomla!.
ObservationJoomla! is a content management system.
A vulnerability is present in some versions of Joomla!. The flaw is due to improper handling of request data. Successful exploitation could allow an attacker to launch a directory traversal attack.
144119 - SuSE Linux 13.1, 13.2 openSUSE-SU-2015:2405-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-7575
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2015:2405-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html
SuSE Linux 13.1x86_64mozilla-nss-sysinit-3.20.2-65.1mozilla-nss-3.20.2-65.1libsoftokn3-debuginfo-32bit-3.20.2-65.1libfreebl3-debuginfo-3.20.2-65.1mozilla-nss-devel-3.20.2-65.1mozilla-nss-certs-3.20.2-65.1mozilla-nss-sysinit-debuginfo-3.20.2-65.1libsoftokn3-3.20.2-65.1libfreebl3-debuginfo-32bit-3.20.2-65.1mozilla-nss-tools-3.20.2-65.1libsoftokn3-32bit-3.20.2-65.1mozilla-nss-certs-debuginfo-32bit-3.20.2-65.1mozilla-nss-debuginfo-32bit-3.20.2-65.1mozilla-nss-tools-debuginfo-3.20.2-65.1libsoftokn3-debuginfo-3.20.2-65.1mozilla-nss-32bit-3.20.2-65.1mozilla-nss-certs-32bit-3.20.2-65.1libfreebl3-3.20.2-65.1libfreebl3-32bit-3.20.2-65.1mozilla-nss-sysinit-32bit-3.20.2-65.1mozilla-nss-certs-debuginfo-3.20.2-65.1mozilla-nss-sysinit-debuginfo-32bit-3.20.2-65.1mozilla-nss-debugsource-3.20.2-65.1mozilla-nss-debuginfo-3.20.2-65.1
i586mozilla-nss-sysinit-3.20.2-65.1mozilla-nss-3.20.2-65.1libfreebl3-debuginfo-3.20.2-65.1mozilla-nss-devel-3.20.2-65.1mozilla-nss-certs-3.20.2-65.1mozilla-nss-sysinit-debuginfo-3.20.2-65.1libsoftokn3-3.20.2-65.1mozilla-nss-tools-3.20.2-65.1
mozilla-nss-tools-debuginfo-3.20.2-65.1libsoftokn3-debuginfo-3.20.2-65.1libfreebl3-3.20.2-65.1mozilla-nss-certs-debuginfo-3.20.2-65.1mozilla-nss-debugsource-3.20.2-65.1mozilla-nss-debuginfo-3.20.2-65.1
SuSE Linux 13.2x86_64libfreebl3-debuginfo-3.20.2-22.1mozilla-nss-3.20.2-22.1mozilla-nss-certs-3.20.2-22.1mozilla-nss-tools-3.20.2-22.1mozilla-nss-sysinit-debuginfo-3.20.2-22.1mozilla-nss-certs-32bit-3.20.2-22.1libsoftokn3-debuginfo-3.20.2-22.1libfreebl3-debuginfo-32bit-3.20.2-22.1mozilla-nss-debuginfo-32bit-3.20.2-22.1mozilla-nss-certs-debuginfo-32bit-3.20.2-22.1libsoftokn3-32bit-3.20.2-22.1libsoftokn3-3.20.2-22.1libsoftokn3-debuginfo-32bit-3.20.2-22.1mozilla-nss-sysinit-32bit-3.20.2-22.1mozilla-nss-32bit-3.20.2-22.1mozilla-nss-debuginfo-3.20.2-22.1mozilla-nss-debugsource-3.20.2-22.1mozilla-nss-tools-debuginfo-3.20.2-22.1mozilla-nss-certs-debuginfo-3.20.2-22.1libfreebl3-32bit-3.20.2-22.1mozilla-nss-sysinit-debuginfo-32bit-3.20.2-22.1libfreebl3-3.20.2-22.1mozilla-nss-devel-3.20.2-22.1mozilla-nss-sysinit-3.20.2-22.1
i586libfreebl3-debuginfo-3.20.2-22.1mozilla-nss-3.20.2-22.1mozilla-nss-certs-3.20.2-22.1mozilla-nss-tools-3.20.2-22.1mozilla-nss-sysinit-debuginfo-3.20.2-22.1libsoftokn3-debuginfo-3.20.2-22.1libsoftokn3-3.20.2-22.1mozilla-nss-debuginfo-3.20.2-22.1mozilla-nss-debugsource-3.20.2-22.1mozilla-nss-tools-debuginfo-3.20.2-22.1mozilla-nss-certs-debuginfo-3.20.2-22.1libfreebl3-3.20.2-22.1mozilla-nss-devel-3.20.2-22.1mozilla-nss-sysinit-3.20.2-22.1
144125 - SuSE SLES 12, SLED 12 SUSE-SU-2016:0027-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-8126
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:0027-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001779.html
SuSE SLED 12x86_64libpng16-debugsource-1.6.8-11.1libpng16-16-debuginfo-1.6.8-11.1libpng16-16-debuginfo-32bit-1.6.8-11.1libpng16-16-1.6.8-11.1libpng16-16-32bit-1.6.8-11.1
SuSE SLES 12x86_64libpng16-debugsource-1.6.8-11.1libpng16-16-debuginfo-1.6.8-11.1libpng16-16-32bit-1.6.8-11.1libpng16-16-1.6.8-11.1libpng16-16-debuginfo-32bit-1.6.8-11.1
144126 - SuSE Linux 13.1, 13.2 openSUSE-SU-2016:0002-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-8614
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0002-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00000.html
SuSE Linux 13.1i586claws-mail-debuginfo-3.10.1-3.8.1claws-mail-3.10.1-3.8.1claws-mail-debugsource-3.10.1-3.8.1claws-mail-devel-3.10.1-3.8.1
noarchclaws-mail-lang-3.10.1-3.8.1
x86_64claws-mail-debuginfo-3.10.1-3.8.1claws-mail-3.10.1-3.8.1claws-mail-debugsource-3.10.1-3.8.1claws-mail-devel-3.10.1-3.8.1
SuSE Linux 13.2i586claws-mail-debugsource-3.11.0-2.7.1
claws-mail-devel-3.11.0-2.7.1claws-mail-3.11.0-2.7.1claws-mail-debuginfo-3.11.0-2.7.1
noarchclaws-mail-lang-3.11.0-2.7.1
x86_64claws-mail-debugsource-3.11.0-2.7.1claws-mail-devel-3.11.0-2.7.1claws-mail-3.11.0-2.7.1claws-mail-debuginfo-3.11.0-2.7.1
144127 - SuSE SLES 12, SLED 12 SUSE-SU-2016:0021-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-7512, CVE-2015-8345
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:0021-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001778.html
SuSE SLED 12x86_64qemu-kvm-2.0.2-48.12.1qemu-debugsource-2.0.2-48.12.1qemu-2.0.2-48.12.1qemu-x86-debuginfo-2.0.2-48.12.1qemu-block-curl-2.0.2-48.12.1qemu-tools-debuginfo-2.0.2-48.12.1qemu-x86-2.0.2-48.12.1qemu-block-curl-debuginfo-2.0.2-48.12.1qemu-tools-2.0.2-48.12.1
noarchqemu-sgabios-8-48.12.1qemu-seabios-1.7.4-48.12.1qemu-ipxe-1.0.0-48.12.1qemu-vgabios-1.7.4-48.12.1
SuSE SLES 12noarchqemu-sgabios-8-48.12.1qemu-seabios-1.7.4-48.12.1qemu-ipxe-1.0.0-48.12.1qemu-vgabios-1.7.4-48.12.1
x86_64qemu-x86-2.0.2-48.12.1qemu-2.0.2-48.12.1qemu-kvm-2.0.2-48.12.1
qemu-guest-agent-debuginfo-2.0.2-48.12.1qemu-guest-agent-2.0.2-48.12.1qemu-tools-debuginfo-2.0.2-48.12.1qemu-debugsource-2.0.2-48.12.1qemu-x86-debuginfo-2.0.2-48.12.1qemu-block-rbd-debuginfo-2.0.2-48.12.1qemu-block-rbd-2.0.2-48.12.1qemu-tools-2.0.2-48.12.1qemu-lang-2.0.2-48.12.1qemu-block-curl-2.0.2-48.12.1qemu-block-curl-debuginfo-2.0.2-48.12.1
144128 - SuSE Linux 13.1, 13.2 openSUSE-SU-2016:0007-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-7575
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0007-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html
SuSE Linux 13.1x86_64MozillaFirefox-translations-other-43.0.3-100.1MozillaFirefox-translations-common-43.0.3-100.1MozillaFirefox-43.0.3-100.1MozillaFirefox-debugsource-43.0.3-100.1MozillaFirefox-branding-upstream-43.0.3-100.1MozillaFirefox-debuginfo-43.0.3-100.1MozillaFirefox-buildsymbols-43.0.3-100.1MozillaFirefox-devel-43.0.3-100.1
i586MozillaFirefox-translations-other-43.0.3-100.1MozillaFirefox-translations-common-43.0.3-100.1MozillaFirefox-43.0.3-100.1MozillaFirefox-debugsource-43.0.3-100.1MozillaFirefox-branding-upstream-43.0.3-100.1MozillaFirefox-debuginfo-43.0.3-100.1MozillaFirefox-buildsymbols-43.0.3-100.1MozillaFirefox-devel-43.0.3-100.1
SuSE Linux 13.2x86_64MozillaFirefox-debugsource-43.0.3-56.1MozillaFirefox-translations-common-43.0.3-56.1MozillaFirefox-devel-43.0.3-56.1MozillaFirefox-branding-upstream-43.0.3-56.1MozillaFirefox-translations-other-43.0.3-56.1MozillaFirefox-debuginfo-43.0.3-56.1MozillaFirefox-buildsymbols-43.0.3-56.1
MozillaFirefox-43.0.3-56.1
i586MozillaFirefox-debugsource-43.0.3-56.1MozillaFirefox-translations-common-43.0.3-56.1MozillaFirefox-devel-43.0.3-56.1MozillaFirefox-branding-upstream-43.0.3-56.1MozillaFirefox-translations-other-43.0.3-56.1MozillaFirefox-debuginfo-43.0.3-56.1MozillaFirefox-buildsymbols-43.0.3-56.1MozillaFirefox-43.0.3-56.1
178145 - Gentoo Linux GLSA-201512-12 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2014-8651
DescriptionThe scan detected that the host is missing the following update:GLSA-201512-12
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201512-12
Affected packages: kde-base/systemsettings < 4.11.13-r1
178146 - Gentoo Linux GLSA-201512-08 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2014-9328, CVE-2015-1461, CVE-2015-1462, CVE-2015-1463, CVE-2015-2170, CVE-2015-2221, CVE-2015-2222, CVE-2015-2668
DescriptionThe scan detected that the host is missing the following update:GLSA-201512-08
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201512-08
Affected packages: app-antivirus/clamav < 0.98.7
181744 - FreeBSD xen-tools Libxl Leak Of Pv Kernel And Initrd On Error (5d1d4473-b40d-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High
CVE: CVE-2015-8341
DescriptionThe scan detected that the host is missing the following update:xen-tools -- libxl leak of pv kernel and initrd on error (5d1d4473-b40d-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/5d1d4473-b40d-11e5-9728-002590263bf5.html
Affected packages: 4.1 <= xen-tools < 4.5.2_1
181749 - FreeBSD qemu Buffer Overflow Vulnerability In VNC (2b3b4c27-b0c7-11e5-8d13-bc5ff45d0f28)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2015-5225
DescriptionThe scan detected that the host is missing the following update:qemu -- buffer overflow vulnerability in VNC (2b3b4c27-b0c7-11e5-8d13-bc5ff45d0f28)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/2b3b4c27-b0c7-11e5-8d13-bc5ff45d0f28.html
Affected packages: qemu < 2.4.0.1qemu-devel < 2.4.0.1qemu-sbruno < 2.4.50.g20151011qemu-user-static < 2.4.50.g20151011
181753 - FreeBSD kea Unexpected Termination While Handling A Malformed Packet (59e7eb28-b309-11e5-af83-80ee73b5dcf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2015-8373
DescriptionThe scan detected that the host is missing the following update:kea -- unexpected termination while handling a malformed packet (59e7eb28-b309-11e5-af83-80ee73b5dcf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/59e7eb28-b309-11e5-af83-80ee73b5dcf5.html
Affected packages:
kea < 1.0.0
181756 - FreeBSD qemu Denial Of Service Vulnerabilities In NE2000 NIC Support (6aa3322f-b150-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2015-5278, CVE-2015-5279
DescriptionThe scan detected that the host is missing the following update:qemu -- denial of service vulnerabilities in NE2000 NIC support (6aa3322f-b150-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/6aa3322f-b150-11e5-9728-002590263bf5.html
Affected packages: qemu < 2.4.0.1qemu-devel < 2.4.0.1qemu-sbruno < 2.5.50.g20151224qemu-user-static < 2.5.50.g20151224
181759 - FreeBSD cacti SQL Injection Vulnerabilities (bb961ff3-b3a4-11e5-8255-5453ed2e2b49)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2015-8369
DescriptionThe scan detected that the host is missing the following update:cacti -- SQL injection vulnerabilities (bb961ff3-b3a4-11e5-8255-5453ed2e2b49)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/bb961ff3-b3a4-11e5-8255-5453ed2e2b49.html
Affected packages: cacti <= 0.8.8f_1
185108 - Ubuntu Linux 14.04 USN-2858-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2015-8660
DescriptionThe scan detected that the host is missing the following update:USN-2858-2
Observation
Updates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003249.html
Ubuntu 14.04
linux-image-4.2.0-23-powerpc64-smp_4.2.0-23.28~14.04.1linux-image-4.2.0-23-lowlatency_4.2.0-23.28~14.04.1linux-image-4.2.0-23-generic-lpae_4.2.0-23.28~14.04.1linux-image-4.2.0-23-generic_4.2.0-23.28~14.04.1linux-image-4.2.0-23-powerpc-smp_4.2.0-23.28~14.04.1linux-image-4.2.0-23-powerpc-e500mc_4.2.0-23.28~14.04.1linux-image-4.2.0-23-powerpc64-emb_4.2.0-23.28~14.04.1
185109 - Ubuntu Linux 15.10 USN-2858-3 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2015-8660
DescriptionThe scan detected that the host is missing the following update:USN-2858-3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003250.html
Ubuntu 15.10
linux-image-4.2.0-1018-raspi2_4.2.0-1018.25
185111 - Ubuntu Linux 15.04 USN-2857-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2015-8660
DescriptionThe scan detected that the host is missing the following update:USN-2857-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003246.html
Ubuntu 15.04
linux-image-3.19.0-43-powerpc64-smp_3.19.0-43.49linux-image-3.19.0-43-powerpc-smp_3.19.0-43.49linux-image-3.19.0-43-powerpc64-emb_3.19.0-43.49
linux-image-3.19.0-43-generic-lpae_3.19.0-43.49linux-image-3.19.0-43-powerpc-e500mc_3.19.0-43.49linux-image-3.19.0-43-generic_3.19.0-43.49linux-image-3.19.0-43-lowlatency_3.19.0-43.49
185112 - Ubuntu Linux 14.04 USN-2857-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2015-8660
DescriptionThe scan detected that the host is missing the following update:USN-2857-2
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003247.html
Ubuntu 14.04
linux-image-3.19.0-43-lowlatency_3.19.0-43.49~14.04.1linux-image-3.19.0-43-powerpc-smp_3.19.0-43.49~14.04.1linux-image-3.19.0-43-powerpc64-smp_3.19.0-43.49~14.04.1linux-image-3.19.0-43-powerpc-e500mc_3.19.0-43.49~14.04.1linux-image-3.19.0-43-powerpc64-emb_3.19.0-43.49~14.04.1linux-image-3.19.0-43-generic-lpae_3.19.0-43.49~14.04.1linux-image-3.19.0-43-generic_3.19.0-43.49~14.04.1
185113 - Ubuntu Linux 15.10 USN-2858-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2015-8660
DescriptionThe scan detected that the host is missing the following update:USN-2858-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003248.html
Ubuntu 15.10
linux-image-4.2.0-23-generic-lpae_4.2.0-23.28linux-image-4.2.0-23-powerpc64-emb_4.2.0-23.28linux-image-4.2.0-23-generic_4.2.0-23.28linux-image-4.2.0-23-powerpc64-smp_4.2.0-23.28linux-image-4.2.0-23-powerpc-smp_4.2.0-23.28linux-image-4.2.0-23-powerpc-e500mc_4.2.0-23.28linux-image-4.2.0-23-lowlatency_4.2.0-23.28
190156 - Fedora Linux 23 FEDORA-2015-39499d9af8 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-39499d9af8
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174810.html
Fedora Core 23
libpng12-1.2.56-1.fc23
190157 - Fedora Linux 22 FEDORA-2015-ac8100927a Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-ac8100927a
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174816.html
Fedora Core 22
libpng12-1.2.56-1.fc22
190160 - Fedora Linux 22 FEDORA-2015-233750b6ab Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2015-8126, CVE-2015-8472
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-233750b6ab
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html
Fedora Core 22
libpng15-1.5.25-1.fc22
190167 - Fedora Linux 23 FEDORA-2015-c80ec85542 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2015-8126, CVE-2015-8472
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-c80ec85542
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html
Fedora Core 23
libpng15-1.5.25-1.fc23
19487 - Joomla! SQL Injection Vulnerability (20151207)
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-MAP-NOMATCH
DescriptionA vulnerability is present in some versions of Joomla!.
ObservationJoomla! is a content management system.
A vulnerability is present in some versions of Joomla!. The flaw is due to improper handling of request data. Successful exploitation could allow an attacker to inject arbitrary SQL code.
130352 - Debian Linux 7.0, 8.0 DSA-3434-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7513, CVE-2015-7550, CVE-2015-8543, CVE-2015-8550, CVE-2015-8551, CVE-2015-8552, CVE-2015-8569, CVE-2015-8575, CVE-2015-8709
DescriptionThe scan detected that the host is missing the following update:DSA-3434-1
Observation
Updates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3434
Debian 8.0allfuse-modules-3.16.0-4-loongson-2e-di_3.16.7-ckt20-1+deb8u2virtio-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u2isofs-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u2scsi-core-modules-3.16.0-4-orion5x-di_3.16.7-ckt20-1+deb8u2jfs-modules-3.16.0-4-powerpc64-di_3.16.7-ckt20-1+deb8u2crypto-dm-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u2usb-serial-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u2virtio-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u2firewire-core-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u2crc-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u2nic-wireless-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u2fuse-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u2linux-headers-3.16.0-4-all-ppc64el_3.16.7-ckt20-1+deb8u2usb-storage-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u2kernel-image-3.16.0-4-arm64-di_3.16.7-ckt20-1+deb8u2fat-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u2kernel-image-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u2efi-modules-3.16.0-4-arm64-di_3.16.7-ckt20-1+deb8u2fuse-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u2core-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u2usb-storage-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u2virtio-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u2nbd-modules-3.16.0-4-powerpc64-di_3.16.7-ckt20-1+deb8u2fb-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u2nic-shared-modules-3.16.0-4-r4k-ip22-di_3.16.7-ckt20-1+deb8u2kernel-image-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u2crypto-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u2mouse-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u2crypto-dm-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u2isofs-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u2ntfs-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u2speakup-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u2udf-modules-3.16.0-4-orion5x-di_3.16.7-ckt20-1+deb8u2nic-shared-modules-3.16.0-4-r5k-ip32-di_3.16.7-ckt20-1+deb8u2linux-headers-3.16.0-4-sb1-bcm91250a_3.16.7-ckt20-1+deb8u2scsi-extra-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u2pcmcia-storage-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u2fat-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u2sata-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u2pcmcia-storage-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u2fuse-modules-3.16.0-4-r4k-ip22-di_3.16.7-ckt20-1+deb8u2crypto-dm-modules-3.16.0-4-powerpc64-di_3.16.7-ckt20-1+deb8u2crypto-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u2zlib-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u2ppp-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u2crypto-dm-modules-3.16.0-4-arm64-di_3.16.7-ckt20-1+deb8u2md-modules-3.16.0-4-s390x-di_3.16.7-ckt20-1+deb8u2fuse-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u2squashfs-modules-3.16.0-4-loongson-2e-di_3.16.7-ckt20-1+deb8u2mmc-core-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u2input-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u2md-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u2fb-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u2
core-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u2mmc-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u2scsi-core-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u2zlib-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u2affs-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u2btrfs-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u2fuse-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u2mouse-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u2virtio-modules-3.16.0-4-s390x-di_3.16.7-ckt20-1+deb8u2event-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u2xfs-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u2loop-modules-3.16.0-4-powerpc64-di_3.16.7-ckt20-1+deb8u2linux-image-3.16.0-4-r4k-ip22_3.16.7-ckt20-1+deb8u2nic-wireless-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u2virtio-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u2udf-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u2mouse-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u2crypto-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u2event-modules-3.16.0-4-loongson-2e-di_3.16.7-ckt20-1+deb8u2crypto-dm-modules-3.16.0-4-orion5x-di_3.16.7-ckt20-1+deb8u2linux-headers-3.16.0-4-powerpc-smp_3.16.7-ckt20-1+deb8u2event-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u2crc-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u2nic-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u2multipath-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u2linux-image-3.16.0-4-r5k-ip32_3.16.7-ckt20-1+deb8u2usb-serial-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u2pcmcia-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u2ata-modules-3.16.0-4-arm64-di_3.16.7-ckt20-1+deb8u2btrfs-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u2fat-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u2squashfs-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u2udf-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u2crypto-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u2ata-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u2squashfs-modules-3.16.0-4-r4k-ip22-di_3.16.7-ckt20-1+deb8u2scsi-core-modules-3.16.0-4-s390x-di_3.16.7-ckt20-1+deb8u2xfs-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u2crc-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u2linux-headers-3.16.0-4-all-i386_3.16.7-ckt20-1+deb8u2jfs-modules-3.16.0-4-loongson-2e-di_3.16.7-ckt20-1+deb8u2firewire-core-modules-3.16.0-4-loongson-3-di_3.16.7-ckt20-1+deb8u2nic-usb-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u2nic-modules-3.16.0-4-s390x-di_3.16.7-ckt20-1+deb8u2sata-modules-3.16.0-4-orion5x-di_3.16.7-ckt20-1+deb8u2i2c-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u2ppp-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u2minix-modules-3.16.0-4-orion5x-di_3.16.7-ckt20-1+deb8u2linux-image-3.16.0-4-amd64-dbg_3.16.7-ckt20-1+deb8u2jfs-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u2hfs-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u2sata-modules-3.16.0-4-loongson-3-di_3.16.7-ckt20-1+deb8u2linux-headers-3.16.0-4-loongson-2f_3.16.7-ckt20-1+deb8u2ext4-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u2mtd-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u2nic-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u2usb-serial-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u2md-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u2jfs-modules-3.16.0-4-r5k-ip32-di_3.16.7-ckt20-1+deb8u2speakup-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u2
core-modules-3.16.0-4-s390x-di_3.16.7-ckt20-1+deb8u2mmc-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u2nic-pcmcia-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u2linux-support-3.16.0-4_3.16.7-ckt20-1+deb8u2btrfs-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u2rtc-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u2multipath-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u2scsi-core-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u2
Debian 7.0allinput-modules-3.2.0-4-4kc-malta-di_3.2.73-2+deb7u2
130353 - Debian Linux 7.0, 8.0 DSA-3433-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467
DescriptionThe scan detected that the host is missing the following update:DSA-3433-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3433
Debian 8.0allsamba_2:4.1.17+dfsg-2+deb8u1
Debian 7.0allsamba_2:3.6.6-6+deb7u6
144123 - SuSE SLES 12, SLED 12 SUSE-SU-2015:2399-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-8370
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2015:2399-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2015-December/001770.html
SuSE SLED 12x86_64grub2-x86_64-efi-2.02~beta2-56.9.4
grub2-x86_64-xen-2.02~beta2-56.9.4grub2-2.02~beta2-56.9.4grub2-debuginfo-2.02~beta2-56.9.4grub2-i386-pc-2.02~beta2-56.9.4
noarchgrub2-snapper-plugin-2.02~beta2-56.9.4
SuSE SLES 12noarchgrub2-snapper-plugin-2.02~beta2-56.9.4
x86_64grub2-x86_64-efi-2.02~beta2-56.9.4grub2-x86_64-xen-2.02~beta2-56.9.4grub2-2.02~beta2-56.9.4grub2-debuginfo-2.02~beta2-56.9.4grub2-i386-pc-2.02~beta2-56.9.4
144124 - SuSE SLES 12, SLED 12 SUSE-SU-2016:0011-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-9732, CVE-2015-4467, CVE-2015-4468, CVE-2015-4469, CVE-2015-4470, CVE-2015-4471, CVE-2015-4472
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:0011-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001776.html
SuSE SLED 12x86_64libmspack-debugsource-0.4-14.4libmspack0-0.4-14.4libmspack0-debuginfo-0.4-14.4
SuSE SLES 12x86_64libmspack-debugsource-0.4-14.4libmspack0-0.4-14.4libmspack0-debuginfo-0.4-14.4
178141 - Gentoo Linux GLSA-201512-07 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2015-0797
DescriptionThe scan detected that the host is missing the following update:GLSA-201512-07
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201512-07
Affected packages: media-libs/gstreamer < 1.4.5
178142 - Gentoo Linux GLSA-201512-11 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2013-2492
DescriptionThe scan detected that the host is missing the following update:GLSA-201512-11
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201512-11
Affected packages: dev-db/firebird < 2.5.3.26780.0-r3
181746 - FreeBSD unzip Multiple Vulnerabilities (86c3c66e-b2f5-11e5-863a-b499baebfeaf)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7696, CVE-2015-7697
DescriptionThe scan detected that the host is missing the following update:unzip -- multiple vulnerabilities (86c3c66e-b2f5-11e5-863a-b499baebfeaf)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/86c3c66e-b2f5-11e5-863a-b499baebfeaf.html
Affected packages: unzip < 6.0_7
181747 - FreeBSD qemu Code Execution On Host Machine (aea8d90e-b0c1-11e5-8d13-bc5ff45d0f28)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-3214
Description
The scan detected that the host is missing the following update:qemu -- code execution on host machine (aea8d90e-b0c1-11e5-8d13-bc5ff45d0f28)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/aea8d90e-b0c1-11e5-8d13-bc5ff45d0f28.html
Affected packages: qemu < 2.4.0qemu-devel < 2.4.0qemu-sbruno < 2.4.50.g20150814qemu-user-static < 2.4.50.g20150814
181752 - FreeBSD mono DoS And Code Execution (4b3a7e70-afce-11e5-b864-14dae9d210b8)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2009-0689
DescriptionThe scan detected that the host is missing the following update:mono -- DoS and code execution (4b3a7e70-afce-11e5-b864-14dae9d210b8)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/4b3a7e70-afce-11e5-b864-14dae9d210b8.html
Affected packages: mono < 4.2
185110 - Ubuntu Linux 12.04, 14.04, 15.04, 15.10 USN-2855-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467
DescriptionThe scan detected that the host is missing the following update:USN-2855-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003244.html
Ubuntu 12.04
samba_3.6.3-2ubuntu2.13
Ubuntu 15.04
samba_4.1.13+dfsg-4ubuntu3.1
Ubuntu 15.10
samba_4.1.17+dfsg-4ubuntu3.1
Ubuntu 14.04
samba_4.1.6+dfsg-1ubuntu2.14.04.11
19477 - IBM WebSphere Application Server Apache HTTPComponents Vulnerabilities
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2012-6153, CVE-2014-3577
DescriptionMultiple vulnerabilities are present in some versions of IBM WebSphere Application Server.
ObservationIBM WebSphere Application Server is a Java application server.
Multiple vulnerabilities are present in some versions of IBM WebSphere Application Server. The flaws lie in Apache HTTPComponents. Successful exploitation could allow an attacker to perform man-in-the-middle attacks.
19482 - Cisco IOS/IOS XE Software IKEv1 State Machine Denial of Service
Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-6429
DescriptionA vulnerability in some versions of Cisco IOS and IOS XE could lead to a denial of service.
ObservationA vulnerability in some versions of Cisco IOS and IOS XE could lead to a denial of service.
The flaw is due to insufficient condition checks in the IKEv1 state machine. Successful exploitation by a remote attacker could result in a denial of service condition.
19485 - IBM WebSphere Portal Information Disclosure Vulnerability (CVE-2015-7447)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2015-7447
DescriptionA vulnerability is present in some versions of IBM WebSphere Portal.
ObservationIBM WebSphere Portal is a set of software tools that is used to build and manage web portals.
A vulnerability is present in some versions of IBM WebSphere Portal. The flaw lies in Portal AccessControl REST API. Successful exploitation could allow a remote attacker to obtain sensitive information.
178139 - Gentoo Linux GLSA-201512-09 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2014-3462
DescriptionThe scan detected that the host is missing the following update:GLSA-201512-09
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201512-09
Affected packages: sys-fs/encfs < 1.7.5
178140 - Gentoo Linux GLSA-201512-06 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2014-9474
DescriptionThe scan detected that the host is missing the following update:GLSA-201512-06
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201512-06
Affected packages: dev-libs/mpfr < 3.1.3_p4
178143 - Gentoo Linux GLSA-201512-13 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2012-6697, CVE-2015-6674, CVE-2015-8702
DescriptionThe scan detected that the host is missing the following update:GLSA-201512-13
ObservationUpdates often remediate critical security problems that should be quickly addressed.
For more information see:
https://security.gentoo.org/glsa/201512-13
Affected packages: net-irc/inspircd < 2.0.20
181740 - FreeBSD qemu Denial Of Service Vulnerability In Virtio-net Support (42cbd1e8-b152-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7295
DescriptionThe scan detected that the host is missing the following update:qemu -- denial of service vulnerability in virtio-net support (42cbd1e8-b152-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/42cbd1e8-b152-11e5-9728-002590263bf5.html
Affected packages: qemu < 2.4.1qemu-devel < 2.4.1qemu-sbruno < 2.5.50.g20151224qemu-user-static < 2.5.50.g20151224
181754 - FreeBSD mini_httpd Buffer Overflow Via Snprintf (84dc49b0-b267-11e5-8a5b-00262d5ed8ee)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-1548
DescriptionThe scan detected that the host is missing the following update:mini_httpd -- buffer overflow via snprintf (84dc49b0-b267-11e5-8a5b-00262d5ed8ee)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/84dc49b0-b267-11e5-8a5b-00262d5ed8ee.html
Affected packages: mini_httpd < 1.23
185114 - Ubuntu Linux 12.04, 14.04, 15.04, 15.10 USN-2856-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-3223, CVE-2015-5330
DescriptionThe scan detected that the host is missing the following update:USN-2856-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003245.html
Ubuntu 12.04
libldb1_1.1.4-1ubuntu0.1
Ubuntu 15.04
libldb1_1.1.18-1ubuntu0.1
Ubuntu 15.10
libldb1_1.1.20-2ubuntu0.1
Ubuntu 14.04
libldb1_1.1.16-1ubuntu0.1
190146 - Fedora Linux 22 FEDORA-2015-323274d412 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-5963, CVE-2015-5964, CVE-2015-8213
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-323274d412
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174770.html
Fedora Core 22
python-django-1.8.7-1.fc22
190158 - Fedora Linux 22 FEDORA-2015-7d95466eda Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7940
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-7d95466eda
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html
Fedora Core 22
bouncycastle-1.50-8.fc22
190162 - Fedora Linux 23 FEDORA-2015-5eb2131441 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-6496
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-5eb2131441
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174875.html
Fedora Core 23
conntrack-tools-1.4.2-9.fc23
190165 - Fedora Linux 22 FEDORA-2015-1aee5e6f0b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-6496
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-1aee5e6f0b
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174883.html
Fedora Core 22
conntrack-tools-1.4.2-9.fc22
19484 - Cisco Nexus 5000 Series USB Driver Denial Of Service Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium
CVE: CVE-2015-6394
DescriptionA vulnerability is present in some versions of Cisco NX-OS.
ObservationCisco NX-OS is a networking software.
A vulnerability is present in some versions of Cisco NX-OS. The flaw lies in the USB driver. Successful exploitation could allow a local user to cause a denial of service condition.
19495 - Wireshark Multiple Vulnerabilities Prior To 2.0.1
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2015-8711, CVE-2015-8718, CVE-2015-8720, CVE-2015-8721, CVE-2015-8722, CVE-2015-8723, CVE-2015-8724, CVE-2015-8725, CVE-2015-8726, CVE-2015-8727, CVE-2015-8728, CVE-2015-8729, CVE-2015-8730, CVE-2015-8731, CVE-2015-8732, CVE-2015-8733, CVE-2015-8734, CVE-2015-8735, CVE-2015-8736, CVE-2015-8737, CVE-2015-8738, CVE-2015-8739, CVE-2015-8740, CVE-2015-8741, CVE-2015-8742
DescriptionMultiple vulnerabilities are present in some versions of Wireshark.
ObservationWireshark is a network data packets analyzer.
Multiple vulnerabilities are present in some versions of Wireshark. The flaws lie in multiple dissectors and components. Successful exploitation could allow an attacker to cause a denial of service.
19496 - Wireshark Multiple Vulnerabilities Prior To 1.12.9
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2015-8711, CVE-2015-8712, CVE-2015-8713, CVE-2015-8714, CVE-2015-8715, CVE-2015-8716, CVE-2015-8717, CVE-2015-8718, CVE-2015-8719, CVE-2015-8720, CVE-2015-8721, CVE-2015-8722, CVE-2015-8723, CVE-2015-8724, CVE-2015-8725, CVE-2015-8726, CVE-2015-8727, CVE-2015-8728, CVE-2015-8729, CVE-2015-8730, CVE-2015-8731, CVE-2015-8732, CVE-2015-8733, CVE-2015-8741
DescriptionMultiple vulnerabilities are present in some versions of Wireshark.
ObservationWireshark is a network data packets analyzer.
Multiple vulnerabilities are present in some versions of Wireshark. The flaws lie in multiple dissectors and components. Successful exploitation could allow an attacker to cause a denial of service.
181761 - FreeBSD xen-kernel XENMEM_exchange Error Handling Issues (bcad3faa-b40c-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium
CVE: CVE-2015-8339, CVE-2015-8340
DescriptionThe scan detected that the host is missing the following update:xen-kernel -- XENMEM_exchange error handling issues (bcad3faa-b40c-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/bcad3faa-b40c-11e5-9728-002590263bf5.html
Affected packages: xen-kernel < 4.5.2_1
19465 - McAfee VirusScan Enterprise RWX BOP Security Bypass
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Low CVE: CVE-2015-8577
DescriptionA vulnerability in some versions of McAfee VirusScan Enterprise could lead to a security bypass.
ObservationA vulnerability in some versions of McAfee VirusScan Enterprise could lead to a security bypass.
The flaw lies in the Buffer Overflow Protection feature. Successful exploitation could allow a local attacker to bypass intended access restrictions.
130349 - Debian Linux 7.0, 8.0 DSA-3435-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2015-7545
DescriptionThe scan detected that the host is missing the following update:DSA-3435-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3435
Debian 8.0allgit_1:2.1.4-2.1+deb8u1
Debian 7.0allgit_1:1.7.10.4-1+wheezy2
130350 - Debian Linux 7.0, 8.0 DSA-3431-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2015-7944, CVE-2015-7945
DescriptionThe scan detected that the host is missing the following update:DSA-3431-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3431
Debian 8.0allganeti_2.12.4-1+deb8u2
Debian 7.0allganeti-htools_2.5.2-1+deb7u1ganeti2_2.5.2-1+deb7u1
181738 - FreeBSD qemu Denial Of Service Vulnerability In USB EHCI Emulation Support (60cb2055-b1b8-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8558
DescriptionThe scan detected that the host is missing the following update:qemu -- denial of service vulnerability in USB EHCI emulation support (60cb2055-b1b8-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/60cb2055-b1b8-11e5-9728-002590263bf5.html
Affected packages: qemu-sbruno < 2.5.50.g20151224qemu-user-static < 2.5.50.g20151224
181739 - FreeBSD xen-kernel Ioreq Handling Possibly Susceptible To Multiple Read Issue (6aa2d135-b40e-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description
The scan detected that the host is missing the following update:xen-kernel -- ioreq handling possibly susceptible to multiple read issue (6aa2d135-b40e-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/6aa2d135-b40e-11e5-9728-002590263bf5.html
Affected packages: xen-kernel < 4.5.2_1
181741 - FreeBSD qemu Denial Of Service Vulnerability In E1000 NIC Support (10bf8eed-b14d-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-6815
DescriptionThe scan detected that the host is missing the following update:qemu -- denial of service vulnerability in e1000 NIC support (10bf8eed-b14d-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/10bf8eed-b14d-11e5-9728-002590263bf5.html
Affected packages: qemu < 2.4.0.1qemu-devel < 2.4.0.1qemu-sbruno < 2.5.50.g20151224qemu-user-static < 2.5.50.g20151224
181742 - FreeBSD tiff Out-of-bounds Read In Tif_getimage.c (bd349f7a-b3b9-11e5-8255-5453ed2e2b49)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8665
DescriptionThe scan detected that the host is missing the following update:tiff -- out-of-bounds read in tif_getimage.c (bd349f7a-b3b9-11e5-8255-5453ed2e2b49)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/bd349f7a-b3b9-11e5-8255-5453ed2e2b49.html
Affected packages: tiff <= 4.0.6
181743 - FreeBSD qemu Denial Of Service Vulnerability In Q35 Chipset Emulation (152acff3-b1bd-11e5-9728-
002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8666
DescriptionThe scan detected that the host is missing the following update:qemu -- denial of service vulnerability in Q35 chipset emulation (152acff3-b1bd-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/152acff3-b1bd-11e5-9728-002590263bf5.html
Affected packages: qemu < 2.5.0qemu-devel < 2.5.0qemu-sbruno < 2.5.50.g20151224qemu-user-static < 2.5.50.g20151224
181745 - FreeBSD qemu Denial Of Service Vulnerability In VNC (8a560bcf-b14b-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-5239
DescriptionThe scan detected that the host is missing the following update:qemu -- denial of service vulnerability in VNC (8a560bcf-b14b-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/8a560bcf-b14b-11e5-9728-002590263bf5.html
Affected packages: qemu < 2.1.0qemu-devel < 2.1.0qemu-sbruno < 2.2.50.g20141230qemu-user-static < 2.2.50.g20141230
181748 - FreeBSD qemu Denial Of Service Vulnerability In MSI-X Support (3fb06284-b1b7-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-7549
DescriptionThe scan detected that the host is missing the following update:qemu -- denial of service vulnerability in MSI-X support (3fb06284-b1b7-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/3fb06284-b1b7-11e5-9728-002590263bf5.html
Affected packages: qemu < 2.5.0qemu-devel < 2.5.0qemu-sbruno < 2.5.50.g20151224qemu-user-static < 2.5.50.g20151224
181750 - FreeBSD tiff Out-of-bounds Read In CIE Lab Image Format (b65e4914-b3bc-11e5-8255-5453ed2e2b49)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8683
DescriptionThe scan detected that the host is missing the following update:tiff -- out-of-bounds read in CIE Lab image format (b65e4914-b3bc-11e5-8255-5453ed2e2b49)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/b65e4914-b3bc-11e5-8255-5453ed2e2b49.html
Affected packages: tiff <= 4.0.6
181751 - FreeBSD qemu Stack Buffer Overflow While Parsing SCSI Commands (a267cd6c-b0c4-11e5-8d13-bc5ff45d0f28)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-5158
DescriptionThe scan detected that the host is missing the following update:qemu -- stack buffer overflow while parsing SCSI commands (a267cd6c-b0c4-11e5-8d13-bc5ff45d0f28)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/a267cd6c-b0c4-11e5-8d13-bc5ff45d0f28.html
Affected packages: qemu < 2.4.0qemu-devel < 2.4.0qemu-sbruno < 2.4.50.g20150814qemu-user-static < 2.4.50.g20150814
181755 - FreeBSD qemu Denial Of Service Vulnerability In VNC (67feba97-b1b5-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8504
DescriptionThe scan detected that the host is missing the following update:qemu -- denial of service vulnerability in VNC (67feba97-b1b5-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/67feba97-b1b5-11e5-9728-002590263bf5.html
Affected packages: qemu < 2.5.0qemu-devel < 2.5.0qemu-sbruno < 2.5.50.g20151224qemu-user-static < 2.5.50.g20151224
181758 - FreeBSD qemu and xen-tools Denial Of Service Vulnerabilities In AMD PC-Net II NIC Support (405446f4-b1b3-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-7504, CVE-2015-7512
DescriptionThe scan detected that the host is missing the following update:qemu and xen-tools -- denial of service vulnerabilities in AMD PC-Net II NIC support (405446f4-b1b3-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/405446f4-b1b3-11e5-9728-002590263bf5.html
Affected packages: qemu < 2.5.0qemu-devel < 2.5.0qemu-sbruno < 2.5.50.g20151224qemu-user-static < 2.5.50.g20151224xen-tools < 4.5.2_1
181760 - FreeBSD qemu Buffer Overflow Vulnerability In Virtio-serial Message Exchanges (21e5abe3-b0c6-11e5-8d13-bc5ff45d0f28)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-5745
DescriptionThe scan detected that the host is missing the following update:qemu -- buffer overflow vulnerability in virtio-serial message exchanges (21e5abe3-b0c6-11e5-8d13-bc5ff45d0f28)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/21e5abe3-b0c6-11e5-8d13-bc5ff45d0f28.html
Affected packages: qemu < 2.4.0qemu-devel < 2.4.0qemu-sbruno < 2.4.50.g20150814qemu-user-static < 2.4.50.g20150814
181762 - FreeBSD xen-kernel Information Leak In Legacy X86 FPU/XMM Initialization (e839ca04-b40d-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8555
DescriptionThe scan detected that the host is missing the following update:xen-kernel -- information leak in legacy x86 FPU/XMM initialization (e839ca04-b40d-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/e839ca04-b40d-11e5-9728-002590263bf5.html
Affected packages: xen-kernel < 4.5.2_1
190144 - Fedora Linux 22 FEDORA-2015-d799a5e72b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-d799a5e72b
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174773.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-December/174772.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-December/174774.html
Fedora Core 22
php-horde-Horde-Perms-2.1.6-1.fc22php-horde-Horde-Service-Weather-2.3.1-1.fc22php-horde-Horde-Core-2.22.4-1.fc22
190145 - Fedora Linux 22 FEDORA-2015-8dd01b09a9 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-7543
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-8dd01b09a9
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174717.html
Fedora Core 22
arts-1.5.10-30.fc22
190147 - Fedora Linux 23 FEDORA-2015-aa14be8d92 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8614
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-aa14be8d92
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174741.html
Fedora Core 23
claws-mail-3.13.1-4.fc23
190148 - Fedora Linux 23 FEDORA-2015-deb2bbdde0 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-deb2bbdde0
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174721.html
Fedora Core 23
phpMyAdmin-4.5.3.1-1.fc23
190149 - Fedora Linux 22 FEDORA-2015-998911cf3f Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8560
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-998911cf3f
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174638.html
Fedora Core 22
cups-filters-1.4.0-1.fc22
190150 - Fedora Linux 22 FEDORA-2015-2f4b92ed2e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-7543
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-2f4b92ed2e
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174716.html
Fedora Core 22
kdelibs3-3.5.10-71.fc22
190151 - Fedora Linux 22 FEDORA-2015-0a543024bf Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8540
Description
The scan detected that the host is missing the following update:FEDORA-2015-0a543024bf
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174762.html
Fedora Core 22
libpng10-1.0.66-1.fc22
190152 - Fedora Linux 22 FEDORA-2015-345966871c Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-345966871c
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174750.html
Fedora Core 22
phpMyAdmin-4.5.3.1-1.fc22
190154 - Fedora Linux 22 FEDORA-2015-938c70c840 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-7536, CVE-2015-7537, CVE-2015-7538, CVE-2015-7539
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-938c70c840
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174917.html
Fedora Core 22
jenkins-1.609.3-5.fc22
190155 - Fedora Linux 22 FEDORA-2015-3a073171c3 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8614
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-3a073171c3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174877.html
Fedora Core 22
claws-mail-3.13.1-4.fc22
190159 - Fedora Linux 22 FEDORA-2015-d423b3276f Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-7555
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-d423b3276f
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174876.html
Fedora Core 22
mingw-giflib-5.0.5-4.fc22
190161 - Fedora Linux 22 FEDORA-2015-c44bd3e0fa Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8550, CVE-2015-8554, CVE-2015-8555
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-c44bd3e0fa
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174819.html
Fedora Core 22
xen-4.5.2-6.fc22
190163 - Fedora Linux 23 FEDORA-2016-e91ca003d4 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-e91ca003d4
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174939.html
Fedora Core 23
openvpn-2.3.10-1.fc23
190164 - Fedora Linux 23 FEDORA-2016-7f0b1e47ac Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8547
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-7f0b1e47ac
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174938.html
Fedora Core 23
quassel-0.12.2-6.fc23
190166 - Fedora Linux 23 FEDORA-2015-5567dd228a Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-5567dd228a
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174806.html
Fedora Core 23
mediawiki-1.26.2-1.fc23
190168 - Fedora Linux 22 FEDORA-2015-6d64c257cf Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-6d64c257cf
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174792.html
Fedora Core 22
thunderbird-38.4.0-1.fc22
190169 - Fedora Linux 22 FEDORA-2016-3bc3d7f66e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8547
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-3bc3d7f66e
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174976.html
Fedora Core 22
quassel-0.12.2-6.fc22
190170 - Fedora Linux 23 FEDORA-2015-d7e5461dbf Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low
CVE: CVE-2015-7536, CVE-2015-7537, CVE-2015-7538, CVE-2015-7539
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-d7e5461dbf
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174897.html
Fedora Core 23
jenkins-1.625.3-1.fc23
190171 - Fedora Linux 23 FEDORA-2015-44fb3501cc Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-7555
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-44fb3501cc
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174870.html
Fedora Core 23
mingw-giflib-5.0.5-4.fc23
ENHANCED CHECKS
The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check.
130348 - Debian Linux 7.0, 8.0 DSA-3430-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317, CVE-2015-8710
Update DetailsCVE is updated
141032 - Red Hat Enterprise Linux RHSA-2015-2596 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes
Risk Level: High CVE: CVE-2015-8126, CVE-2015-8472
Update DetailsFASLScript is updated
141041 - Red Hat Enterprise Linux RHSA-2015-2595 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2015-7981, CVE-2015-8126, CVE-2015-8472
Update DetailsFASLScript is updated
141029 - Red Hat Enterprise Linux RHSA-2015-2549 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, CVE-2015-8710
Update DetailsCVE is updated
141030 - Red Hat Enterprise Linux RHSA-2015-2550 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, CVE-2015-8710
Update DetailsCVE is updated FASLScript is updated
141036 - Red Hat Enterprise Linux RHSA-2015-2619 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-4551, CVE-2015-5212, CVE-2015-5213, CVE-2015-5214
Update DetailsFASLScript is updated
141039 - Red Hat Enterprise Linux RHSA-2015-2623 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-8370
Update Details
FASLScript is updated
144097 - SuSE SLES 12, SLED 12 SUSE-SU-2015:2304-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-8467
Update DetailsRisk is updated
144111 - SuSE Linux 13.1, 13.2 openSUSE-SU-2015:2356-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467
Update DetailsRisk is updated
160005 - CentOS 6 CESA-2015-2549 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, CVE-2015-8710
Update DetailsCVE is updated
181726 - FreeBSD samba Multiple Vulnerabilities (ef434839-a6a4-11e5-8275-000c292e4fd8)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467
Update DetailsRisk is updated
12824 - HTTP Server Prone To Slow Denial Of Service Attack
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-2007-6750, CVE-2012-5568
Update DetailsCVE is updated
19331 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing (3119884)
Category: Windows Host Assessment -> Patches Only (CATEGORY REQUIRES CREDENTIALS)
Risk Level: Medium CVE: CVE-MAP-NOMATCH
Update DetailsFASLScript is updated
141027 - Red Hat Enterprise Linux RHSA-2015-2561 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7545
Update DetailsFASLScript is updated
141037 - Red Hat Enterprise Linux RHSA-2015-2617 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-3194, CVE-2015-3195, CVE-2015-3196
Update DetailsFASLScript is updated
141043 - Red Hat Enterprise Linux RHSA-2015-2655 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-8000
Update DetailsFASLScript is updated
190108 - Fedora Linux 22 FEDORA-2015-af140eefbc Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-5330
Update DetailsRisk is updated
190120 - Fedora Linux 23 FEDORA-2015-b36076d32e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-7540
Update DetailsRisk is updated
190125 - Fedora Linux 23 FEDORA-2015-b960ca78bf Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-5330
Update DetailsRisk is updated
190140 - Fedora Linux 22 FEDORA-2015-0e0879cc8a Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-7540
Update DetailsRisk is updated
181719 - FreeBSD Bugzilla Security Issues (54075861-a95a-11e5-8b40-20cf30e32f6d)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8508, CVE-2015-8509
Update DetailsRisk is updated
45000 - ShellLogon.fasl3
Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH
Update DetailsFASLScript is updated
45001 - ShellInitialize.fasl3
Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH
Update DetailsFASLScript is updated
70134 - joomla.fasl3.inc
Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH
Update DetailsFASLScript is updated
HOW TO UPDATE
FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.
FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.
MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.
MCAFEE TECHNICAL SUPPORT
ServicePortal: https://mysupport.mcafee.com/Multi-National Phone Support available here:
http://www.mcafee.com/us/about/contact/index.htmlNon-US customers - Select your country from the list of Worldwide Offices.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.
Copyright 2016 McAfee, Inc.McAfee is a registered trademark of McAfee, Inc. and/or its affiliates