2017-JUL-27 FSL version 7.5.946
MCAFEE FOUNDSTONE FSL UPDATE
To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.
NEW CHECKS
22152 - (JSA10802) Juniper Junos Insufficient Authentication Security Bypass Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2017-10601
Description A security-bypass vulnerability is present in some versions of Juniper Junos OS.
Observation Juniper Junos OS is an operating system used in Juniper devices.
A security-bypass vulnerability is present in some versions of Juniper Junos OS. The flaw lies in the Juniper Junos OS. Successful exploitation could allow a remote attacker to bypass authentication and gain access on the target system.
22161 - (JSA10791) Juniper Junos SRX Hardcoded Credentials Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2017-2343
Description An information disclosure vulnerability is present in some versions of Juniper Junos OS.
Observation Juniper Junos OS is an operating system used in Juniper devices.
An information disclosure vulnerability is present in some versions of Juniper Junos OS. The flaw lies in the UserFW services authentication API. Successful exploitation could allow an unauthenticated, remote attacker to gain access to sensitive information.
141631 - Red Hat Enterprise Linux RHSA-2017-1798 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-7895
Description The scan detected that the host is missing the following update: RHSA-2017-1798
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2017-July/msg00023.html
RHEL6_6S x86_64 kernel-debuginfo-common-x86_64-2.6.32-504.62.1.el6 python-perf-2.6.32-504.62.1.el6 kernel-2.6.32-504.62.1.el6 perf-debuginfo-2.6.32-504.62.1.el6 kernel-headers-2.6.32-504.62.1.el6 perf-2.6.32-504.62.1.el6 kernel-debug-2.6.32-504.62.1.el6 kernel-debuginfo-2.6.32-504.62.1.el6 kernel-devel-2.6.32-504.62.1.el6 kernel-debug-devel-2.6.32-504.62.1.el6 kernel-debug-debuginfo-2.6.32-504.62.1.el6 python-perf-debuginfo-2.6.32-504.62.1.el6 noarch kernel-doc-2.6.32-504.62.1.el6 kernel-firmware-2.6.32-504.62.1.el6 kernel-abi-whitelists-2.6.32-504.62.1.el6
178479 - Gentoo Linux GLSA-201707-15 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2017-3075, CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3080, CVE-2017-3081, CVE- 2017-3082, CVE-2017-3083, CVE-2017-3084, CVE-2017-3099, CVE-2017-3100
Description The scan detected that the host is missing the following update: GLSA-201707-15
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201707-15
Affected packages: www-plugins/adobe-flash < 26.0.0.137
185788 - Ubuntu Linux 16.10 USN-3359-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2014-9900, CVE-2016-9755, CVE-2017-1000380, CVE-2017-5551, CVE-2017-5576, CVE-2017-7346, CVE-2017-7895, CVE-2017-8924, CVE-2017-8925, CVE-2017-9150, CVE-2017-9605
Description The scan detected that the host is missing the following update: USN-3359-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003953.html
Ubuntu 16.10 linux-image-powerpc-smp_4.8.0.59.72 linux-image-raspi2_4.8.0.1043.47 linux-image-lowlatency_4.8.0.59.72 linux-image-generic-lpae_4.8.0.59.72 linux-image-4.8.0-1043-raspi2_4.8.0-1043.47 linux-image-4.8.0-59-powerpc-e500mc_4.8.0-59.64 linux-image-generic_4.8.0.59.72 linux-image-powerpc64-emb_4.8.0.59.72 linux-image-4.8.0-59-generic-lpae_4.8.0-59.64 linux-image-4.8.0-59-generic_4.8.0-59.64 linux-image-powerpc-e500mc_4.8.0.59.72 linux-image-4.8.0-59-powerpc-smp_4.8.0-59.64 linux-image-4.8.0-59-powerpc64-emb_4.8.0-59.64 linux-image-4.8.0-59-lowlatency_4.8.0-59.64
185792 - Ubuntu Linux 14.04 USN-3360-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2014-9900, CVE-2015-8944, CVE-2015-8955, CVE-2015-8962, CVE-2015-8963, CVE-2015-8964, CVE-2015-8966, CVE- 2015-8967, CVE-2016-10088, CVE-2017-1000380, CVE-2017-7346, CVE-2017-7895, CVE-2017-8924, CVE-2017-8925, CVE-2017- 9605
Description The scan detected that the host is missing the following update: USN-3360-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003955.html
Ubuntu 14.04 linux-image-powerpc-smp_3.13.0.125.135 linux-image-powerpc-e500_3.13.0.125.135 linux-image-generic-lpae_3.13.0.125.135 linux-image-3.13.0-125-powerpc-e500_3.13.0-125.174 linux-image-3.13.0-125-powerpc64-smp_3.13.0-125.174 linux-image-3.13.0-125-powerpc64-emb_3.13.0-125.174 linux-image-powerpc-e500mc_3.13.0.125.135 linux-image-generic_3.13.0.125.135 linux-image-3.13.0-125-generic_3.13.0-125.174 linux-image-powerpc64-emb_3.13.0.125.135 linux-image-3.13.0-125-powerpc-smp_3.13.0-125.174 linux-image-3.13.0-125-lowlatency_3.13.0-125.174 linux-image-lowlatency_3.13.0.125.135 linux-image-3.13.0-125-generic-lpae_3.13.0-125.174 linux-image-powerpc64-smp_3.13.0.125.135 linux-image-3.13.0-125-powerpc-e500mc_3.13.0-125.174
185796 - Ubuntu Linux 16.04 USN-3361-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2015-1350, CVE-2016-10208, CVE-2016-8405, CVE-2016-8636, CVE-2016-9083, CVE-2016-9084, CVE-2016-9191, CVE-2016-9604, CVE-2016-9755, CVE-2017-2583, CVE-2017-2584, CVE-2017-2596, CVE-2017-2618, CVE-2017-2671, CVE-2017- 5546, CVE-2017-5549, CVE-2017-5550, CVE-2017-5551, CVE-2017-5576, CVE-2017-5669, CVE-2017-5897, CVE-2017-5970, CVE- 2017-6001, CVE-2017-6214, CVE-2017-6345, CVE-2017-6346, CVE-2017-6347, CVE-2017-6348, CVE-2017-7187, CVE-2017-7261, CVE-2017-7273, CVE-2017-7472, CVE-2017-7616, CVE-2017-7618, CVE-2017-7645, CVE-2017-7889, CVE-2017-7895, CVE-2017- 8924, CVE-2017-8925, CVE-2017-9150
Description The scan detected that the host is missing the following update: USN-3361-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003956.html
Ubuntu 16.04 linux-image-generic-lpae-hwe-16.04_4.10.0.27.30 linux-image-4.10.0-27-generic_4.10.0-27.30~16.04.2 linux-image-generic-hwe-16.04_4.10.0.27.30 linux-image-4.10.0-27-lowlatency_4.10.0-27.30~16.04.2 linux-image-lowlatency-hwe-16.04_4.10.0.27.30 linux-image-4.10.0-27-generic-lpae_4.10.0-27.30~16.04.2
185800 - Ubuntu Linux 12.04 USN-3360-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2014-9900, CVE-2015-8944, CVE-2015-8955, CVE-2015-8962, CVE-2015-8963, CVE-2015-8964, CVE-2015-8966, CVE- 2015-8967, CVE-2016-10088, CVE-2017-1000380, CVE-2017-7346, CVE-2017-7895, CVE-2017-8924, CVE-2017-8925, CVE-2017- 9074, CVE-2017-9605
Description The scan detected that the host is missing the following update: USN-3360-2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003957.html
Ubuntu 12.04 linux-image-generic-lts-trusty_3.13.0.125.116 linux-image-generic-lpae-lts-trusty_3.13.0.125.116 linux-image-3.13.0-125-generic_3.13.0-125.174~precise1 linux-image-3.13.0-125-generic-lpae_3.13.0-125.174~precise1 192402 - Fedora Linux 25 FEDORA-2017-98548b066b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-11176
Description The scan detected that the host is missing the following update: FEDORA-2017-98548b066b
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 25 kernel-4.11.11-200.fc25
192409 - Fedora Linux 26 FEDORA-2017-deb70b495e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-11176
Description The scan detected that the host is missing the following update: FEDORA-2017-deb70b495e
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 26 kernel-4.11.11-300.fc26
22123 - Cisco IOS Software SNMP Remote Code Execution Vulnerability (CSCve66601)
Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2017-6740
Description A vulnerability is present in some versions of Cisco IOS.
Observation Cisco IOS is an operating system used in Cisco devices.
A vulnerability is present in some versions of Cisco IOS. The flaw lies in the SNMP component. Successful exploitation could allow an attacker to remotely execute arbitrary code or cause a denial of service condition.
22153 - (JSA10801) Juniper Junos SRX Command Injection Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2017-2349
Description A command injection vulnerability is present in some versions of Juniper JunOS.
Observation Juniper JunOS is an operating system used in Juniper devices.
A command injection vulnerability is present in some versions of Juniper JunOS. The flaw lies in the Juniper Junos on SRX Series IDP feature. Successful exploitation could allow a remote authenticated user to gain elevated privileges.
22175 - (JSA10793) Juniper Junos Snmpd Daemon Denial of Service Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2017-2345
Description A vulnerability is present in some versions of Juniper Junos OS.
Observation Juniper Junos OS is an operating system used in Juniper devices.
A vulnerability is present in some versions of Juniper Junos OS. The flaw lies in the SNMP daemon. Successful exploitation could allow a remote attacker to execute arbitrary code or cause a denial of service.
141632 - Red Hat Enterprise Linux RHSA-2017-1791 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10081, CVE-2017-10086, CVE-2017-10087, CVE-2017- 10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017- 10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10114, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017- 10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243
Description The scan detected that the host is missing the following update: RHSA-2017-1791
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2017-July/msg00019.html
RHEL7D x86_64 java-1.7.0-oracle-jdbc-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-src-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-devel-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-plugin-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-javafx-1.7.0.151-1jpp.1.el7_3
RHEL7S x86_64 java-1.7.0-oracle-jdbc-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-src-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-devel-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-plugin-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-javafx-1.7.0.151-1jpp.1.el7_3
RHEL7WS x86_64 java-1.7.0-oracle-jdbc-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-src-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-devel-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-plugin-1.7.0.151-1jpp.1.el7_3 java-1.7.0-oracle-javafx-1.7.0.151-1jpp.1.el7_3
141633 - Red Hat Enterprise Linux RHSA-2017-1792 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10081, CVE-2017-10087, CVE-2017-10089, CVE-2017- 10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017- 10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10135, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243
Description The scan detected that the host is missing the following update: RHSA-2017-1792
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2017-July/msg00018.html
RHEL7D x86_64 java-1.6.0-sun-demo-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-plugin-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-devel-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-jdbc-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-src-1.6.0.161-1jpp.3.el7_3
RHEL7S x86_64 java-1.6.0-sun-demo-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-plugin-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-devel-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-jdbc-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-src-1.6.0.161-1jpp.3.el7_3
RHEL7WS x86_64 java-1.6.0-sun-demo-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-plugin-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-devel-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-jdbc-1.6.0.161-1jpp.3.el7_3 java-1.6.0-sun-src-1.6.0.161-1jpp.3.el7_3
141634 - Red Hat Enterprise Linux RHSA-2017-1790 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10086, CVE-2017- 10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017- 10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10114, CVE-2017-10115, CVE-2017- 10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243
Description The scan detected that the host is missing the following update: RHSA-2017-1790
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2017-July/msg00020.html
RHEL7D x86_64 java-1.8.0-oracle-src-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-plugin-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-devel-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-jdbc-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-javafx-1.8.0.141-1jpp.1.el7_3
RHEL7S x86_64 java-1.8.0-oracle-src-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-plugin-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-devel-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-jdbc-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-javafx-1.8.0.141-1jpp.1.el7_3
RHEL7WS x86_64 java-1.8.0-oracle-src-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-plugin-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-devel-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-jdbc-1.8.0.141-1jpp.1.el7_3 java-1.8.0-oracle-javafx-1.8.0.141-1jpp.1.el7_3 141635 - Red Hat Enterprise Linux RHSA-2017-1789 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10087, CVE-2017- 10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10107, CVE-2017-10108, CVE-2017- 10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10115, CVE-2017-10116, CVE-2017-10135, CVE-2017-10193, CVE-2017- 10198
Description The scan detected that the host is missing the following update: RHSA-2017-1789
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2017-July/msg00021.html
RHEL7S noarch java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-zip-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-1.8.0.141-1.b16.el7_3 x86_64 java-1.8.0-openjdk-accessibility-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-debuginfo-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-src-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-accessibility-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-src-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-1.8.0.141-1.b16.el7_3
RHEL6S i386 java-1.8.0-openjdk-demo-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debuginfo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-debug-1.8.0.141-2.b16.el6_9 noarch java-1.8.0-openjdk-javadoc-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-2.b16.el6_9 x86_64 java-1.8.0-openjdk-demo-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debuginfo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-debug-1.8.0.141-2.b16.el6_9
RHEL6WS x86_64 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debuginfo-1.8.0.141-2.b16.el6_9 i386 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debuginfo-1.8.0.141-2.b16.el6_9
RHEL7D x86_64 java-1.8.0-openjdk-accessibility-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-debuginfo-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-src-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-accessibility-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-src-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-1.8.0.141-1.b16.el7_3 noarch java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-zip-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-1.8.0.141-1.b16.el7_3
RHEL6D i386 java-1.8.0-openjdk-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debuginfo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-debug-1.8.0.141-2.b16.el6_9 noarch java-1.8.0-openjdk-javadoc-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-2.b16.el6_9 x86_64 java-1.8.0-openjdk-demo-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debuginfo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-debug-1.8.0.141-2.b16.el6_9
RHEL7WS x86_64 java-1.8.0-openjdk-accessibility-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-debuginfo-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-src-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-accessibility-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-src-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-1.8.0.141-1.b16.el7_3 noarch java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-zip-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-1.8.0.141-1.b16.el7_3
160286 - CentOS 6, 7 CESA-2017-1789 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: CESA-2017-1789
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2017-July/022508.html http://lists.centos.org/pipermail/centos-announce/2017-July/022509.html CentOS 7 i686 java-1.8.0-openjdk-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-debug-1.8.0.141-1.b16.el7_3 noarch java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-zip-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-1.8.0.141-1.b16.el7_3 x86_64 java-1.8.0-openjdk-src-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-src-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-accessibility-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-accessibility-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-1.8.0.141-1.b16.el7_3
CentOS 6 i686 java-1.8.0-openjdk-demo-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-debug-1.8.0.141-2.b16.el6_9 noarch java-1.8.0-openjdk-javadoc-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-2.b16.el6_9 x86_64 java-1.8.0-openjdk-demo-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-debug-1.8.0.141-2.b16.el6_9
163395 - Oracle Enterprise Linux ELSA-2017-1789 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10087, CVE-2017- 10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10107, CVE-2017-10108, CVE-2017- 10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10115, CVE-2017-10116, CVE-2017-10135, CVE-2017-10193, CVE-2017- 10198
Description The scan detected that the host is missing the following update: ELSA-2017-1789
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2017-July/007060.html http://oss.oracle.com/pipermail/el-errata/2017-July/007062.html
OEL7 x86_64 java-1.8.0-openjdk-accessibility-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-src-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-src-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-zip-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-accessibility-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-1.8.0.141-1.b16.el7_3
OEL6 x86_64 java-1.8.0-openjdk-demo-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-javadoc-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-debug-1.8.0.141-2.b16.el6_9 i386 java-1.8.0-openjdk-demo-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-javadoc-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-debug-1.8.0.141-2.b16.el6_9
170837 - Amazon Linux AMI ALAS-2017-860 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017- 10102, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10115, CVE-2017- 10116, CVE-2017-10135, CVE-2017-10193, CVE-2017-10198
Description The scan detected that the host is missing the following update: ALAS-2017-860
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://alas.aws.amazon.com/ALAS-2017-860.html
Amazon Linux AMI i686 java-1.8.0-openjdk-demo-1.8.0.141-1.b16.32.amzn1 java-1.8.0-openjdk-debuginfo-1.8.0.141-1.b16.32.amzn1 java-1.8.0-openjdk-src-1.8.0.141-1.b16.32.amzn1 java-1.8.0-openjdk-devel-1.8.0.141-1.b16.32.amzn1 java-1.8.0-openjdk-1.8.0.141-1.b16.32.amzn1 java-1.8.0-openjdk-headless-1.8.0.141-1.b16.32.amzn1 noarch java-1.8.0-openjdk-javadoc-zip-1.8.0.141-1.b16.32.amzn1 java-1.8.0-openjdk-javadoc-1.8.0.141-1.b16.32.amzn1 x86_64 java-1.8.0-openjdk-demo-1.8.0.141-1.b16.32.amzn1 java-1.8.0-openjdk-debuginfo-1.8.0.141-1.b16.32.amzn1 java-1.8.0-openjdk-src-1.8.0.141-1.b16.32.amzn1 java-1.8.0-openjdk-devel-1.8.0.141-1.b16.32.amzn1 java-1.8.0-openjdk-1.8.0.141-1.b16.32.amzn1 java-1.8.0-openjdk-headless-1.8.0.141-1.b16.32.amzn1
175205 - Scientific Linux Security ERRATA Critical: java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (1707-10218)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10087, CVE-2017- 10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10107, CVE-2017-10108, CVE-2017- 10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10115, CVE-2017-10116, CVE-2017-10135, CVE-2017-10193, CVE-2017- 10198
Description The scan detected that the host is missing the following update: Security ERRATA Critical: java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (1707-10218)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1707&L=scientific-linux-errata&F=&S=&P=10218
SL7 x86_64 java-1.8.0-openjdk-accessibility-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-debuginfo-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-devel-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-src-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-headless-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-accessibility-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-src-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-demo-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-1.8.0.141-1.b16.el7_3 noarch java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-zip-1.8.0.141-1.b16.el7_3 java-1.8.0-openjdk-javadoc-1.8.0.141-1.b16.el7_3
SL6 i386 java-1.8.0-openjdk-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debuginfo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-debug-1.8.0.141-2.b16.el6_9 noarch java-1.8.0-openjdk-javadoc-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-javadoc-debug-1.8.0.141-2.b16.el6_9 x86_64 java-1.8.0-openjdk-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-src-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-debuginfo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-demo-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-devel-debug-1.8.0.141-2.b16.el6_9 java-1.8.0-openjdk-headless-debug-1.8.0.141-2.b16.el6_9
182400 - FreeBSD webkit2-gtk3 Multiple Vulnabilities (0f66b901-715c-11e7-ad1f-bcaec565249c)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2017-7006, CVE-2017-7011, CVE-2017-7012, CVE-2017-7018, CVE-2017-7019, CVE-2017-7020, CVE-2017-7030, CVE- 2017-7034, CVE-2017-7037, CVE-2017-7038, CVE-2017-7039, CVE-2017-7040, CVE-2017-7041, CVE-2017-7042, CVE-2017-7043, CVE-2017-7046, CVE-2017-7048, CVE-2017-7049, CVE-2017-7052, CVE-2017-7055, CVE-2017-7056, CVE-2017-7059, CVE-2017- 7061, CVE-2017-7064
Description The scan detected that the host is missing the following update: webkit2-gtk3 -- multiple vulnabilities (0f66b901-715c-11e7-ad1f-bcaec565249c)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/0f66b901-715c-11e7-ad1f-bcaec565249c.html
Affected packages: webkit2-gtk3 < 2.16.6
22170 - (JSA10789) Juniper Junos SRX Denial Of Service Vulnerabilities
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2017-10605, CVE-2017-2314
Description Multiple vulnerabilities are present in some versions of Juniper Junos OS.
Observation Juniper Junos OS is an operating system used in Juniper devices.
Multiple vulnerabilities are present in some versions of Juniper Junos OS. The flaws are related with a bad filtering of maliciously crafted DHCP packets. Successful exploitation could allow an attacker to cause a denial of service condition.
22151 - Apache HTTP Server Multiple Vulnerabilities Prior To 2.2.34
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-3167, CVE-2017-3169, CVE-2017-7668, CVE-2017-7679, CVE-2017-9788
Description Multiple vulnerabilities are present in some versions of Apache HTTP Server.
Observation Apache HTTP Server is an open source web server.
Multiple vulnerabilities are present in some versions of Apache HTTP Server. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause denial of service, obtain sensitive information, or bypass security measures.
22164 - Novell Sentinel Vulnerability Prior To 8.0.1.1 Build 3611
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2016-1000031
Description A vulnerability is present in some versions of Novell Sentinel.
Observation Sentinel is a security information and event management (SIEM) tool.
A vulnerability is present in some versions of Novell Sentinel. The flaw is due to improper handling of object sent to Apache Commons File Upload. Successful exploitation could allow an attacker to obtain sensitive information, cause a denial of service or execute arbitrary code.
22169 - (JSA10790) Juniper Junos SRX MACsec Security Bypass Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2017-2342
Description A vulnerability is present in some versions of Juniper Junos OS.
Observation Juniper Junos OS is an operating system used in Juniper devices.
A vulnerability is present in some versions of Juniper Junos OS. The flaw lies in the Media Access Control Security component. Successful exploitation could allow an attacker that uses malicious crafted links to bypass security access restrictions on the target system.
22172 - Wireshark Multiple Vulnerabilities Prior To 2.2.8
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-11406, CVE-2017-11407, CVE-2017-11408
Description Multiple vulnerabilities are present in some versions of Wireshark.
Observation Wireshark is a tool that is used to analyze the network protocol and traffic.
Multiple vulnerabilities are present in some versions of Wireshark. The flaws lie in multiple dissectors. Successful exploitation could allow an attacker to cause a denial of service condition.
22178 - Oracle MySQL Enterprise Monitor Critical Patch Update July 2017 (CVE-2016-4436)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-4436
Description A vulnerability is present in some versions of Oracle MySQL Enterprise Monitor.
Observation Oracle MySQL Enterprise Monitor enables monitoring of multiple Oracle MySQL instances.
A vulnerability is present in some versions of Oracle MySQL Enterprise Monitor. The flaw lies in Apache Struts. Successful exploitation could allow an attacker to bypass certain security restrictions and perform unspecified attack.
22180 - Oracle MySQL Enterprise Monitor Critical Patch Update July 2017 (CVE-2017-5651)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-5651
Description A vulnerability is present in some versions of Oracle MySQL Enterprise Monitor.
Observation Oracle MySQL Enterprise Monitor enables monitoring of multiple Oracle MySQL instances.
A vulnerability is present in some versions of Oracle MySQL Enterprise Monitor. The flaw lies in Apache Tomcat. Successful exploitation could allow an attacker to obtain sensitive information, or perform unspecified attack.
130823 - Debian Linux 8.0, 9.0 DSA-3914-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2017-10928, CVE-2017-11141, CVE-2017-11170, CVE-2017-11188, CVE-2017-11352, CVE-2017-11360, CVE-2017- 11447, CVE-2017-11448, CVE-2017-11449, CVE-2017-11450, CVE-2017-11478, CVE-2017-9439, CVE-2017-9440, CVE-2017-9501
Description The scan detected that the host is missing the following update: DSA-3914-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2017/dsa-3914
Debian 8.0 all imagemagick_8:6.8.9.9-5+deb8u10
Debian 9.0 all imagemagick_8:6.9.7.4+dfsg-11+deb9u1 141636 - Red Hat Enterprise Linux RHSA-2017-1793 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777, CVE- 2017-7778
Description The scan detected that the host is missing the following update: RHSA-2017-1793
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2017-July/msg00022.html
RHEL7D x86_64 graphite2-1.3.10-1.el7_3 graphite2-devel-1.3.10-1.el7_3 graphite2-debuginfo-1.3.10-1.el7_3
RHEL7S x86_64 graphite2-1.3.10-1.el7_3 graphite2-devel-1.3.10-1.el7_3 graphite2-debuginfo-1.3.10-1.el7_3
RHEL7WS x86_64 graphite2-1.3.10-1.el7_3 graphite2-devel-1.3.10-1.el7_3 graphite2-debuginfo-1.3.10-1.el7_3
145457 - SuSE SLES 11 SP4 SUSE-SU-2017:1938-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-1338
Description The scan detected that the host is missing the following update: SUSE-SU-2017:1938-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2017-July/003060.html
SuSE SLES 11 SP4 i586 apport-gtk-0.114-12.8.3.1 apport-0.114-12.8.3.1 apport-crashdb-sle-0.114-0.8.3.1 x86_64 apport-gtk-0.114-12.8.3.1 apport-0.114-12.8.3.1 apport-crashdb-sle-0.114-0.8.3.1
160284 - CentOS 7 CESA-2017-1793 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: CESA-2017-1793
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2017-July/022510.html
CentOS 7 x86_64 graphite2-1.3.10-1.el7_3 graphite2-devel-1.3.10-1.el7_3 i686 graphite2-1.3.10-1.el7_3 graphite2-devel-1.3.10-1.el7_3
160285 - CentOS 6 CESA-2017-1759 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: CESA-2017-1759
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2017-July/022507.html
CentOS 6 x86_64 freeradius-krb5-2.2.6-7.el6_9 freeradius-ldap-2.2.6-7.el6_9 freeradius-python-2.2.6-7.el6_9 freeradius-postgresql-2.2.6-7.el6_9 freeradius-perl-2.2.6-7.el6_9 freeradius-unixODBC-2.2.6-7.el6_9 freeradius-2.2.6-7.el6_9 freeradius-utils-2.2.6-7.el6_9 freeradius-mysql-2.2.6-7.el6_9 i686 freeradius-krb5-2.2.6-7.el6_9 freeradius-ldap-2.2.6-7.el6_9 freeradius-python-2.2.6-7.el6_9 freeradius-postgresql-2.2.6-7.el6_9 freeradius-perl-2.2.6-7.el6_9 freeradius-unixODBC-2.2.6-7.el6_9 freeradius-2.2.6-7.el6_9 freeradius-utils-2.2.6-7.el6_9 freeradius-mysql-2.2.6-7.el6_9
163394 - Oracle Enterprise Linux ELSA-2017-1793 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777, CVE- 2017-7778
Description The scan detected that the host is missing the following update: ELSA-2017-1793
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2017-July/007061.html
OEL7 x86_64 graphite2-1.3.10-1.el7_3 graphite2-devel-1.3.10-1.el7_3
170835 - Amazon Linux AMI ALAS-2017-858 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-3142, CVE-2017-3143
Description The scan detected that the host is missing the following update: ALAS-2017-858
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://alas.aws.amazon.com/ALAS-2017-858.html
Amazon Linux AMI x86_64 bind-chroot-9.8.2-0.62.rc1.56.amzn1 bind-9.8.2-0.62.rc1.56.amzn1 bind-devel-9.8.2-0.62.rc1.56.amzn1 bind-sdb-9.8.2-0.62.rc1.56.amzn1 bind-libs-9.8.2-0.62.rc1.56.amzn1 bind-utils-9.8.2-0.62.rc1.56.amzn1 bind-debuginfo-9.8.2-0.62.rc1.56.amzn1 i686 bind-chroot-9.8.2-0.62.rc1.56.amzn1 bind-9.8.2-0.62.rc1.56.amzn1 bind-devel-9.8.2-0.62.rc1.56.amzn1 bind-sdb-9.8.2-0.62.rc1.56.amzn1 bind-libs-9.8.2-0.62.rc1.56.amzn1 bind-utils-9.8.2-0.62.rc1.56.amzn1 bind-debuginfo-9.8.2-0.62.rc1.56.amzn1
170838 - Amazon Linux AMI ALAS-2017-861 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-9450
Description The scan detected that the host is missing the following update: ALAS-2017-861
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://alas.aws.amazon.com/ALAS-2017-861.html
Amazon Linux AMI noarch aws-cfn-bootstrap-1.4-19.10.amzn1
175204 - Scientific Linux Security ERRATA Important: graphite2 on SL7.x x86_64 (1707-10939)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777, CVE- 2017-7778
Description The scan detected that the host is missing the following update: Security ERRATA Important: graphite2 on SL7.x x86_64 (1707-10939)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1707&L=scientific-linux-errata&F=&S=&P=10939
SL7 x86_64 graphite2-1.3.10-1.el7_3 graphite2-devel-1.3.10-1.el7_3 graphite2-debuginfo-1.3.10-1.el7_3
185778 - Ubuntu Linux 14.04, 16.04, 17.04 USN-3365-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2009-5147, CVE-2015-1855, CVE-2015-7551, CVE-2015-9096, CVE-2016-2337, CVE-2016-2339, CVE-2016-7798
Description The scan detected that the host is missing the following update: USN-3365-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003966.html
Ubuntu 16.04 ruby2.3_2.3.1-2~16.04.2 libruby2.3_2.3.1-2~16.04.2
Ubuntu 14.04 ruby1.9.1_1.9.3.484-2ubuntu1.3 libruby1.9.1_1.9.3.484-2ubuntu1.3 libruby2.0_2.0.0.484-1ubuntu2.4 ruby2.0_2.0.0.484-1ubuntu2.4
Ubuntu 17.04 libruby2.3_2.3.3-1ubuntu0.1 ruby2.3_2.3.3-1ubuntu0.1
185786 - Ubuntu Linux 14.04, 16.04, 17.04 USN-3363-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2017-10928, CVE-2017-11141, CVE-2017-11170, CVE-2017-11188, CVE-2017-11352, CVE-2017-11360, CVE-2017- 11447, CVE-2017-11448, CVE-2017-11449, CVE-2017-11450, CVE-2017-11478, CVE-2017-9261, CVE-2017-9262, CVE-2017-9405, CVE-2017-9407, CVE-2017-9409, CVE-2017-9439, CVE-2017-9440, CVE-2017-9501
Description The scan detected that the host is missing the following update: USN-3363-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003960.html
Ubuntu 16.04 imagemagick-6.q16_6.8.9.9-7ubuntu5.8 imagemagick_6.8.9.9-7ubuntu5.8 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.8
Ubuntu 14.04 imagemagick_6.7.7.10-6ubuntu3.8 libmagickcore5_6.7.7.10-6ubuntu3.8
Ubuntu 17.04 imagemagick_6.9.7.4+dfsg-3ubuntu1.2 imagemagick-6.q16_6.9.7.4+dfsg-3ubuntu1.2 libmagickcore-6.q16-3_6.9.7.4+dfsg-3ubuntu1.2
185795 - Ubuntu Linux 12.04 USN-3212-3 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2015-7554, CVE-2015-8668, CVE-2016-10092, CVE-2016-3623, CVE-2016-3624, CVE-2016-3632, CVE-2016-3990, CVE-2016-3991, CVE-2016-5321, CVE-2016-5322, CVE-2016-8331, CVE-2016-9453, CVE-2016-9533, CVE-2016-9534, CVE-2016- 9536, CVE-2016-9537
Description The scan detected that the host is missing the following update: USN-3212-3
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003947.html
Ubuntu 12.04 libtiff-tools_3.9.5-2ubuntu1.10 libtiff4_3.9.5-2ubuntu1.10
192401 - Fedora Linux 26 FEDORA-2017-3d5354d30f Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-10672
Description The scan detected that the host is missing the following update: FEDORA-2017-3d5354d30f
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 26 perl-XML-LibXML-2.0129-2.fc26 192413 - Fedora Linux 26 FEDORA-2017-114e1abf9d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-10965, CVE-2017-10966
Description The scan detected that the host is missing the following update: FEDORA-2017-114e1abf9d
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=3
Fedora Core 26 irssi-1.0.4-1.fc26
192418 - Fedora Linux 25 FEDORA-2017-2d8a1226d1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-9433
Description The scan detected that the host is missing the following update: FEDORA-2017-2d8a1226d1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 25 libmwaw-0.3.12-1.fc25
192419 - Fedora Linux 25 FEDORA-2017-f941184db1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-9603, CVE-2017-10806, CVE-2017-7377, CVE-2017-7718, CVE-2017-7980, CVE-2017-8112, CVE-2017-8309, CVE-2017-8379, CVE-2017-8380, CVE-2017-9060, CVE-2017-9310, CVE-2017-9330, CVE-2017-9374
Description The scan detected that the host is missing the following update: FEDORA-2017-f941184db1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 25 qemu-2.7.1-7.fc25
192427 - Fedora Linux 25 FEDORA-2017-efdd962fee Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-6542
Description The scan detected that the host is missing the following update: FEDORA-2017-efdd962fee
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=3
Fedora Core 25 putty-0.70-1.fc25
192434 - Fedora Linux 25 FEDORA-2017-534f300508 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-10672
Description The scan detected that the host is missing the following update: FEDORA-2017-534f300508
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 25 perl-XML-LibXML-2.0129-2.fc25
192440 - Fedora Linux 24 FEDORA-2017-790ff602a6 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-10672 Description The scan detected that the host is missing the following update: FEDORA-2017-790ff602a6
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 24 perl-XML-LibXML-2.0128-2.fc24
22128 - IBM AIX NTP Multiple Vulnerabilities (ntp_advisory9)
Category: SSH Module -> NonIntrusive -> AIX Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-6451, CVE-2017-6458, CVE-2017-6462, CVE-2017-6464
Description Multiple vulnerabilities are present in some versions of IBM AIX.
Observation IBM AIX is a Unix-like operating system.
Multiple vulnerabilities are present in some versions of IBM AIX. The flaws lie in NTP. Successful exploitation could allow an attacker to bypass security restrictions or cause a denial of service condition.
22157 - (JSA10792) Juniper Junos Buffer Overflow Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2017-2344
Description A vulnerability is present in some versions of Juniper Junos OS.
Observation Juniper Junos OS is an operating system used in Juniper devices.
A vulnerability is present in some versions of Juniper Junos OS. The flaw lies in an internal sockets library. Successful exploitation could allow a malicious user to cause a denial of service or to execute arbitrary code leading to elevation of privileges.
22166 - (JSA10805) Juniper Junos CLI Local Privilege Escalation Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2017-10603
Description A vulnerability is present in some versions of Juniper Junos OS. Observation Juniper JunOS is an operating system used in Juniper devices.
A vulnerability is present in some versions of Juniper Junos OS. The flaw lies in the Juniper Junos OS CLI. Successful exploitation could allow a local authenticated user with limited privileges to escalate privileges and run arbitrary commands as the root user.
130825 - Debian Linux 8.0, 9.0 DSA-3917-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11110
Description The scan detected that the host is missing the following update: DSA-3917-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2017/dsa-3917
Debian 8.0 all catdoc_0.94.4-1.1+deb8u1
Debian 9.0 all catdoc_1:0.94.3~git20160113.dbc9ec6+dfsg-1+deb9u1
185780 - Ubuntu Linux 12.04 USN-3357-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-3302, CVE-2017-3305, CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3453, CVE-2017-3456, CVE- 2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3600, CVE-2017-3635, CVE-2017-3636, CVE-2017-3641, CVE-2017-3648, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653
Description The scan detected that the host is missing the following update: USN-3357-2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003962.html
Ubuntu 12.04 mysql-server-5.5_5.5.57-0ubuntu0.12.04.1
185783 - Ubuntu Linux 14.04, 16.04, 17.04 USN-3362-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-10971, CVE-2017-10972, CVE-2017-2624
Description The scan detected that the host is missing the following update: USN-3362-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003959.html
Ubuntu 16.04 xserver-xorg-core_1.18.4-0ubuntu0.3 xserver-xorg-core-hwe-16.04_1.18.4-1ubuntu6.1~16.04.2
Ubuntu 14.04 xserver-xorg-core_1.15.1-0ubuntu2.9 xserver-xorg-core-lts-xenial_1.18.3-1ubuntu2.3~trusty2
Ubuntu 17.04 xserver-xorg-core_1.19.3-1ubuntu1.1
185790 - Ubuntu Linux 12.04 USN-3353-4 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11103
Description The scan detected that the host is missing the following update: USN-3353-4
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003961.html
Ubuntu 12.04
CVE-2017-11103_----- libsmbclient_3.6.25-0ubuntu0.12.04.12
185791 - Ubuntu Linux 12.04 USN-3353-3 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11103
Description The scan detected that the host is missing the following update: USN-3353-3
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003958.html
Ubuntu 12.04 libkrb5-26-heimdal_1.6~git20120311.dfsg.1-2ubuntu0.2 CVE-2017-11103_-----
185797 - Ubuntu Linux 12.04 USN-3309-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-6891
Description The scan detected that the host is missing the following update: USN-3309-2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003945.html
Ubuntu 12.04 libtasn1-3_2.10-1ubuntu1.6 CVE-2017-6891_-----
192400 - Fedora Linux 26 FEDORA-2017-2afe501b36 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11103
Description The scan detected that the host is missing the following update: FEDORA-2017-2afe501b36
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 26 heimdal-7.4.0-1.fc26 192405 - Fedora Linux 24 FEDORA-2017-37f68e3534 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2538
Description The scan detected that the host is missing the following update: FEDORA-2017-37f68e3534
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 24 webkitgtk4-2.16.5-1.fc24
192408 - Fedora Linux 25 FEDORA-2017-cf1a42722d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11464
Description The scan detected that the host is missing the following update: FEDORA-2017-cf1a42722d
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 25 librsvg2-2.40.18-1.fc25
192421 - Fedora Linux 24 FEDORA-2017-941058c1f1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11464
Description The scan detected that the host is missing the following update: FEDORA-2017-941058c1f1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 24 librsvg2-2.40.18-1.fc24
192423 - Fedora Linux 26 FEDORA-2017-0446b53fd8 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11403
Description The scan detected that the host is missing the following update: FEDORA-2017-0446b53fd8
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 26
GraphicsMagick-1.3.26-3.fc26
192424 - Fedora Linux 25 FEDORA-2017-c22a8af4e9 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11173
Description The scan detected that the host is missing the following update: FEDORA-2017-c22a8af4e9
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 25 rubygem-rack-cors-0.4.1-1.fc25
192426 - Fedora Linux 25 FEDORA-2017-6c52e2d731 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11403
Description The scan detected that the host is missing the following update: FEDORA-2017-6c52e2d731
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 25
GraphicsMagick-1.3.26-3.fc25
192429 - Fedora Linux 24 FEDORA-2017-758fafed81 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11403
Description The scan detected that the host is missing the following update: FEDORA-2017-758fafed81
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 24
GraphicsMagick-1.3.26-3.fc24
192438 - Fedora Linux 24 FEDORA-2017-98bed96d12 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-5078, CVE-2016-5133, CVE-2016-5147, CVE-2016-5153, CVE-2016-5155, CVE-2016-5161, CVE-2016-5166, CVE- 2016-5170, CVE-2016-5171, CVE-2016-5172, CVE-2016-5181, CVE-2016-5185, CVE-2016-5186, CVE-2016-5187, CVE-2016-5188, CVE-2016-5192, CVE-2016-5198, CVE-2016-5205, CVE-2016-5207, CVE-2016-5208, CVE-2016-5214, CVE-2016-5215, CVE-2016- 5221, CVE-2016-5222, CVE-2016-5224, CVE-2016-5225, CVE-2016-9650, CVE-2016-9651, CVE-2016-9652, CVE-2017-5006, CVE- 2017-5007, CVE-2017-5008, CVE-2017-5009, CVE-2017-5010, CVE-2017-5012, CVE-2017-5015, CVE-2017-5016, CVE-2017-5017, CVE-2017-5019, CVE-2017-5023, CVE-2017-5024, CVE-2017-5025, CVE-2017-5026, CVE-2017-5027, CVE-2017-5029, CVE-2017- 5033, CVE-2017-5037, CVE-2017-5044, CVE-2017-5046, CVE-2017-5047, CVE-2017-5048, CVE-2017-5049, CVE-2017-5050, CVE- 2017-5051, CVE-2017-5059, CVE-2017-5061, CVE-2017-5062, CVE-2017-5065, CVE-2017-5067, CVE-2017-5069, CVE-2017-5070, CVE-2017-5071, CVE-2017-5075, CVE-2017-5076, CVE-2017-5083, CVE-2017-5089
Description The scan detected that the host is missing the following update: FEDORA-2017-98bed96d12
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2 Fedora Core 24 qt5-qtwebengine-5.6.3-0.1.20170712gitee719ad313e564.fc24
192439 - Fedora Linux 25 FEDORA-2017-5d6a9e0c9c Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11103
Description The scan detected that the host is missing the following update: FEDORA-2017-5d6a9e0c9c
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 25 heimdal-7.4.0-1.fc25
192441 - Fedora Linux 26 FEDORA-2017-cf36278519 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11464
Description The scan detected that the host is missing the following update: FEDORA-2017-cf36278519
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 26 librsvg2-2.40.18-1.fc26
22148 - IBM WebSphere MQ Denial Of Service Vulnerability (swg22003856)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-1285
Description A denial of service vulnerability is present in some versions of IBM WebSphere MQ. Observation IBM WebSphere MQ is a popular cross platform messaging system.
A denial of service vulnerability is present in some versions of IBM WebSphere MQ. The flaw is due to improper message handling. Successful exploitation could allow an attacker to cause a denial of service condition.
22162 - (JSA10806) Juniper Junos SRX Cluster Configuration Synch Failures Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2017-10604
Description A vulnerability is present in some versions of Juniper JunOS.
Observation Juniper JunOS is an operating system used in Juniper devices.
A vulnerability is present in some versions of Juniper JunOS. The flaw is due to improper handling of cluster sync or failover operation. Successful exploitation could allow an attacker to cause a denial of service condition.
22179 - Oracle MySQL Enterprise Monitor Critical Patch Update July 2017 (CVE-2017-5647)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-5647
Description A vulnerability is present in some versions of Oracle MySQL Enterprise Monitor.
Observation Oracle MySQL Enterprise Monitor enables monitoring of multiple Oracle MySQL instances.
A vulnerability is present in some versions of Oracle MySQL Enterprise Monitor. The flaw lies in Apache Tomcat. Successful exploitation could allow an attacker to obtain sensitive information, or perform unspecified attack.
88891 - Slackware Linux 13.37, 14.0, 14.1, 14.2 SSA:2017-205-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11108
Description The scan detected that the host is missing the following update: SSA:2017-205-01
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.468869 Slackware 14.0 x86_64 tcpdump-4.9.1-x86_64-1
Slackware 14.2 x86_64 tcpdump-4.9.1-x86_64-1 i586 tcpdump-4.9.1-i586-1
Slackware 14.1 x86_64 tcpdump-4.9.1-x86_64-1
Slackware 13.37 x86_64 tcpdump-4.9.1-x86_64-1
130826 - Debian Linux 9.0 DSA-3915-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000026
Description The scan detected that the host is missing the following update: DSA-3915-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2017/dsa-3915
Debian 9.0 all ruby-mixlib-archive_0.2.0-1+deb9u1
145454 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2017:1898-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-9445
Description The scan detected that the host is missing the following update: SUSE-SU-2017:1898-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2017-July/003039.html
SuSE SLED 12 SP2 x86_64 dracut-debugsource-044.1-109.8.3 systemd-228-150.7.1 dracut-debuginfo-044.1-109.8.3 libudev1-32bit-228-150.7.1 libudev1-debuginfo-228-150.7.1 libsystemd0-debuginfo-228-150.7.1 systemd-debuginfo-228-150.7.1 systemd-debugsource-228-150.7.1 libudev1-debuginfo-32bit-228-150.7.1 libsystemd0-debuginfo-32bit-228-150.7.1 libsystemd0-228-150.7.1 systemd-debuginfo-32bit-228-150.7.1 libudev1-228-150.7.1 systemd-32bit-228-150.7.1 udev-debuginfo-228-150.7.1 systemd-sysvinit-228-150.7.1 udev-228-150.7.1 dracut-044.1-109.8.3 libsystemd0-32bit-228-150.7.1 noarch systemd-bash-completion-228-150.7.1
SuSE SLES 12 SP2 noarch systemd-bash-completion-228-150.7.1 x86_64 dracut-fips-044.1-109.8.3 dracut-debugsource-044.1-109.8.3 systemd-sysvinit-228-150.7.1 libudev1-debuginfo-228-150.7.1 dracut-debuginfo-044.1-109.8.3 libudev1-32bit-228-150.7.1 systemd-debuginfo-228-150.7.1 libsystemd0-debuginfo-32bit-228-150.7.1 libsystemd0-debuginfo-228-150.7.1 systemd-debugsource-228-150.7.1 libudev1-debuginfo-32bit-228-150.7.1 systemd-228-150.7.1 libsystemd0-228-150.7.1 systemd-debuginfo-32bit-228-150.7.1 libudev1-228-150.7.1 systemd-32bit-228-150.7.1 udev-debuginfo-228-150.7.1 udev-228-150.7.1 dracut-044.1-109.8.3 libsystemd0-32bit-228-150.7.1
145455 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2017:1916-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-9262, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE- 2016-9394, CVE-2017-1000050
Description The scan detected that the host is missing the following update: SUSE-SU-2017:1916-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2017-July/003054.html
SuSE SLED 12 SP2 x86_64 libjasper1-32bit-1.900.14-195.3.1 libjasper1-debuginfo-32bit-1.900.14-195.3.1 libjasper1-1.900.14-195.3.1 libjasper1-debuginfo-1.900.14-195.3.1 jasper-debugsource-1.900.14-195.3.1 jasper-debuginfo-1.900.14-195.3.1
SuSE SLES 12 SP2 x86_64 libjasper1-32bit-1.900.14-195.3.1 libjasper1-debuginfo-32bit-1.900.14-195.3.1 libjasper1-1.900.14-195.3.1 libjasper1-debuginfo-1.900.14-195.3.1 jasper-debugsource-1.900.14-195.3.1 jasper-debuginfo-1.900.14-195.3.1
145456 - SuSE SLES 11 SP4 SUSE-SU-2017:1901-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-9262, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE- 2016-9394, CVE-2017-1000050
Description The scan detected that the host is missing the following update: SUSE-SU-2017:1901-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2017-July/003040.html
SuSE SLES 11 SP4 i586 libjasper-1.900.14-134.33.3.1 x86_64 libjasper-32bit-1.900.14-134.33.3.1 libjasper-1.900.14-134.33.3.1
170836 - Amazon Linux AMI ALAS-2017-859 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000381 Description The scan detected that the host is missing the following update: ALAS-2017-859
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://alas.aws.amazon.com/ALAS-2017-859.html
Amazon Linux AMI x86_64 c-ares-devel-1.13.0-1.5.amzn1 c-ares-1.13.0-1.5.amzn1 c-ares-debuginfo-1.13.0-1.5.amzn1 i686 c-ares-devel-1.13.0-1.5.amzn1 c-ares-1.13.0-1.5.amzn1 c-ares-debuginfo-1.13.0-1.5.amzn1
182397 - FreeBSD collectd5 Denial Of Service By Sending A Signed Network Packet To A Server Which Is Not Set Up To Check Signatures (08a2
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-7401
Description The scan detected that the host is missing the following update: collectd5 -- Denial of service by sending a signed network packet to a server which is not set up to check signatures (08a2df48-6c6a- 11e7-9b01-2047478f2f70)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/08a2df48-6c6a-11e7-9b01-2047478f2f70.html
Affected packages: collectd5 < 5.7.2
182398 - FreeBSD gsoap Remote Code Execution Via Via Overflow (8745c67e-7dd1-4165-96e2-fcf9da2dc5b5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-9765
Description The scan detected that the host is missing the following update: gsoap -- remote code execution via via overflow (8745c67e-7dd1-4165-96e2-fcf9da2dc5b5)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/8745c67e-7dd1-4165-96e2-fcf9da2dc5b5.html
Affected packages: gsoap < 2.8.47
182403 - FreeBSD strongswan Insufficient Input Validation In Gmp Plugin (e6ccaf8a-6c63-11e7-9b01-2047478f2f70)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-9022
Description The scan detected that the host is missing the following update: strongswan -- Insufficient Input Validation in gmp Plugin (e6ccaf8a-6c63-11e7-9b01-2047478f2f70)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/e6ccaf8a-6c63-11e7-9b01-2047478f2f70.html
Affected packages: 4.4.0 <= strongswan <= 5.5.2
185794 - Ubuntu Linux 12.04 USN-3274-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-7867, CVE-2017-7868
Description The scan detected that the host is missing the following update: USN-3274-2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003942.html
Ubuntu 12.04 libicu48_4.8.1.1-3ubuntu0.8
192410 - Fedora Linux 26 FEDORA-2017-7c1621d2e8 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000381
Description The scan detected that the host is missing the following update: FEDORA-2017-7c1621d2e8
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 26 nodejs-6.11.1-1.fc26
192417 - Fedora Linux 24 FEDORA-2017-aa44293a53 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000381
Description The scan detected that the host is missing the following update: FEDORA-2017-aa44293a53
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 24 nodejs-4.8.4-6.fc24
192442 - Fedora Linux 25 FEDORA-2017-81522ac6d8 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000381
Description The scan detected that the host is missing the following update: FEDORA-2017-81522ac6d8
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 25 nodejs-6.11.1-1.fc25
22149 - IBM WebSphere MQ Information Disclosure Vulnerability (swg22003853)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-1337
Description An information disclosure vulnerability is present in some versions of IBM WebSphere MQ.
Observation IBM WebSphere MQ is a messaging solution.
An information disclosure vulnerability is present in some versions of IBM WebSphere MQ. The flaw is due to improper handling of credentials. Successful exploitation could allow an attacker to obtain sensitive information.
22168 - IBM WebSphere MQ Denial Of Service Vulnerability (swg22003510)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-1236
Description A denial of service vulnerability is present in some versions of IBM WebSphere MQ.
Observation IBM WebSphere MQ is a popular cross platform messaging system.
A denial of service vulnerability is present in some versions of IBM WebSphere MQ. The flaw is due to improper validation of saved channel status inquiry. Successful exploitation could allow an attacker to cause a denial of service condition.
182402 - FreeBSD strongswan Denial-of-service Vulnerability In The X509 Plugin (c7e8e955-6c61-11e7-9b01-2047478f2f70)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-9023
Description The scan detected that the host is missing the following update: strongswan -- Denial-of-service vulnerability in the x509 plugin (c7e8e955-6c61-11e7-9b01-2047478f2f70)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/c7e8e955-6c61-11e7-9b01-2047478f2f70.html
Affected packages: strongswan <= 5.5.3
185781 - Ubuntu Linux 14.04 USN-3364-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-9900, CVE-2015-8944, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9150, CVE-2017-9605 Description The scan detected that the host is missing the following update: USN-3364-2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003965.html
Ubuntu 14.04 linux-image-powerpc-smp-lts-xenial_4.4.0.87.72 linux-image-4.4.0-87-powerpc64-smp_4.4.0-87.110~14.04.1 linux-image-4.4.0-87-lowlatency_4.4.0-87.110~14.04.1 linux-image-generic-lpae-lts-xenial_4.4.0.87.72 linux-image-powerpc-e500mc-lts-xenial_4.4.0.87.72 linux-image-4.4.0-87-powerpc64-emb_4.4.0-87.110~14.04.1 linux-image-lowlatency-lts-xenial_4.4.0.87.72 linux-image-powerpc64-emb-lts-xenial_4.4.0.87.72 linux-image-4.4.0-87-generic_4.4.0-87.110~14.04.1 linux-image-4.4.0-87-powerpc-e500mc_4.4.0-87.110~14.04.1 linux-image-4.4.0-87-powerpc-smp_4.4.0-87.110~14.04.1 linux-image-generic-lts-xenial_4.4.0.87.72 linux-image-4.4.0-87-generic-lpae_4.4.0-87.110~14.04.1 linux-image-powerpc64-smp-lts-xenial_4.4.0.87.72
185785 - Ubuntu Linux 16.04 USN-3364-3 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-9900, CVE-2015-8944, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9150, CVE-2017-9605
Description The scan detected that the host is missing the following update: USN-3364-3
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003967.html
Ubuntu 16.04 linux-image-4.4.0-1026-aws_4.4.0-1026.35 linux-image-aws_4.4.0.1026.29 linux-image-gke_4.4.0.1022.24 linux-image-4.4.0-1022-gke_4.4.0-1022.22
185793 - Ubuntu Linux 17.04 USN-3358-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-9900, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9605 Description The scan detected that the host is missing the following update: USN-3358-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003952.html
Ubuntu 17.04 linux-image-generic-lpae_4.10.0.28.29 linux-image-4.10.0-28-generic_4.10.0-28.32 linux-image-raspi2_4.10.0.1011.13 linux-image-4.10.0-1011-raspi2_4.10.0-1011.14 linux-image-4.10.0-28-lowlatency_4.10.0-28.32 linux-image-generic_4.10.0.28.29 linux-image-4.10.0-28-generic-lpae_4.10.0-28.32 linux-image-lowlatency_4.10.0.28.29
185798 - Ubuntu Linux 12.04 USN-3307-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-9287
Description The scan detected that the host is missing the following update: USN-3307-2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003946.html
Ubuntu 12.04 slapd_2.4.28-1.1ubuntu4.8 CVE-2017-9287_-----
185799 - Ubuntu Linux 16.04 USN-3364-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-9900, CVE-2015-8944, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9150, CVE-2017-9605
Description The scan detected that the host is missing the following update: USN-3364-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003964.html
Ubuntu 16.04 linux-image-4.4.0-87-powerpc64-emb_4.4.0-87.110 linux-image-powerpc-smp_4.4.0.87.93 linux-image-4.4.0-87-powerpc-smp_4.4.0-87.110 linux-image-4.4.0-87-lowlatency_4.4.0-87.110 linux-image-4.4.0-87-powerpc-e500mc_4.4.0-87.110 linux-image-4.4.0-1065-raspi2_4.4.0-1065.73 linux-image-snapdragon_4.4.0.1067.60 linux-image-generic_4.4.0.87.93 linux-image-4.4.0-87-generic-lpae_4.4.0-87.110 linux-image-4.4.0-87-generic_4.4.0-87.110 linux-image-powerpc64-emb_4.4.0.87.93 linux-image-4.4.0-1067-snapdragon_4.4.0-1067.72 linux-image-4.4.0-87-powerpc64-smp_4.4.0-87.110 linux-image-generic-lpae_4.4.0.87.93 linux-image-lowlatency_4.4.0.87.93 linux-image-raspi2_4.4.0.1065.66 linux-image-powerpc64-smp_4.4.0.87.93 linux-image-powerpc-e500mc_4.4.0.87.93
192404 - Fedora Linux 24 FEDORA-2017-1a8bebaab4 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11107
Description The scan detected that the host is missing the following update: FEDORA-2017-1a8bebaab4
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 24 phpldapadmin-1.2.3-10.fc24
192407 - Fedora Linux 26 FEDORA-2017-d3d38a53f9 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11104
Description The scan detected that the host is missing the following update: FEDORA-2017-d3d38a53f9
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=3
Fedora Core 26 knot-2.4.5-1.fc26
192412 - Fedora Linux 26 FEDORA-2017-05888dd4fe Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11107
Description The scan detected that the host is missing the following update: FEDORA-2017-05888dd4fe
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 26 phpldapadmin-1.2.3-10.fc26
192435 - Fedora Linux 25 FEDORA-2017-346836a623 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11107
Description The scan detected that the host is missing the following update: FEDORA-2017-346836a623
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 25 phpldapadmin-1.2.3-10.fc25
22147 - (SB10201) McAfee Web Gateway NTPD Denial Of Service Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Low CVE: CVE-2016-9042 Description A vulnerability is present in some versions of McAfee Web Gateway.
Observation McAfee Web Gateway is a web based security control system designed to prevent web application attacks.
A vulnerability is present in some versions of McAfee Web Gateway. The flaw lies in the Network Time Protocol Daemon (NTPD). Successful exploitation could allow an attacker to cause a denial of service condition.
88890 - Slackware Linux 14.2 SSA:2017-202-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: SSA:2017-202-01
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.415362
Slackware 14.2 x86_64 seamonkey-2.48-x86_64-1 seamonkey-solibs-2.48-x86_64-1 i586 seamonkey-solibs-2.48-i586-1 seamonkey-2.48-i586-1
130824 - Debian Linux 8.0, 9.0 DSA-3916-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2017-1000083
Description The scan detected that the host is missing the following update: DSA-3916-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2017/dsa-3916
Debian 8.0 all atril_1.8.1+dfsg1-4+deb8u1
Debian 9.0 all atril_1.16.1-2+deb9u1
130827 - Debian Linux 9.0 DSA-3906-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2017-2666, CVE-2017-2670
Description The scan detected that the host is missing the following update: DSA-3906-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2017/dsa-3906
Debian 9.0 all libundertow-java-doc_1.4.8-1+deb9u1 libundertow-java_1.4.8-1+deb9u1
182399 - FreeBSD MySQL Multiple Vulnerabilities (cda2f3c2-6c8b-11e7-867f-b499baebfeaf)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2017-3529, CVE-2017-3633, CVE-2017-3634, CVE-2017-3635, CVE-2017-3636, CVE-2017-3637, CVE-2017-3638, CVE- 2017-3639, CVE-2017-3640, CVE-2017-3641, CVE-2017-3642, CVE-2017-3643, CVE-2017-3644, CVE-2017-3645, CVE-2017-3646, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649, CVE-2017-3650, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653
Description The scan detected that the host is missing the following update: MySQL -- multiple vulnerabilities (cda2f3c2-6c8b-11e7-867f-b499baebfeaf)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/cda2f3c2-6c8b-11e7-867f-b499baebfeaf.html
Affected packages: mariadb55-server < 5.5.57 mariadb100-server < 10.0.31 mariadb101-server < 10.1.23 mariadb102-server < 10.2.6 mysql55-server < 5.5.57 mysql56-server < 5.6.37 mysql57-server < 5.7.19 percona55-server < 5.5.57 percona56-server < 5.6.37 percona57-server < 5.7.19
182401 - FreeBSD GitLab Various Security Issues (92f4191a-6d25-11e7-93f7-d43d7e971a1b) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2017-11438
Description The scan detected that the host is missing the following update: GitLab -- Various security issues (92f4191a-6d25-11e7-93f7-d43d7e971a1b)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/92f4191a-6d25-11e7-93f7-d43d7e971a1b.html
Affected packages: 8.0.0 <= gitlab <= 8.17.6 9.0.0 <= gitlab <= 9.0.10 9.1.0 <= gitlab <= 9.1.7 9.2.0 <= gitlab <= 9.2.7 9.3.0 <= gitlab <= 9.4.7
185779 - Ubuntu Linux 14.04, 16.04, 17.04 USN-3355-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2017-7506
Description The scan detected that the host is missing the following update: USN-3355-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003948.html
Ubuntu 16.04 libspice-server1_0.12.6-4ubuntu0.3
Ubuntu 14.04 libspice-server1_0.12.4-0nocelt2ubuntu1.5
Ubuntu 17.04 libspice-server1_0.12.8-2ubuntu1.1
185782 - Ubuntu Linux 12.04 USN-3347-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2017-7526 Description The scan detected that the host is missing the following update: USN-3347-2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003941.html
Ubuntu 12.04 libgcrypt11_1.5.0-3ubuntu0.7 CVE-2017-7526_-----
185784 - Ubuntu Linux 14.04, 16.04, 17.04 USN-3357-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2017-3529, CVE-2017-3633, CVE-2017-3634, CVE-2017-3635, CVE-2017-3636, CVE-2017-3637, CVE-2017-3638, CVE- 2017-3639, CVE-2017-3640, CVE-2017-3641, CVE-2017-3642, CVE-2017-3643, CVE-2017-3644, CVE-2017-3645, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649, CVE-2017-3650, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653
Description The scan detected that the host is missing the following update: USN-3357-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003951.html
Ubuntu 16.04 mysql-server-5.7_5.7.19-0ubuntu0.16.04.1
Ubuntu 14.04 mysql-server-5.5_5.5.57-0ubuntu0.14.04.1
Ubuntu 17.04 mysql-server-5.7_5.7.19-0ubuntu0.17.04.1
185787 - Ubuntu Linux 12.04 USN-3356-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2017-9233
Description The scan detected that the host is missing the following update: USN-3356-2 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003950.html
Ubuntu 12.04 lib64expat1_2.0.1-7.2ubuntu1.5 CVE-2017-9233_----- libexpat1_2.0.1-7.2ubuntu1.5
185789 - Ubuntu Linux 14.04, 16.04, 16.10, 17.04 USN-3356-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2017-9233
Description The scan detected that the host is missing the following update: USN-3356-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-July/003949.html
Ubuntu 16.04 lib64expat1_2.1.0-7ubuntu0.16.04.3 libexpat1_2.1.0-7ubuntu0.16.04.3
Ubuntu 14.04 libexpat1_2.1.0-4ubuntu1.4 lib64expat1_2.1.0-4ubuntu1.4
Ubuntu 16.10 lib64expat1_2.2.0-1ubuntu0.1 libexpat1_2.2.0-1ubuntu0.1
Ubuntu 17.04 libexpat1_2.2.0-2ubuntu0.1 lib64expat1_2.2.0-2ubuntu0.1
192403 - Fedora Linux 25 FEDORA-2017-b0a2770a9b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2017-b0a2770a9b
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 25 knot-2.4.5-1.fc25
192406 - Fedora Linux 24 FEDORA-2017-605557de96 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2017-605557de96
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 24 java-1.8.0-openjdk-1.8.0.141-1.b16.fc24
192411 - Fedora Linux 26 FEDORA-2017-e6aaef4475 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2017-e6aaef4475
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=3
Fedora Core 26 knot-resolver-1.3.1-1.fc26
192414 - Fedora Linux 24 FEDORA-2017-bd6aa662fc Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2017-bd6aa662fc
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 24 knot-2.4.5-1.fc24
192415 - Fedora Linux 24 FEDORA-2017-944e86b623 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-11328
Description The scan detected that the host is missing the following update: FEDORA-2017-944e86b623
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 24 yara-3.6.3-1.fc24
192416 - Fedora Linux 26 FEDORA-2017-e5b36383f4 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2017-e5b36383f4
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 26 krb5-1.15.1-17.fc26
192420 - Fedora Linux 24 FEDORA-2017-61689edaf4 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-7506
Description The scan detected that the host is missing the following update: FEDORA-2017-61689edaf4
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 24 spice-0.12.8-3.fc24
192422 - Fedora Linux 25 FEDORA-2017-1d46019681 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-11328
Description The scan detected that the host is missing the following update: FEDORA-2017-1d46019681
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 25 yara-3.6.3-1.fc25
192425 - Fedora Linux 25 FEDORA-2017-8e9d9771c4 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-11368
Description The scan detected that the host is missing the following update: FEDORA-2017-8e9d9771c4
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 25 krb5-1.14.4-8.fc25
192428 - Fedora Linux 25 FEDORA-2017-cc0b92f6c1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2017-cc0b92f6c1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 25 glpi-9.1.5-1.fc25
192430 - Fedora Linux 26 FEDORA-2017-088b16a69a Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-11328
Description The scan detected that the host is missing the following update: FEDORA-2017-088b16a69a
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 26 yara-3.6.3-1.fc26
192431 - Fedora Linux 26 FEDORA-2017-704c201dbb Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH Description The scan detected that the host is missing the following update: FEDORA-2017-704c201dbb
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 26 subversion-1.9.6-2.fc26
192432 - Fedora Linux 24 FEDORA-2017-71c47e1e82 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-11368
Description The scan detected that the host is missing the following update: FEDORA-2017-71c47e1e82
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=1
Fedora Core 24 krb5-1.14.4-5.fc24
192433 - Fedora Linux 26 FEDORA-2017-a40590256c Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2017-a40590256c
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 26 glpi-9.1.5-1.fc26 192436 - Fedora Linux 24 FEDORA-2017-081fc9ad77 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2017-081fc9ad77
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 24 knot-resolver-1.3.1-1.fc24
192437 - Fedora Linux 25 FEDORA-2017-92643d70b7 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2017-92643d70b7
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2017/7/?count=200&page=2
Fedora Core 25 knot-resolver-1.3.1-1.fc25
22167 - IBM WebSphere MQ Information Disclosure Vulnerability (swg22003851)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Low CVE: CVE-2017-1284
Description An information disclosure vulnerability is present in some versions of IBM WebSphere MQ.
Observation IBM WebSphere MQ is a messaging solution.
An information disclosure vulnerability is present in some versions of IBM WebSphere MQ. The flaw is due to that WebSphere MQ incorrectly grants a local user the ability to run or enable trace. Successful exploitation could allow an attacker to obtain sensitive information.
22171 - IBM WebSphere MQ Java Runtime Vulnerability (swg22001630)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Low CVE: CVE-2016-3485
Description A vulnerability is present in some versions of IBM WebSphere MQ.
Observation IBM WebSphere MQ is a popular cross platform messaging system.
A vulnerability is present in some versions of IBM WebSphere MQ. The flaw is related to the Java-based networking component. Successful exploitation could allow an attacker to affect integrity of the target system.
22176 - (MSPT-June2017) Win32k Information Disclosure Vulnerability (CVE-2017-8554)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Low CVE: CVE-2017-8554
Description An information disclosure vulnerability is present in some versions of Microsoft Windows.
Observation Windows is a popular operation system developed by Microsoft.
An information disclosure vulnerability is present in some versions of Microsoft Windows. The flaw lies in how the Windows kernel initialize objects in memory. Successful exploitation could allow an attacker to obtain restricted information. Exploitation requires an attacker to execute a specially crafted application.
ENHANCED CHECKS
The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 22137 - Kaspersky Anti-Virus File Server Multiple Vulnerabilities
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2017-9810, CVE-2017-9811, CVE-2017-9812, CVE-2017-9813
Update Details Risk is updated
33152 - Oracle Solaris 119758-41 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2007-0452, CVE-2007-2444, CVE-2007-2446, CVE-2007-2447, CVE-2007-4138, CVE-2007-4572, CVE-2007-5398, CVE- 2007-6015, CVE-2008-4314, CVE-2010-2063, CVE-2010-3069, CVE-2011-0719, CVE-2011-2522, CVE-2011-2694, CVE-2012-1182, CVE-2012-2111, CVE-2012-6150, CVE-2013-0213, CVE-2013-0214, CVE-2013-4124, CVE-2013-4408, CVE-2013-4475, CVE-2013- 4496, CVE-2014-0178, CVE-2014-0244, CVE-2014-3493
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33154 - Oracle Solaris 119757-41 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2007-0452, CVE-2007-2444, CVE-2007-2446, CVE-2007-2447, CVE-2007-4138, CVE-2007-4572, CVE-2007-5398, CVE- 2007-6015, CVE-2008-4314, CVE-2010-2063, CVE-2010-3069, CVE-2011-0719, CVE-2011-2522, CVE-2011-2694, CVE-2012-1182, CVE-2012-2111, CVE-2012-6150, CVE-2013-0213, CVE-2013-0214, CVE-2013-4124, CVE-2013-4408, CVE-2013-4475, CVE-2013- 4496, CVE-2014-0178, CVE-2014-0244, CVE-2014-3493
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
21805 - (MSPT-May2017) Microsoft Office Remote Code Execution Vulnerability (CVE-2017-0281)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-0281
Update Details FASLScript is updated
88881 - Slackware Linux 14.0, 14.1, 14.2 SSA:2017-190-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: High CVE: CVE-2017-10965, CVE-2017-10966
Update Details Risk is updated
130807 - Debian Linux 8.0 DSA-3893-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2016-4000
Update Details Risk is updated
182387 - FreeBSD irssi Multiple Vulnerabilities (31001c6b-63e7-11e7-85aa-a4badb2f4699)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2017-10965, CVE-2017-10966
Update Details Risk is updated
33145 - Oracle Solaris 150401-52 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2004-0230, CVE-2013-0399, CVE-2013-3799, CVE-2013-5862, CVE-2013-5876, CVE-2014-4215, CVE-2014-6575, CVE- 2015-0375, CVE-2015-0471, CVE-2015-2580, CVE-2015-4869, CVE-2016-3419, CVE-2016-3441, CVE-2016-3453, CVE-2016-5544, CVE-2016-5553, CVE-2017-10004, CVE-2017-10036, CVE-2017-10042, CVE-2017-10122
Update Details CVE is updated
88885 - Slackware Linux 14.0, 14.1, 14.2 SSA:2017-195-02 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11103
Update Details Risk is updated
88889 - Slackware Linux 13.0, 13.1, 13.37, 14.0, 14.1, 14.2 SSA:2017-194-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-9788, CVE-2017-9789
Update Details Risk is updated
130778 - Debian Linux 8.0 DSA-3862-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2295
Update Details Risk is updated
130814 - Debian Linux 8.0 DSA-3905-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-10971, CVE-2017-10972
Update Details Risk is updated FASLScript is updated
130816 - Debian Linux 8.0 DSA-3912-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11103
Update Details Risk is updated FASLScript is updated
130818 - Debian Linux 8.0 DSA-3913-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-9788
Update Details Risk is updated FASLScript is updated
130821 - Debian Linux 8.0 DSA-3909-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11103
Update Details Risk is updated FASLScript is updated
141370 - Red Hat Enterprise Linux RHSA-2016-2809 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-8638
Update Details Risk is updated
145447 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2017:1860-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-10971, CVE-2017-10972
Update Details Risk is updated
145452 - SuSE SLES 11 SP4 SUSE-SU-2017:1850-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-10971, CVE-2017-10972
Update Details Risk is updated
163228 - Oracle Enterprise Linux ELSA-2016-2809 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-8638
Update Details Risk is updated
170827 - Amazon Linux AMI ALAS-2017-849 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2295
Update Details Risk is updated
182393 - FreeBSD samba Orpheus Lyre Mutual Authentication Validation Bypass (85851e4f-67d9-11e7-bc37-00505689d4ae)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11103
Update Details Risk is updated
182396 - FreeBSD Apache httpd Multiple Vulnerabilities (457ce015-67fa-11e7-867f-b499baebfeaf)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-9788, CVE-2017-9789
Update Details Risk is updated
185775 - Ubuntu Linux 14.04, 16.04, 16.10, 17.04 USN-3353-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11103
Update Details Risk is updated
185777 - Ubuntu Linux 14.04, 16.04, 16.10, 17.04 USN-3353-2 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11103
Update Details Risk is updated
191572 - Fedora Linux 25 FEDORA-2016-2d8fb6d7ad Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-8638
Update Details Risk is updated
191577 - Fedora Linux 24 FEDORA-2016-b465090499 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-8638
Update Details Risk is updated
192170 - Fedora Linux 25 FEDORA-2017-8ad8d1bd86 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2295
Update Details Risk is updated
192191 - Fedora Linux 26 FEDORA-2017-b9b66117bb Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2295
Update Details Risk is updated
12415 - TLS / SSL Man-In-The-Middle Renegotiation Vulnerability
Category: General Vulnerability Assessment -> Instrusive -> Miscellaneous Risk Level: Medium CVE: CVE-2009-3555
Update Details FASLScript is updated
22144 - Joomla Multiple Vulnerabilities Prior To 3.7.3
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-2017-9933, CVE-2017-9934
Update Details Risk is updated
22158 - (APSB17-22) Vulnerabilities In Adobe Connect
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-2017-3101, CVE-2017-3102, CVE-2017-3103
Update Details Risk is updated
141620 - Red Hat Enterprise Linux RHSA-2017-1681 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-9524
Update Details Risk is updated
145442 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2017:1792-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000381
Update Details Risk is updated
160280 - CentOS 7 CESA-2017-1681 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-9524
Update Details Risk is updated
163388 - Oracle Enterprise Linux ELSA-2017-1681 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-9524
Update Details Risk is updated
175200 - Scientific Linux Security ERRATA Important: qemu-kvm on SL7.x x86_64 (1707-75)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2017-9524
Update Details Risk is updated
182386 - FreeBSD tor Security Regression (0b9f4b5e-5d82-11e7-85df-14dae9d5a9d2)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-0377
Update Details Risk is updated
191643 - Fedora Linux 25 FEDORA-2017-fff6e1af37 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000001
Update Details Risk is updated
191677 - Fedora Linux 24 FEDORA-2017-a73bc7ac5d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000001
Update Details Risk is updated
192282 - Fedora Linux 26 FEDORA-2017-6dc3fd198d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000381
Update Details Risk is updated
192309 - Fedora Linux 25 FEDORA-2017-ba1399832b Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000381
Update Details Risk is updated
32912 - Oracle Solaris 147674-11 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2007-5333, CVE-2007-5342, CVE-2007-6286, CVE-2008-0002, CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE- 2008-2938, CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783, CVE-2009-2693, CVE-2009-2901, CVE-2009-2902, CVE-2009-3548, CVE-2010-1157, CVE-2010-2227, CVE-2010-3718, CVE-2010-4172, CVE-2010-4312, CVE-2011- 0013, CVE-2011-0534, CVE-2011-1184, CVE-2011-2204, CVE-2011-2526, CVE-2011-2729, CVE-2011-3190, CVE-2011-3375, CVE- 2011-4858, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064, CVE-2012-0022, CVE-2012-3112, CVE-2013-5839, CVE-2014-0390, CVE-2017-10062
Update Details CVE is updated
32913 - Oracle Solaris 147673-11 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2007-5333, CVE-2007-5342, CVE-2007-6286, CVE-2008-0002, CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE- 2008-2938, CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783, CVE-2009-2693, CVE-2009-2901, CVE-2009-2902, CVE-2009-3548, CVE-2010-1157, CVE-2010-2227, CVE-2010-3718, CVE-2010-4172, CVE-2010-4312, CVE-2011- 0013, CVE-2011-0534, CVE-2011-1184, CVE-2011-2204, CVE-2011-2526, CVE-2011-2729, CVE-2011-3190, CVE-2011-3375, CVE- 2011-4858, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064, CVE-2012-0022, CVE-2012-3112, CVE-2013-5839, CVE-2014-0390, CVE-2017-10062
Update Details CVE is updated
33162 - Oracle Solaris 150400-52 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2004-0230, CVE-2013-5862, CVE-2013-5876, CVE-2014-0447, CVE-2014-6473, CVE-2014-6575, CVE-2015-0375, CVE- 2015-0471, CVE-2015-2580, CVE-2015-2589, CVE-2015-4869, CVE-2016-3419, CVE-2016-3441, CVE-2016-3453, CVE-2016-5553, CVE-2017-10004, CVE-2017-10036, CVE-2017-10042, CVE-2017-10122
Update Details CVE is updated
33326 - Oracle Solaris 152260-02 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0535, CVE-2017-10003 Update Details CVE is updated
33327 - Oracle Solaris 152261-02 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0535, CVE-2017-10003
Update Details CVE is updated
130820 - Debian Linux 8.0 DSA-3910-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11104
Update Details FASLScript is updated
184876 - Ubuntu Linux 12.04, 14.04, 14.10, 15.04 USN-2648-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-1323
Update Details Risk is updated
192253 - Fedora Linux 25 FEDORA-2017-278f46fcd6 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-8932
Update Details Risk is updated
13143 - Microsoft Windows Explorer Local Denial Of Service Vulnerability
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Low CVE: CVE-MAP-NOMATCH
Update Details Recommendation is updated
32708 - Oracle Solaris 124393-12 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2017-3632
Update Details CVE is updated
32712 - Oracle Solaris 124394-12 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2017-3632
Update Details CVE is updated
130813 - Debian Linux 8.0 DSA-3904-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2017-3142, CVE-2017-3143
Update Details FASLScript is updated
130817 - Debian Linux 8.0 DSA-3907-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2017-7506
Update Details FASLScript is updated
130819 - Debian Linux 8.0 DSA-3911-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2017-1000083
Update Details FASLScript is updated
130822 - Debian Linux 8.0 DSA-3908-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2017-7529
Update Details FASLScript is updated 141350 - Red Hat Enterprise Linux RHSA-2016-2581 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0764
Update Details Risk is updated
163198 - Oracle Enterprise Linux ELSA-2016-2581 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0764
Update Details Risk is updated
175060 - Scientific Linux Security ERRATA Low: NetworkManager on SL7.x x86_64 (1612-11489)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Low CVE: CVE-2016-0764
Update Details Risk is updated
70019 - version.fasl3.inc
Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH
Update Details FASLScript is updated
70114 - juniper.fasl3.inc
Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH
Update Details FASLScript is updated
HOW TO UPDATE
FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing. FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.
MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.
MCAFEE TECHNICAL SUPPORT
ServicePortal: https://mysupport.mcafee.com Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.
Copyright 2017 McAfee, Inc. McAfee is a registered trademark of McAfee, Inc. and/or its affiliates