2018-OCT-09 FSL version 7.6.59
MCAFEE FOUNDSTONE FSL UPDATE
To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.
NEW CHECKS
24210 - (MSPT-Oct2018) Microsoft Graphics Components Handle Objects in Memory Remote Code Execution (CVE-2018- 8432)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8432
Description A vulnerability in some versions of Microsoft Graphics Components could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Graphics Components could lead to remote code execution.
The flaw is due to improper handling of a specially crafted file. Successful exploitation by a remote attacker could result in the execution of arbitrary code.
24212 - (MSPT-Oct2018) Microsoft Windows Theme API Remote Code Execution (CVE-2018-8413)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8413
Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
The flaw lies in the Theme API component. Successful exploitation by a remote attacker could result in the execution of arbitrary code.
24214 - (MSPT-Oct2018) Microsoft JET Database Engine Remote Code Execution (CVE-2018-8423)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8423
Description A vulnerability in some versions of Microsoft JET could lead to remote code execution. Observation A vulnerability in some versions of Microsoft JET could lead to remote code execution.
The flaw lies in the Database Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code.
24226 - (MSPT-Oct2018) Microsoft XML Core Services MSXML Remote Code Execution (CVE-2018-8494)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8494
Description A vulnerability in some versions of Microsoft XML Core Services could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft XML Core Services could lead to remote code execution.
The flaw lies in the MSXML component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
24237 - (MSPT-Oct2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-8503)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8503
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
24238 - (MSPT-Oct2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-8505)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8505
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 24239 - (MSPT-Oct2018) Microsoft Edge Improperly Handles Objects In Memory Remote Code Execution Vulnerability (CVE-2018-8509)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8509
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Improperly Handles Objects in Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
24243 - (MSPT-Oct2018) Microsoft Exchange Server Remote Code Execution (CVE-2010-3190)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2010-3190
Description A vulnerability in some versions of Microsoft Exchange could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Exchange could lead to remote code execution.
The flaw lies in the Server component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
24246 - (MSPT-Oct2018) Microsoft Windows Hyper-V Remote Code Execution (CVE-2018-8489)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8489
Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
The flaw lies in the Hyper-V component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system.
24247 - (MSPT-Oct2018) Microsoft Windows Hyper-V Remote Code Execution (CVE-2018-8490)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8490
Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
The flaw lies in the Hyper-V component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system.
24259 - (MSPT-Oct2018) Microsoft Internet Explorer Improperly Access Objects in Memory Remote Code Execution Vulnerability (CVE-2018-849
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8491
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
The flaw lies in the Improperly Access Objects in Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
24260 - (MSPT-Oct2018) Microsoft Internet Explorer Improperly Accesses Objects in Memory Remote Code Execution Vulnerability (CVE-2018-8
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8460
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
The flaw lies in the Improperly Accesses Objects in Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system.
24263 - (MSPT-Oct2018) Microsoft Windows Shell Handles URIs Remote Code Execution (CVE-2018-8495)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8495 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
The flaw lies in the Shell Handles URIs component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
24269 - (MSPT-Oct2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-8510)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8510
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
24270 - (MSPT-Oct2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-8511)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8511
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
24271 - (MSPT-Oct2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-8513)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8513
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
24288 - (MSPT-Oct2018) Microsoft Edge Improperly Accesses Objects in Memory Remote Code Execution Vulnerability (CVE-2018-8473)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8473
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Improperly Accesses Objects in Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system.
24252 - (MSPT-Oct2018) Microsoft NTFS Improperly Checks Access Privilege Escalation (CVE-2018-8411)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8411
Description A vulnerability in some versions of Microsoft NTFS could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft NTFS could lead to privilege escalation.
The flaw lies in the NTFS component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.
24209 - (MSPT-Oct2018) Microsoft Filter Manager Improperly Handles Objects in Memory Privilege Escalation (CVE-2018- 8333)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8333
Description A vulnerability in some versions of Microsoft Filter Manager could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Filter Manager could lead to privilege escalation.
The flaw is due to improper handling of objects in memory. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.
24211 - (MSPT-Oct2018) Microsoft Graphics Components Handle Objects in Memory Information Disclosure (CVE-2018- 8427)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8427
Description A vulnerability in some versions of Microsoft Graphics Components could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Graphics Components could lead to information disclosure.
The flaw is due to improper handling of a specially crafted file. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.
24213 - (MSPT-Oct2018) Microsoft Windows Graphics Device Interface Information Disclosure (CVE-2018-8472)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8472
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Graphics Device Interface component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the attacker to have valid credentials to the vulnerable system.
24219 - (MSPT-Oct2018) Microsoft Windows DNS Security Feature Bypass (CVE-2018-8320)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8320
Description A vulnerability in some versions of Microsoft DNS Server Role could lead to security bypass.
Observation A vulnerability in some versions of Microsoft DNS Server Role could lead to security bypass.
The flaw is due to improper handling of the Global Query Blocklist. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions.
24220 - (MSPT-Oct2018) Microsoft Linux On Windows Privilege Escalation (CVE-2018-8329) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8329
Description A vulnerability in some versions of Microsoft Linux On Windows could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Linux On Windows could lead to privilege escalation.
The flaw is due to improper handling of objects in memory. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to log on to a target system.
24228 - (MSPT-Oct2018) Microsoft SharePoint Improperly Sanitize Web Request Privilege Escalation (CVE-2018-8498)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8498
Description A vulnerability in some versions of Microsoft SharePoint could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft SharePoint could lead to privilege escalation.
The flaw lies in the Improperly Sanitize Web Request component. Successful exploitation could allow a local user to gain elevated privileges.The exploit requires the attacker to have valid credentials to the vulnerable system.
24229 - (MSPT-Oct2018) Microsoft SharePoint Improperly Sanitize Web Request Privilege Escalation (CVE-2018-8518)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8518
Description A vulnerability in some versions of Microsoft SharePoint could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft SharePoint could lead to privilege escalation.
The flaw lies in the Improperly Sanitize Web Request component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the user to open a vulnerable website, email or document.
24230 - (MSPT-Oct2018) Microsoft SharePoint Improperly Sanitize Web Request Privilege Escalation (CVE-2018-8488)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8488 Description A vulnerability in some versions of Microsoft SharePoint could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft SharePoint could lead to privilege escalation.
The flaw lies in the Improperly Sanitize Web Request component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the user to open a vulnerable website, email or document.
24231 - (MSPT-Oct2018) Microsoft SharePoint Improperly Sanitize Crafted Web Request Privilege Escalation (CVE-2018- 8480)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8480
Description A vulnerability in some versions of Microsoft SharePoint could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft SharePoint could lead to privilege escalation.
The flaw lies in the Improperly Sanitize Crafted Web Request component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.
24232 - (MSPT-Oct2018) Microsoft PowerPoint Improperly Handle Objects in Protected View Security Bypass (CVE-2018- 8501)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8501
Description A vulnerability in some versions of Microsoft PowerPoint could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft PowerPoint could lead to remote code execution.
The flaw lies in the Improperly Handle Objects in Protected View component. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions. The exploit requires the user to open a vulnerable website, email or document.
24233 - (MSPT-Oct2018) Microsoft Excel Improperly Handle Objects in Protected View Security Bypass (CVE-2018-8502)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8502
Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
The flaw lies in the Improperly Handle Objects in Protected View component. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions. The exploit requires the user to open a vulnerable website, email or document.
24234 - (MSPT-Oct2018) Microsoft Word Improperly Handle Objects in Protected View Security Bypass (CVE-2018-8504)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8504
Description A vulnerability in some versions of Microsoft Word could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Word could lead to remote code execution.
The flaw lies in the Improperly Handle Objects in Protected View component. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions. The exploit requires the user to open a vulnerable website, email or document.
24235 - (MSPT-Oct2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-8330)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8330
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the attacker to have valid credentials to the vulnerable system.
24236 - (MSPT-Oct2018) Microsoft Windows Kernel Privilege Escalation (CVE-2018-8497)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8497
Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.
The flaw lies in the Kernel component. Successful exploitation could allow a local user to gain elevated privileges.The exploit requires the attacker to have valid credentials to the vulnerable system. 24240 - (MSPT-Oct2018) Microsoft Edge Content Security Policy Security Bypass Vulnerability (CVE-2018-8512)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8512
Description A vulnerability in some versions of Microsoft Edge could lead to security bypass.
Observation A vulnerability in some versions of Microsoft Edge could lead to security bypass.
The flaw lies in the Content Security Policy component. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions. The exploit requires the user to open a vulnerable website, email or document.
24244 - (MSPT-Oct2018) Microsoft Exchange Outlook Web Access Privilege Escalation (CVE-2018-8265)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8265
Description A vulnerability in some versions of Microsoft Exchange could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Exchange could lead to privilege escalation.
The flaw lies in the Outlook Web Access component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.
24245 - (MSPT-Oct2018) Microsoft Exchange Outlook Web Access Privilege Escalation (CVE-2018-8448)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8448
Description A vulnerability in some versions of Microsoft Exchange could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Exchange could lead to privilege escalation.
The flaw lies in the Outlook Web Access component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.
24253 - (MSPT-Oct2018) Microsoft Windows Media Player Information Disclosure Vulnerability (CVE-2018-8481)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8481
Description A vulnerability in some versions of Microsoft Windows Media Player could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows Media Player could lead to information disclosure.
The flaw lies in the Media Player component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.
24254 - (MSPT-Oct2018) Microsoft Windows Media Player Information Disclosure Vulnerability (CVE-2018-8482)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8482
Description A vulnerability in some versions of Microsoft Windows Media Player could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows Media Player could lead to information disclosure.
The flaw lies in the Media Player component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the attacker to have valid credentials to the vulnerable system.
24255 - (MSPT-Oct2018) Microsoft DirectX Graphics Kernel Privilege Escalation (CVE-2018-8484)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8484
Description A vulnerability in some versions of Microsoft DirectX could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft DirectX could lead to privilege escalation.
The flaw lies in the Graphics Kernel component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the user to run a specially crafted application.
24256 - (MSPT-Oct2018) Microsoft DirectX Improperly Handles Objects in Memory Information Disclosure (CVE-2018-8486)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8486
Description A vulnerability in some versions of Microsoft DirectX could lead to information disclosure. Observation A vulnerability in some versions of Microsoft DirectX could lead to information disclosure.
The flaw is due to Improper Handling of Objects in Memory by DirectX component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the attacker to have valid credentials to the vulnerable system.
24257 - (MSPT-Oct2018) Microsoft Windows Win32k Privilege Escalation (CVE-2018-8453)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8453
Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.
The flaw lies in the Win32k component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.
24258 - (MSPT-Oct2018) Microsoft Edge Improperly Handles Requests Security Bypass Vulnerability (CVE-2018-8530)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8530
Description A vulnerability in some versions of Microsoft Edge could lead to security bypass.
Observation A vulnerability in some versions of Microsoft Edge could lead to security bypass.
The flaw lies in the Improperly Handles Requests component. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions. The exploit requires the user to open a vulnerable website, email or document.
24261 - (MSPT-Oct2018) Microsoft Device Guard PowerShell Security Bypass (CVE-2018-8492)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8492
Description A vulnerability in some versions of Microsoft Device Guard could lead to security bypass.
Observation A vulnerability in some versions of Microsoft Device Guard could lead to security bypass.
The flaw lies in the PowerShell component. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions. The exploit requires the attacker to have valid credentials to the vulnerable system.
24262 - (MSPT-Oct2018) Microsoft Windows TCP/IP stack improperly handles fragmented IP packets Information Disclosure (CVE-2018-8493)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8493
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the TCP/IP stack improperly handles fragmented IP packets component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.
24264 - (MSPT-Oct2018) Microsoft Windows Codecs Library Information Disclosure (CVE-2018-8506)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8506
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Codecs Library component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.
ENHANCED CHECKS
The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 22041 - (SA-CORE-2017-003) Drupal Core Multiple Vulnerabilities
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-2017-6920, CVE-2017-6921, CVE-2017-6922
Update Details Risk is updated
24045 - (HPESBHF03843) HPE Moonshot Provisioning Manager Multiple Vulnerabilities
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-7072, CVE-2018-7073
Update Details Risk is updated
131179 - Debian Linux 9.0 DSA-4267-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2018-14767
Update Details Risk is updated
141607 - Red Hat Enterprise Linux RHSA-2017-1259 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-7470
Update Details Risk is updated
182389 - FreeBSD drupal Drupal Core - Multiple Vulnerabilities (4fc2df49-6279-11e7-be0f-6cf0497db129)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2017-6920, CVE-2017-6921, CVE-2017-6922
Update Details Risk is updated
182796 - FreeBSD moodle Multiple Vulnerabilities (074cb225-bb2d-11e8-90e1-fcaa147e860e)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2018-14630, CVE-2018-14631, CVE-2018-1999022
Update Details Risk is updated
131171 - Debian Linux 9.0 DSA-4260-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14679, CVE-2018-14680, CVE-2018-14681, CVE-2018-14682
Update Details Risk is updated
171007 - Amazon Linux AMI ALAS-2018-1066 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14851, CVE-2018-14883
Update Details Risk is updated
191843 - Fedora Linux 24 FEDORA-2017-788129b61c Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2623
Update Details Risk is updated
191854 - Fedora Linux 25 FEDORA-2017-003fa5648c Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2623
Update Details Risk is updated
194006 - Fedora Linux 28 FEDORA-2018-ddda173f56 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14679
Update Details Risk is updated
194032 - Fedora Linux 27 FEDORA-2018-e1adecd46c Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14679
Update Details Risk is updated
194034 - Fedora Linux 28 FEDORA-2018-b7d774a7c1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10920, CVE-2018-1110
Update Details Risk is updated
145446 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2017:1862-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2017-2625
Update Details Risk is updated
145450 - SuSE SLES 11 SP4 SUSE-SU-2017:1868-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2017-2625
Update Details Risk is updated
145654 - SuSE Linux 42.2 openSUSE-SU-2017:1802-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2017-2625
Update Details Risk is updated
146332 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0338-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2017-2625
Update Details Risk is updated
191780 - Fedora Linux 25 FEDORA-2017-9a9328c159 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-2625
Update Details Risk is updated
191797 - Fedora Linux 24 FEDORA-2017-bcb1999e65 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-2625
Update Details Risk is updated
191898 - Fedora Linux 26 FEDORA-2017-09f65e5e00 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-2625
Update Details Risk is updated
70014 - netbios-helpers.fasl3.inc
Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH
Update Details FASLScript is updated
DELETED CHECKS
24224 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-MAP-NOMATCH
ADDITIONAL NOTES
24224 - is replaced by FID 24214
HOW TO UPDATE
FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.
FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.
MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.
MCAFEE TECHNICAL SUPPORT ServicePortal: https://mysupport.mcafee.com Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.
Copyright 2018 McAfee, Inc. McAfee is a registered trademark of McAfee, Inc. and/or its affiliates