Mcafee Foundstone Fsl Update

2018-JUL-25 FSL version 7.6.38

MCAFEE FOUNDSTONE FSL UPDATE

To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.

NEW CHECKS

23889 - (HT208932) Apple iCloud Vulnerabilities Prior To 7.6

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267, CVE- 2018-4270, CVE-2018-4271, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278, CVE-2018-4284, CVE-2018-4293

Description Multiple vulnerabilities are present in some versions of Apple iCloud.

Observation Apple iCloud is a manager for the Apple's cloud-based storage service.

Multiple vulnerabilities are present in some versions of Apple iCloud. The flaws lie in multiple components. Successful exploitation could allow an attacker to obtain sensitive information, execute arbitrary code or cause a denial of service.

23893 - (HT208938) Apple iOS Multiple Vulnerabilities Prior To 11.4.1

Category: Wireless Assessment -> NonIntrusive -> iOS Risk Level: High CVE: CVE-2018-4248, CVE-2018-4260, CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE- 2018-4266, CVE-2018-4267, CVE-2018-4270, CVE-2018-4271, CVE-2018-4272, CVE-2018-4273, CVE-2018-4274, CVE-2018-4275, CVE-2018-4277, CVE-2018-4278, CVE-2018-4280, CVE-2018-4282, CVE-2018-4284, CVE-2018-4290, CVE-2018-4293

Description Multiple vulnerabilities are present in some versions of Apple iOS.

Observation Apple iOS is the operating system used by Apple iPhone, iPad, and iPod touch.

Multiple vulnerabilities are present in some versions of Apple iOS. The flaws lie in many components. Successful exploitation could allow an attacker to remotely execute arbitrary code, escalate privileges, disclose sensitive information or cause denial of service on the target.

23900 - (HPESBHF03856) HPE Intelligent Management Center Multiple Vulnerabilities

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2182, CVE-2016-6306, CVE-2016-6309, CVE- 2016-7052 Description Multiple vulnerabilities are present in some versions of HPE Intelligent Management Center.

Observation HPE Intelligent Management Center (iMC) is an enterprise-class network management platform.

Multiple vulnerabilities are present in some versions of HPE Intelligent Management Center. The flaws lie in OpenSSL component. Successful exploitation could allow an attacker to cause a denial of service or disclose private information.

23887 - (JSA10871) Juniper Junos OS RPD Daemon Denial Of Service Vulnerability

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-0037

Description A denial of service vulnerability is present in some versions of Juniper Junos.

Observation Juniper Junos is an operating system used in Juniper device.

A denial of service vulnerability is present in some versions of Juniper Junos. The flaw lies in junos RPD daemon. Successful exploitation could allow an attacker to cause a denial of service condition.

23850 - (K29154575) F5 BIG-IP ImageMagick Vulnerability

Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2016-3717

Description A vulnerability is present in some versions of F5's BIG-IP products.

Observation F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.

A vulnerability is present in some versions of F5's BIG-IP products. The flaw lies in the ImageMagick's LABEL coder. Successful exploitation could allow a remote attacker to gain access to sensitive information.

23881 - VideoLAN VLC Media Player Remote Code Execution Vulnerability Prior To 3.0.2

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-11516

Description A vulnerability is present in some versions of VideoLAN VLC Media Player.

Observation VideoLAN VLC Media Player is a popular open source media player. A vulnerability is present in some versions of VideoLAN VLC Media Player. The flaw lies in the vlc_demux_chained_Delete function. Successful exploitation could allow an attacker to cause a denial of service condition or execute arbitrary code on the target system.

23882 - (K13213573) F5 BIG-IP Linux Kernel Vulnerability

Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2012-6701

Description A vulnerability is present in some versions of F5's BIG-IP products.

Observation F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.

A vulnerability is present in some versions of F5's BIG-IP products. The flaw lies in Linux kernel. Successful exploitation could allow a local attacker to cause a denial of service condition.

23884 - (HT208934) Apple Safari Vulnerabilities Prior To 11.1.2

Category: SSH Module -> NonIntrusive -> Mac OS X Patches and Hotfixes Risk Level: High CVE: CVE-2018-4260, CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE- 2018-4267, CVE-2018-4270, CVE-2018-4271, CVE-2018-4272, CVE-2018-4273, CVE-2018-4274, CVE-2018-4278, CVE-2018-4279, CVE-2018-4284

Description Multiple vulnerabilities are present in some versions of Apple Safari.

Observation Apple Safari is a popular web browser.

Multiple vulnerabilities are present in some versions of Apple Safari. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause a denial of service condition, lead to remote code execution or address bar spoofing.

23885 - IBM DB2 Privilege Escalation Vulnerability (swg22016505)

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-1487

Description A vulnerability is present in some versions of IBM DB2.

Observation IBM DB2 is a popular relational database management server.

A vulnerability is present in some versions of IBM DB2. The flaw is due to loading libraries from an untrusted path. Successful exploitation could allow a local attacker to gain full access to the DB2 instance account.

23891 - IBM WebSphere Application Server Multiple Vulnerabilities (swg22016214)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2012-1007, CVE-2014-0114, CVE-2016-1181, CVE-2016-1182

Description Multiple vulnerabilities are present in some versions of IBM WebSphere Application Server.

Observation IBM WebSphere Application Server is a server engine for Java EE Web applications.

Multiple vulnerabilities are present in some versions of IBM WebSphere Application Server. The flaws lie in Apache Struts and Apache Commons components. Successful exploitation could allow an attacker to retrieve sensitive data, bypass security access restrictions or execute arbitrary code on the target system.

23896 - IBM DB2 Multiple Untrusted Search Path Vulnerabilities (swg22016624)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1458

Description Multiple untrusted search path vulnerabilities are present in some versions of IBM DB2.

Observation IBM DB2 is a popular relational database management server.

Multiple untrusted search path vulnerabilities are present in some versions of IBM DB2. The flaw is due to untrusted search path in the DB2 Administration Server component. Successful exploitation could allow a local attacker to execute arbitrary code on target system with elevated privileges.

23899 - Oracle Secure Global Desktop Critical Patch Update July 2018

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-0739, CVE-2018-1000300, CVE-2018-1305

Description Multiple vulnerabilities are present in some versions of Oracle Secure Global Desktop.

Observation Oracle Secure Global Desktop is a secure remote access solution.

Multiple vulnerabilities are present in some versions of Oracle Secure Global Desktop. The flaws lie in the Curl, OpenSSL and Apache Tomcat Server components. Successful exploitation could allow an attacker to affect confidentiality, integrity and availability.

131160 - Debian Linux 9.0 DSA-4254-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2018-10995, CVE-2018-7033

Description The scan detected that the host is missing the following update: DSA-4254-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4254

Debian 9.0 all slurm-llnl_16.05.9-1+deb9u2

146872 - SuSE Linux 42.3 openSUSE-SU-2018:2021-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-1116

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:2021-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-07/msg00055.html

SuSE Linux 42.3 i586 polkit-debugsource-0.113-14.3.1 libpolkit0-debuginfo-0.113-14.3.1 libpolkit0-0.113-14.3.1 typelib-1_0-Polkit-1_0-0.113-14.3.1 polkit-0.113-14.3.1 polkit-devel-debuginfo-0.113-14.3.1 polkit-devel-0.113-14.3.1 polkit-debuginfo-0.113-14.3.1 noarch polkit-doc-0.113-14.3.1 x86_64 polkit-debugsource-0.113-14.3.1 libpolkit0-debuginfo-0.113-14.3.1 libpolkit0-0.113-14.3.1 typelib-1_0-Polkit-1_0-0.113-14.3.1 libpolkit0-debuginfo-32bit-0.113-14.3.1 polkit-0.113-14.3.1 polkit-devel-debuginfo-0.113-14.3.1 polkit-devel-0.113-14.3.1 polkit-debuginfo-0.113-14.3.1 libpolkit0-32bit-0.113-14.3.1

146874 - SuSE Linux 42.3 openSUSE-SU-2018:2023-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-13346, CVE-2018-13347, CVE-2018-13348

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:2023-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-07/msg00057.html

SuSE Linux 42.3 i586 mercurial-debuginfo-4.2.3-15.1 mercurial-debugsource-4.2.3-15.1 mercurial-4.2.3-15.1 noarch mercurial-lang-4.2.3-15.1 x86_64 mercurial-debuginfo-4.2.3-15.1 mercurial-debugsource-4.2.3-15.1 mercurial-4.2.3-15.1

146879 - SuSE Linux 15.0 openSUSE-SU-2018:2014-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-12882

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:2014-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-07/msg00048.html

SuSE Linux 15.0 i586 php7-zlib-debuginfo-7.2.5-lp150.2.6.1 php7-embed-debuginfo-7.2.5-lp150.2.6.1 php7-xmlwriter-7.2.5-lp150.2.6.1 php7-enchant-7.2.5-lp150.2.6.1 php7-bcmath-7.2.5-lp150.2.6.1 php7-xmlwriter-debuginfo-7.2.5-lp150.2.6.1 php7-odbc-debuginfo-7.2.5-lp150.2.6.1 php7-calendar-7.2.5-lp150.2.6.1 php7-tokenizer-debuginfo-7.2.5-lp150.2.6.1 php7-devel-7.2.5-lp150.2.6.1 php7-dba-7.2.5-lp150.2.6.1 php7-iconv-7.2.5-lp150.2.6.1 php7-zlib-7.2.5-lp150.2.6.1 php7-openssl-7.2.5-lp150.2.6.1 php7-sodium-7.2.5-lp150.2.6.1 php7-fpm-7.2.5-lp150.2.6.1 php7-mysql-debuginfo-7.2.5-lp150.2.6.1 php7-dom-debuginfo-7.2.5-lp150.2.6.1 php7-phar-7.2.5-lp150.2.6.1 php7-shmop-7.2.5-lp150.2.6.1 php7-xsl-debuginfo-7.2.5-lp150.2.6.1 php7-tidy-7.2.5-lp150.2.6.1 php7-pcntl-debuginfo-7.2.5-lp150.2.6.1 php7-xmlrpc-7.2.5-lp150.2.6.1 php7-readline-debuginfo-7.2.5-lp150.2.6.1 php7-sqlite-7.2.5-lp150.2.6.1 php7-sysvshm-debuginfo-7.2.5-lp150.2.6.1 php7-phar-debuginfo-7.2.5-lp150.2.6.1 php7-sqlite-debuginfo-7.2.5-lp150.2.6.1 php7-pcntl-7.2.5-lp150.2.6.1 php7-openssl-debuginfo-7.2.5-lp150.2.6.1 php7-wddx-7.2.5-lp150.2.6.1 php7-gd-7.2.5-lp150.2.6.1 php7-gettext-debuginfo-7.2.5-lp150.2.6.1 php7-mbstring-7.2.5-lp150.2.6.1 php7-pdo-debuginfo-7.2.5-lp150.2.6.1 php7-opcache-7.2.5-lp150.2.6.1 php7-dom-7.2.5-lp150.2.6.1 php7-wddx-debuginfo-7.2.5-lp150.2.6.1 php7-soap-7.2.5-lp150.2.6.1 php7-gd-debuginfo-7.2.5-lp150.2.6.1 php7-gettext-7.2.5-lp150.2.6.1 php7-json-debuginfo-7.2.5-lp150.2.6.1 php7-debuginfo-7.2.5-lp150.2.6.1 php7-snmp-7.2.5-lp150.2.6.1 php7-firebird-debuginfo-7.2.5-lp150.2.6.1 php7-fastcgi-debuginfo-7.2.5-lp150.2.6.1 php7-exif-7.2.5-lp150.2.6.1 apache2-mod_php7-debuginfo-7.2.5-lp150.2.6.1 php7-sockets-debuginfo-7.2.5-lp150.2.6.1 php7-ctype-debuginfo-7.2.5-lp150.2.6.1 php7-fileinfo-debuginfo-7.2.5-lp150.2.6.1 php7-intl-7.2.5-lp150.2.6.1 php7-ctype-7.2.5-lp150.2.6.1 php7-tokenizer-7.2.5-lp150.2.6.1 php7-readline-7.2.5-lp150.2.6.1 php7-sysvshm-7.2.5-lp150.2.6.1 php7-pdo-7.2.5-lp150.2.6.1 php7-mbstring-debuginfo-7.2.5-lp150.2.6.1 php7-gmp-7.2.5-lp150.2.6.1 php7-posix-7.2.5-lp150.2.6.1 php7-odbc-7.2.5-lp150.2.6.1 php7-fileinfo-7.2.5-lp150.2.6.1 php7-zip-debuginfo-7.2.5-lp150.2.6.1 php7-shmop-debuginfo-7.2.5-lp150.2.6.1 php7-curl-debuginfo-7.2.5-lp150.2.6.1 php7-bcmath-debuginfo-7.2.5-lp150.2.6.1 php7-ftp-7.2.5-lp150.2.6.1 php7-xsl-7.2.5-lp150.2.6.1 php7-firebird-7.2.5-lp150.2.6.1 php7-zip-7.2.5-lp150.2.6.1 php7-7.2.5-lp150.2.6.1 apache2-mod_php7-7.2.5-lp150.2.6.1 php7-pgsql-debuginfo-7.2.5-lp150.2.6.1 php7-ftp-debuginfo-7.2.5-lp150.2.6.1 php7-fpm-debuginfo-7.2.5-lp150.2.6.1 php7-calendar-debuginfo-7.2.5-lp150.2.6.1 php7-embed-7.2.5-lp150.2.6.1 php7-dba-debuginfo-7.2.5-lp150.2.6.1 php7-sysvsem-debuginfo-7.2.5-lp150.2.6.1 php7-soap-debuginfo-7.2.5-lp150.2.6.1 php7-xmlreader-debuginfo-7.2.5-lp150.2.6.1 php7-opcache-debuginfo-7.2.5-lp150.2.6.1 php7-tidy-debuginfo-7.2.5-lp150.2.6.1 php7-intl-debuginfo-7.2.5-lp150.2.6.1 php7-ldap-7.2.5-lp150.2.6.1 php7-mysql-7.2.5-lp150.2.6.1 php7-sysvmsg-debuginfo-7.2.5-lp150.2.6.1 php7-sodium-debuginfo-7.2.5-lp150.2.6.1 php7-fastcgi-7.2.5-lp150.2.6.1 php7-posix-debuginfo-7.2.5-lp150.2.6.1 php7-json-7.2.5-lp150.2.6.1 php7-bz2-7.2.5-lp150.2.6.1 php7-ldap-debuginfo-7.2.5-lp150.2.6.1 php7-xmlreader-7.2.5-lp150.2.6.1 php7-curl-7.2.5-lp150.2.6.1 php7-xmlrpc-debuginfo-7.2.5-lp150.2.6.1 php7-gmp-debuginfo-7.2.5-lp150.2.6.1 php7-snmp-debuginfo-7.2.5-lp150.2.6.1 php7-enchant-debuginfo-7.2.5-lp150.2.6.1 php7-pgsql-7.2.5-lp150.2.6.1 php7-sysvmsg-7.2.5-lp150.2.6.1 php7-sysvsem-7.2.5-lp150.2.6.1 php7-exif-debuginfo-7.2.5-lp150.2.6.1 php7-sockets-7.2.5-lp150.2.6.1 php7-bz2-debuginfo-7.2.5-lp150.2.6.1 php7-iconv-debuginfo-7.2.5-lp150.2.6.1 php7-debugsource-7.2.5-lp150.2.6.1 noarch php7-pear-Archive_Tar-7.2.5-lp150.2.6.1 php7-pear-7.2.5-lp150.2.6.1 x86_64 php7-zlib-debuginfo-7.2.5-lp150.2.6.1 php7-embed-debuginfo-7.2.5-lp150.2.6.1 php7-xmlwriter-7.2.5-lp150.2.6.1 php7-enchant-7.2.5-lp150.2.6.1 php7-bcmath-7.2.5-lp150.2.6.1 php7-xmlwriter-debuginfo-7.2.5-lp150.2.6.1 php7-odbc-debuginfo-7.2.5-lp150.2.6.1 php7-calendar-7.2.5-lp150.2.6.1 php7-tokenizer-debuginfo-7.2.5-lp150.2.6.1 php7-devel-7.2.5-lp150.2.6.1 php7-dba-7.2.5-lp150.2.6.1 php7-iconv-7.2.5-lp150.2.6.1 php7-zlib-7.2.5-lp150.2.6.1 php7-openssl-7.2.5-lp150.2.6.1 php7-sodium-7.2.5-lp150.2.6.1 php7-fpm-7.2.5-lp150.2.6.1 php7-mysql-debuginfo-7.2.5-lp150.2.6.1 php7-dom-debuginfo-7.2.5-lp150.2.6.1 php7-phar-7.2.5-lp150.2.6.1 php7-shmop-7.2.5-lp150.2.6.1 php7-xsl-debuginfo-7.2.5-lp150.2.6.1 php7-tidy-7.2.5-lp150.2.6.1 php7-pcntl-debuginfo-7.2.5-lp150.2.6.1 php7-xmlrpc-7.2.5-lp150.2.6.1 php7-readline-debuginfo-7.2.5-lp150.2.6.1 php7-sqlite-7.2.5-lp150.2.6.1 php7-sysvshm-debuginfo-7.2.5-lp150.2.6.1 php7-phar-debuginfo-7.2.5-lp150.2.6.1 php7-sqlite-debuginfo-7.2.5-lp150.2.6.1 php7-pcntl-7.2.5-lp150.2.6.1 php7-openssl-debuginfo-7.2.5-lp150.2.6.1 php7-wddx-7.2.5-lp150.2.6.1 php7-gd-7.2.5-lp150.2.6.1 php7-gettext-debuginfo-7.2.5-lp150.2.6.1 php7-mbstring-7.2.5-lp150.2.6.1 php7-pdo-debuginfo-7.2.5-lp150.2.6.1 php7-opcache-7.2.5-lp150.2.6.1 php7-dom-7.2.5-lp150.2.6.1 php7-wddx-debuginfo-7.2.5-lp150.2.6.1 php7-soap-7.2.5-lp150.2.6.1 php7-gd-debuginfo-7.2.5-lp150.2.6.1 php7-gettext-7.2.5-lp150.2.6.1 php7-json-debuginfo-7.2.5-lp150.2.6.1 php7-debuginfo-7.2.5-lp150.2.6.1 php7-snmp-7.2.5-lp150.2.6.1 php7-firebird-debuginfo-7.2.5-lp150.2.6.1 php7-fastcgi-debuginfo-7.2.5-lp150.2.6.1 php7-exif-7.2.5-lp150.2.6.1 apache2-mod_php7-debuginfo-7.2.5-lp150.2.6.1 php7-sockets-debuginfo-7.2.5-lp150.2.6.1 php7-ctype-debuginfo-7.2.5-lp150.2.6.1 php7-fileinfo-debuginfo-7.2.5-lp150.2.6.1 php7-intl-7.2.5-lp150.2.6.1 php7-ctype-7.2.5-lp150.2.6.1 php7-tokenizer-7.2.5-lp150.2.6.1 php7-readline-7.2.5-lp150.2.6.1 php7-sysvshm-7.2.5-lp150.2.6.1 php7-pdo-7.2.5-lp150.2.6.1 php7-mbstring-debuginfo-7.2.5-lp150.2.6.1 php7-gmp-7.2.5-lp150.2.6.1 php7-posix-7.2.5-lp150.2.6.1 php7-odbc-7.2.5-lp150.2.6.1 php7-fileinfo-7.2.5-lp150.2.6.1 php7-zip-debuginfo-7.2.5-lp150.2.6.1 php7-shmop-debuginfo-7.2.5-lp150.2.6.1 php7-curl-debuginfo-7.2.5-lp150.2.6.1 php7-bcmath-debuginfo-7.2.5-lp150.2.6.1 php7-ftp-7.2.5-lp150.2.6.1 php7-xsl-7.2.5-lp150.2.6.1 php7-firebird-7.2.5-lp150.2.6.1 php7-zip-7.2.5-lp150.2.6.1 php7-7.2.5-lp150.2.6.1 apache2-mod_php7-7.2.5-lp150.2.6.1 php7-pgsql-debuginfo-7.2.5-lp150.2.6.1 php7-ftp-debuginfo-7.2.5-lp150.2.6.1 php7-fpm-debuginfo-7.2.5-lp150.2.6.1 php7-calendar-debuginfo-7.2.5-lp150.2.6.1 php7-embed-7.2.5-lp150.2.6.1 php7-dba-debuginfo-7.2.5-lp150.2.6.1 php7-sysvsem-debuginfo-7.2.5-lp150.2.6.1 php7-soap-debuginfo-7.2.5-lp150.2.6.1 php7-xmlreader-debuginfo-7.2.5-lp150.2.6.1 php7-opcache-debuginfo-7.2.5-lp150.2.6.1 php7-tidy-debuginfo-7.2.5-lp150.2.6.1 php7-intl-debuginfo-7.2.5-lp150.2.6.1 php7-ldap-7.2.5-lp150.2.6.1 php7-mysql-7.2.5-lp150.2.6.1 php7-sysvmsg-debuginfo-7.2.5-lp150.2.6.1

146881 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:2051-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-13053, CVE-2018-13405, CVE-2018-13406, CVE-2018-9385

Description The scan detected that the host is missing the following update: SUSE-SU-2018:2051-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-July/004305.html

SuSE SLED 12 SP3 x86_64 kernel-default-extra-debuginfo-4.4.140-94.42.1 kernel-default-debuginfo-4.4.140-94.42.1 kernel-default-extra-4.4.140-94.42.1 kernel-default-debugsource-4.4.140-94.42.1 kernel-syms-4.4.140-94.42.1 kernel-default-devel-4.4.140-94.42.1 kernel-default-4.4.140-94.42.1 noarch kernel-devel-4.4.140-94.42.1 kernel-source-4.4.140-94.42.1 kernel-macros-4.4.140-94.42.1

SuSE SLES 12 SP3 noarch kernel-devel-4.4.140-94.42.1 kernel-source-4.4.140-94.42.1 kernel-macros-4.4.140-94.42.1 x86_64 kernel-default-base-debuginfo-4.4.140-94.42.1 kernel-default-debuginfo-4.4.140-94.42.1 kernel-default-debugsource-4.4.140-94.42.1 kernel-syms-4.4.140-94.42.1 kernel-default-base-4.4.140-94.42.1 kernel-default-devel-4.4.140-94.42.1 kernel-default-4.4.140-94.42.1 146883 - SuSE SLES 11 SP4 SUSE-SU-2018:2042-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-1125, CVE-2018-1126

Description The scan detected that the host is missing the following update: SUSE-SU-2018:2042-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-July/004299.html

SuSE SLES 11 SP4 i586 procps-3.2.7-152.31.1 x86_64 procps-3.2.7-152.31.1

146886 - SuSE SLES 11 SP4 SUSE-SU-2018:2044-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-10360, CVE-2018-12882

Description The scan detected that the host is missing the following update: SUSE-SU-2018:2044-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-July/004301.html

SuSE SLES 11 SP4 i586 php53-gettext-5.3.17-112.28.1 php53-ldap-5.3.17-112.28.1 php53-fastcgi-5.3.17-112.28.1 php53-gmp-5.3.17-112.28.1 php53-curl-5.3.17-112.28.1 php53-mysql-5.3.17-112.28.1 php53-5.3.17-112.28.1 apache2-mod_php53-5.3.17-112.28.1 php53-xmlrpc-5.3.17-112.28.1 php53-dom-5.3.17-112.28.1 php53-zlib-5.3.17-112.28.1 php53-bz2-5.3.17-112.28.1 php53-pdo-5.3.17-112.28.1 php53-shmop-5.3.17-112.28.1 php53-wddx-5.3.17-112.28.1 php53-snmp-5.3.17-112.28.1 php53-json-5.3.17-112.28.1 php53-mbstring-5.3.17-112.28.1 php53-pspell-5.3.17-112.28.1 php53-fileinfo-5.3.17-112.28.1 php53-bcmath-5.3.17-112.28.1 php53-sysvshm-5.3.17-112.28.1 php53-ftp-5.3.17-112.28.1 php53-odbc-5.3.17-112.28.1 php53-tokenizer-5.3.17-112.28.1 php53-sysvsem-5.3.17-112.28.1 php53-sysvmsg-5.3.17-112.28.1 php53-ctype-5.3.17-112.28.1 php53-exif-5.3.17-112.28.1 php53-calendar-5.3.17-112.28.1 php53-pear-5.3.17-112.28.1 php53-soap-5.3.17-112.28.1 php53-pcntl-5.3.17-112.28.1 php53-xmlwriter-5.3.17-112.28.1 php53-dba-5.3.17-112.28.1 php53-openssl-5.3.17-112.28.1 php53-zip-5.3.17-112.28.1 php53-suhosin-5.3.17-112.28.1 php53-gd-5.3.17-112.28.1 php53-xmlreader-5.3.17-112.28.1 php53-iconv-5.3.17-112.28.1 php53-intl-5.3.17-112.28.1 php53-pgsql-5.3.17-112.28.1 php53-mcrypt-5.3.17-112.28.1 php53-xsl-5.3.17-112.28.1 x86_64 php53-gettext-5.3.17-112.28.1 php53-ldap-5.3.17-112.28.1 php53-fastcgi-5.3.17-112.28.1 php53-gmp-5.3.17-112.28.1 php53-curl-5.3.17-112.28.1 php53-mysql-5.3.17-112.28.1 php53-5.3.17-112.28.1 apache2-mod_php53-5.3.17-112.28.1 php53-xmlrpc-5.3.17-112.28.1 php53-dom-5.3.17-112.28.1 php53-zlib-5.3.17-112.28.1 php53-bz2-5.3.17-112.28.1 php53-pdo-5.3.17-112.28.1 php53-shmop-5.3.17-112.28.1 php53-wddx-5.3.17-112.28.1 php53-snmp-5.3.17-112.28.1 php53-json-5.3.17-112.28.1 php53-mbstring-5.3.17-112.28.1 php53-pspell-5.3.17-112.28.1 php53-fileinfo-5.3.17-112.28.1 php53-bcmath-5.3.17-112.28.1 php53-sysvshm-5.3.17-112.28.1 php53-ftp-5.3.17-112.28.1 php53-odbc-5.3.17-112.28.1 php53-tokenizer-5.3.17-112.28.1 php53-sysvsem-5.3.17-112.28.1 php53-sysvmsg-5.3.17-112.28.1 php53-ctype-5.3.17-112.28.1 php53-exif-5.3.17-112.28.1 php53-calendar-5.3.17-112.28.1 php53-pear-5.3.17-112.28.1 php53-soap-5.3.17-112.28.1 php53-pcntl-5.3.17-112.28.1 php53-xmlwriter-5.3.17-112.28.1 php53-dba-5.3.17-112.28.1 php53-openssl-5.3.17-112.28.1 php53-zip-5.3.17-112.28.1 php53-suhosin-5.3.17-112.28.1 php53-gd-5.3.17-112.28.1 php53-xmlreader-5.3.17-112.28.1 php53-iconv-5.3.17-112.28.1 php53-intl-5.3.17-112.28.1 php53-pgsql-5.3.17-112.28.1 php53-mcrypt-5.3.17-112.28.1 php53-xsl-5.3.17-112.28.1

163665 - Oracle Enterprise Linux ELSA-2018-2240 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-17833

Description The scan detected that the host is missing the following update: ELSA-2018-2240

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-July/007899.html

OEL7 x86_64 openslp-2.0.0-7.el7_5 openslp-devel-2.0.0-7.el7_5 openslp-server-2.0.0-7.el7_5

175424 - Scientific Linux Security ERRATA Important: openslp on SL7.x x86_64 (1807-9294)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2017-17833

Description The scan detected that the host is missing the following update: Security ERRATA Important: openslp on SL7.x x86_64 (1807-9294)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1807&L=scientific-linux-errata&F=&S=&P=9294 SL7 x86_64 openslp-debuginfo-2.0.0-7.el7_5 openslp-devel-2.0.0-7.el7_5 openslp-2.0.0-7.el7_5 openslp-server-2.0.0-7.el7_5

186318 - Ubuntu Linux 18.04 USN-3718-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-1108, CVE-2018-11508, CVE-2018-7755

Description The scan detected that the host is missing the following update: USN-3718-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2018-July/004503.html

Ubuntu 18.04 linux-image-generic-lpae_4.15.0.29.31 linux-image-gke_4.15.0.1014.16 linux-image-4.15.0-1016-kvm_4.15.0-1016.16 linux-image-kvm_4.15.0.1016.16 linux-image-4.15.0-1018-azure_4.15.0-1018.18 linux-image-4.15.0-29-generic_4.15.0-29.31 linux-image-4.15.0-29-lowlatency_4.15.0-29.31 linux-image-aws_4.15.0.1016.16 linux-image-4.15.0-29-snapdragon_4.15.0-29.31 linux-image-4.15.0-1016-aws_4.15.0-1016.16 linux-image-snapdragon_4.15.0.29.31 linux-image-oem_4.15.0.1012.14 linux-image-generic_4.15.0.29.31 linux-image-4.15.0-1014-gcp_4.15.0-1014.14 linux-image-gcp_4.15.0.1014.16 linux-image-lowlatency_4.15.0.29.31 linux-image-4.15.0-29-generic-lpae_4.15.0-29.31 linux-image-azure_4.15.0.1018.18

186321 - Ubuntu Linux 16.04 USN-3718-2 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-1108, CVE-2018-11508, CVE-2018-7755

Description The scan detected that the host is missing the following update: USN-3718-2

Ubuntu 16.04 linux-image-4.15.0-29-generic-lpae_4.15.0-29.31~16.04.1 linux-image-gcp_4.15.0.1014.26 linux-image-4.15.0-29-generic_4.15.0-29.31~16.04.1 linux-image-4.15.0-1014-gcp_4.15.0-1014.14~16.04.1 linux-image-generic-hwe-16.04_4.13.0.45.64 linux-image-4.15.0-1018-azure_4.15.0-1018.18~16.04.1 linux-image-4.15.0-29-lowlatency_4.15.0-29.31~16.04.1 linux-image-generic-lpae-hwe-16.04_4.13.0.45.64 linux-image-lowlatency-hwe-16.04_4.13.0.45.64 linux-image-azure_4.15.0.1018.24 linux-image-gke_4.15.0.1014.26

193958 - Fedora Linux 28 FEDORA-2018-05acd3c734 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-17833

Description The scan detected that the host is missing the following update: FEDORA-2018-05acd3c734

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/7/?count=200&page=2

Fedora Core 28 openslp-2.0.0-18.fc28

193967 - Fedora Linux 27 FEDORA-2018-04b3af1edf Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-6758, CVE-2018-7490

Description The scan detected that the host is missing the following update: FEDORA-2018-04b3af1edf

Fedora Core 27 uwsgi-2.0.17.1-1.fc27

196046 - Red Hat Enterprise Linux RHSA-2018-2252 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018- 12366, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-5188

Description The scan detected that the host is missing the following update: RHSA-2018-2252

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-July/msg00040.html

RHEL7D x86_64 thunderbird-debuginfo-52.9.1-1.el7_5 thunderbird-52.9.1-1.el7_5

RHEL7S x86_64 thunderbird-debuginfo-52.9.1-1.el7_5 thunderbird-52.9.1-1.el7_5

RHEL7WS x86_64 thunderbird-debuginfo-52.9.1-1.el7_5 thunderbird-52.9.1-1.el7_5

196047 - Red Hat Enterprise Linux RHSA-2018-2245 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-3760

Description The scan detected that the host is missing the following update: RHSA-2018-2245

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-July/msg00032.html

RHEL7S noarch rh-ror50-rubygem-sprockets-doc-3.7.1-2.el7 rh-ror50-rubygem-sprockets-3.7.1-2.el7 RHEL6S noarch rh-ror50-rubygem-sprockets-3.7.1-2.el6 rh-ror50-rubygem-sprockets-doc-3.7.1-2.el6

RHEL6WS noarch rh-ror50-rubygem-sprockets-3.7.1-2.el6 rh-ror50-rubygem-sprockets-doc-3.7.1-2.el6

RHEL6_7S noarch rh-ror50-rubygem-sprockets-3.7.1-2.el6 rh-ror50-rubygem-sprockets-doc-3.7.1-2.el6

RHEL7_3S noarch rh-ror50-rubygem-sprockets-doc-3.7.1-2.el7 rh-ror50-rubygem-sprockets-3.7.1-2.el7

RHEL7WS noarch rh-ror50-rubygem-sprockets-doc-3.7.1-2.el7 rh-ror50-rubygem-sprockets-3.7.1-2.el7

196048 - Red Hat Enterprise Linux RHSA-2018-2240 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-17833

Description The scan detected that the host is missing the following update: RHSA-2018-2240

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-July/msg00029.html

RHEL7D x86_64 openslp-debuginfo-2.0.0-7.el7_5 openslp-devel-2.0.0-7.el7_5 openslp-2.0.0-7.el7_5 openslp-server-2.0.0-7.el7_5

RHEL7S x86_64 openslp-debuginfo-2.0.0-7.el7_5 openslp-devel-2.0.0-7.el7_5 openslp-2.0.0-7.el7_5 openslp-server-2.0.0-7.el7_5

RHEL7WS x86_64 openslp-debuginfo-2.0.0-7.el7_5 openslp-devel-2.0.0-7.el7_5 openslp-2.0.0-7.el7_5 openslp-server-2.0.0-7.el7_5

196053 - Red Hat Enterprise Linux RHSA-2018-2251 Update Is Not Installed

Description The scan detected that the host is missing the following update: RHSA-2018-2251

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-July/msg00041.html

RHEL6S i386 thunderbird-52.9.1-1.el6 thunderbird-debuginfo-52.9.1-1.el6 x86_64 thunderbird-52.9.1-1.el6 thunderbird-debuginfo-52.9.1-1.el6

RHEL6D x86_64 thunderbird-52.9.1-1.el6 thunderbird-debuginfo-52.9.1-1.el6 i386 thunderbird-52.9.1-1.el6 thunderbird-debuginfo-52.9.1-1.el6

RHEL6WS x86_64 thunderbird-52.9.1-1.el6 thunderbird-debuginfo-52.9.1-1.el6 i386 thunderbird-52.9.1-1.el6 thunderbird-debuginfo-52.9.1-1.el6

196054 - Red Hat Enterprise Linux RHSA-2018-2244 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-3760

Description The scan detected that the host is missing the following update: RHSA-2018-2244

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-July/msg00033.html

RHEL7S noarch rh-ror42-rubygem-sprockets-doc-3.2.0-5.el7 rh-ror42-rubygem-sprockets-3.2.0-5.el7

RHEL6S noarch rh-ror42-rubygem-sprockets-3.2.0-5.el6 rh-ror42-rubygem-sprockets-doc-3.2.0-5.el6

RHEL6WS noarch rh-ror42-rubygem-sprockets-3.2.0-5.el6 rh-ror42-rubygem-sprockets-doc-3.2.0-5.el6

RHEL6_7S noarch rh-ror42-rubygem-sprockets-3.2.0-5.el6 rh-ror42-rubygem-sprockets-doc-3.2.0-5.el6

RHEL7_3S noarch rh-ror42-rubygem-sprockets-doc-3.2.0-5.el7 rh-ror42-rubygem-sprockets-3.2.0-5.el7

RHEL7WS noarch rh-ror42-rubygem-sprockets-doc-3.2.0-5.el7 rh-ror42-rubygem-sprockets-3.2.0-5.el7

131156 - Debian Linux 9.0 DSA-4249-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10001, CVE-2018-12458, CVE-2018-13300, CVE-2018-13302, CVE-2018-6392, CVE-2018-6621, CVE-2018-7557

Description The scan detected that the host is missing the following update: DSA-4249-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4249

Debian 9.0 all ffmpeg_7:3.2.11-1~deb9u1 131157 - Debian Linux 9.0 DSA-4248-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-12081, CVE-2017-12082, CVE-2017-12086, CVE-2017-12099, CVE-2017-12100, CVE-2017-12101, CVE-2017- 12102, CVE-2017-12103, CVE-2017-12104, CVE-2017-12105, CVE-2017-2899, CVE-2017-2900, CVE-2017-2901, CVE-2017-2902, CVE-2017-2903, CVE-2017-2904, CVE-2017-2905, CVE-2017-2906, CVE-2017-2907, CVE-2017-2908, CVE-2017-2918

Description The scan detected that the host is missing the following update: DSA-4248-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4248

Debian 9.0 all blender_2.79.b+dfsg0-1~deb9u1

146871 - SuSE Linux 15.0 openSUSE-SU-2018:2011-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-12015

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:2011-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-07/msg00045.html

SuSE Linux 15.0 i586 perl-debuginfo-5.26.1-lp150.6.3.1 perl-5.26.1-lp150.6.3.1 perl-debugsource-5.26.1-lp150.6.3.1 perl-base-debuginfo-5.26.1-lp150.6.3.1 perl-base-5.26.1-lp150.6.3.1 noarch perl-doc-5.26.1-lp150.6.3.1 x86_64 perl-32bit-5.26.1-lp150.6.3.1 perl-debugsource-5.26.1-lp150.6.3.1 perl-debuginfo-5.26.1-lp150.6.3.1 perl-base-32bit-5.26.1-lp150.6.3.1 perl-base-5.26.1-lp150.6.3.1 perl-32bit-debuginfo-5.26.1-lp150.6.3.1 perl-5.26.1-lp150.6.3.1 perl-base-debuginfo-5.26.1-lp150.6.3.1 perl-base-32bit-debuginfo-5.26.1-lp150.6.3.1

146875 - SuSE Linux 15.0 openSUSE-SU-2018:2015-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10017, CVE-2018-11710

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:2015-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-07/msg00049.html

SuSE Linux 15.0 x86_64 libmodplug1-32bit-debuginfo-0.3.9-lp150.2.3.1 libmodplug1-32bit-0.3.9-lp150.2.3.1 libopenmpt0-0.3.9-lp150.2.3.1 libmodplug1-0.3.9-lp150.2.3.1 libopenmpt_modplug1-32bit-debuginfo-0.3.9-lp150.2.3.1 libmodplug1-debuginfo-0.3.9-lp150.2.3.1 libopenmpt0-32bit-0.3.9-lp150.2.3.1 libopenmpt_modplug1-0.3.9-lp150.2.3.1 libopenmpt0-debuginfo-0.3.9-lp150.2.3.1 libopenmpt_modplug1-32bit-0.3.9-lp150.2.3.1 openmpt123-debuginfo-0.3.9-lp150.2.3.1 libopenmpt-devel-0.3.9-lp150.2.3.1 libmodplug-devel-0.3.9-lp150.2.3.1 libopenmpt0-32bit-debuginfo-0.3.9-lp150.2.3.1 openmpt123-0.3.9-lp150.2.3.1 libopenmpt-debugsource-0.3.9-lp150.2.3.1 libopenmpt_modplug1-debuginfo-0.3.9-lp150.2.3.1 i586 libmodplug-devel-0.3.9-lp150.2.3.1 libopenmpt-debugsource-0.3.9-lp150.2.3.1 openmpt123-0.3.9-lp150.2.3.1 libmodplug1-0.3.9-lp150.2.3.1 libopenmpt0-0.3.9-lp150.2.3.1 openmpt123-debuginfo-0.3.9-lp150.2.3.1 libopenmpt_modplug1-0.3.9-lp150.2.3.1 libopenmpt_modplug1-debuginfo-0.3.9-lp150.2.3.1 libmodplug1-debuginfo-0.3.9-lp150.2.3.1 libopenmpt-devel-0.3.9-lp150.2.3.1 libopenmpt0-debuginfo-0.3.9-lp150.2.3.1

146876 - SuSE SLES 11 SP4 SUSE-SU-2018:1992-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-12015

Description The scan detected that the host is missing the following update: SUSE-SU-2018:1992-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-July/004286.html

SuSE SLES 11 SP4 i586 perl-doc-5.10.0-64.81.13.1 perl-5.10.0-64.81.13.1 perl-Module-Build-0.2808.01-0.81.13.1 perl-Test-Simple-0.72-0.81.13.1 perl-base-5.10.0-64.81.13.1 x86_64 perl-5.10.0-64.81.13.1 perl-32bit-5.10.0-64.81.13.1 perl-Test-Simple-0.72-0.81.13.1 perl-doc-5.10.0-64.81.13.1 perl-base-5.10.0-64.81.13.1 perl-Module-Build-0.2808.01-0.81.13.1

146878 - SuSE Linux 42.3 openSUSE-SU-2018:2010-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-12015

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:2010-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-07/msg00044.html

SuSE Linux 42.3 i586 perl-5.18.2-15.2 perl-base-5.18.2-15.2 perl-base-debuginfo-5.18.2-15.2 perl-debugsource-5.18.2-15.2 perl-debuginfo-5.18.2-15.2 noarch perl-doc-5.18.2-15.2 x86_64 perl-32bit-5.18.2-15.2 perl-debugsource-5.18.2-15.2 perl-debuginfo-32bit-5.18.2-15.2 perl-base-5.18.2-15.2 perl-debuginfo-5.18.2-15.2 perl-base-debuginfo-5.18.2-15.2 perl-base-debuginfo-32bit-5.18.2-15.2 perl-base-32bit-5.18.2-15.2 perl-5.18.2-15.2

146882 - SuSE Linux 42.3 openSUSE-SU-2018:2013-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000422

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:2013-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-07/msg00047.html

SuSE Linux 42.3 i586 libgdk_pixbuf-2_0-0-2.34.0-16.1 gdk-pixbuf-devel-debuginfo-2.34.0-16.1 gdk-pixbuf-debugsource-2.34.0-16.1 typelib-1_0-GdkPixbuf-2_0-2.34.0-16.1 libgdk_pixbuf-2_0-0-debuginfo-2.34.0-16.1 gdk-pixbuf-devel-2.34.0-16.1 gdk-pixbuf-query-loaders-debuginfo-2.34.0-16.1 gdk-pixbuf-query-loaders-2.34.0-16.1 noarch gdk-pixbuf-lang-2.34.0-16.1 x86_64 libgdk_pixbuf-2_0-0-32bit-2.34.0-16.1 typelib-1_0-GdkPixbuf-2_0-2.34.0-16.1 libgdk_pixbuf-2_0-0-2.34.0-16.1 gdk-pixbuf-query-loaders-2.34.0-16.1 libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-16.1 libgdk_pixbuf-2_0-0-debuginfo-2.34.0-16.1 gdk-pixbuf-query-loaders-32bit-2.34.0-16.1 gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-16.1 gdk-pixbuf-devel-2.34.0-16.1 gdk-pixbuf-debugsource-2.34.0-16.1 gdk-pixbuf-devel-debuginfo-32bit-2.34.0-16.1 gdk-pixbuf-devel-32bit-2.34.0-16.1 gdk-pixbuf-devel-debuginfo-2.34.0-16.1 gdk-pixbuf-query-loaders-debuginfo-2.34.0-16.1

193950 - Fedora Linux 27 FEDORA-2018-fb071377ba Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10887, CVE-2018-10888, CVE-2018-11235

Description The scan detected that the host is missing the following update: FEDORA-2018-fb071377ba

Fedora Core 27 libgit2-0.26.5-1.fc27

193960 - Fedora Linux 28 FEDORA-2018-4d253dc945 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10887, CVE-2018-10888, CVE-2018-11235

Description The scan detected that the host is missing the following update: FEDORA-2018-4d253dc945

Fedora Core 28 libgit2-0.26.5-1.fc28

23847 - (VMSA-2018-0016) VMware ESXi Multiple Vulnerabilities

Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-2018-6965, CVE-2018-6966, CVE-2018-6967

Description Multiple vulnerabilities are present in some versions of VMware ESXi.

Observation VMware ESXi is a popular virtualization platform.

Multiple vulnerabilities are present in some versions of VMware ESXi. The flaws lie in multiple components. Successful exploitation could allow an attacker to retrieve sensitive data or cause a denial of service condition in the target system.

23848 - (VMSA-2018-0016) VMware ESXi Multiple Vulnerabilities Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2018-6965, CVE-2018-6966, CVE-2018-6967

Description Multiple vulnerabilities are present in some versions of VMware ESXi.

Observation VMware ESXi is a popular virtualization platform.

23878 - (APSB18-22) Vulnerabilities In Adobe Connect

Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-2018-12804, CVE-2018-12805, CVE-2018-4994

Description Multiple vulnerabilities are present in some versions of Adobe Connect.

Observation Adobe Connect is a network meeting solution.

Multiple vulnerabilities are present in some versions of Adobe Connect. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause disclosure of information, hijacking of sessions or privilege escalation.

23879 - Novell Client for Open Enterprise Server Privilege Escalation Vulnerability Prior To 2 SP4 IR8a

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-7687

Description A vulnerability is present in some versions of Novell Client for Open Enterprise Server.

Observation Novell Client for Open Enterprise Server provides OES Linux/NetWare servers through Windows OS.

A vulnerability is present in some versions of Novell Client for Open Enterprise Server. The flaw is related with a memory-usage issue. Successful exploitation could allow an attacker to escalate privileges in the target system.

23880 - IBM WebSphere Application Server Security Bypass Vulnerability (swg22015348)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2015-0899

Description A vulnerability is present in some versions of IBM WebSphere Application Server.

Observation IBM WebSphere Application Server is a server engine for Java EE Web applications.

A vulnerability is present in some versions of IBM WebSphere Application Server. The flaw lies in the Apache Struts component. Successful exploitation could allow an attacker to bypass security restrictions.

23886 - (HT208847) Apple Boot Camp Wi-Fi Multiple Vulnerabilities

Category: SSH Module -> NonIntrusive -> Mac OS X Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-13077, CVE-2017-13078, CVE-2017-13080

Description Multiple vulnerabilities are present in some versions of Apple Boot Camp.

Observation Apple Boot Camp is a multi boot utility for OS X.

Multiple vulnerabilities are present in some versions of Apple Boot Camp. The flaws are related with the Wi-Fi feature. Successful exploitation could allow an attacker to retrieve sensitive data or cause a denial of service condition of the target system.

23888 - IBM WebSphere Application Server Information Disclosure Vulnerability (swg22016821)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1621

Description An information disclosure vulnerability is present in some versions of IBM WebSphere Application Server.

Observation IBM WebSphere Application Server is a server engine for Java EE Web applications.

An information disclosure vulnerability is present in some versions of IBM WebSphere Application Server. The flaw lies in how the software handles datasource custom properties. Successful exploitation could allow an attacker to obtain sensitive information.

23894 - IBM WebSphere Application Server Liberty Information Disclosure Vulnerability (swg22016218)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1553

Description A vulnerability is present in some versions of IBM WebSphere Application Server Liberty Profile.

Observation IBM WebSphere Application Server Liberty Profile is a server engine for Java EE Web applications.

A vulnerability is present in some versions of IBM WebSphere Application Server Liberty Profile. The flaw lies in SAML Web SSO feature. Successful exploitation could allow an attacker to retrieve sensitive information from the target system.

23895 - (K29146534) F5 BIG-IP SBB Variant 4 Vulnerability

Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2018-3639

Description A vulnerability is present in some versions of F5's BIG-IP products.

Observation F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.

A vulnerability is present in some versions of F5's BIG-IP products. The flaw lies in F5 hardware platforms. Successful exploitation could allow an attacker to gain access to sensitive information.

23898 - WordPress Multiple Vulnerabilities Prior To 4.9.7

Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-MAP-NOMATCH

Description Multiple vulnerabilities are present in some versions of WordPress.

Observation WordPress is a popular blog application.

Multiple vulnerabilities are present in some versions of WordPress. The flaws lie in multiple components. Successful exploitation could allow an attacker to to delete files outside the uploads directory.

23902 - Cisco Webex Network Recording Players Multiple Denial Of Service Vulnerabilities (sa-20180718-webex-dos)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0380

Description Multiple vulnerabilities are present in some versions of Cisco WebEx Network Recording Players.

Observation Cisco WebEx Network Recording Players are used to play WebEx sessions in ARF or WRF formats.

Multiple vulnerabilities are present in some versions of Cisco WebEx Network Recording Players. The flaws lie in unspecified components. Successful exploitation could allow a remote attacker to cause a denial of service condition in the target system.

146873 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:1989-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-10708

Description The scan detected that the host is missing the following update: SUSE-SU-2018:1989-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-July/004283.html

SuSE SLED 12 SP3 x86_64 openssh-askpass-gnome-7.2p2-74.19.1 openssh-askpass-gnome-debuginfo-7.2p2-74.19.1 openssh-helpers-debuginfo-7.2p2-74.19.1 openssh-debuginfo-7.2p2-74.19.1 openssh-debugsource-7.2p2-74.19.1 openssh-7.2p2-74.19.1 openssh-helpers-7.2p2-74.19.1

SuSE SLES 12 SP3 x86_64 openssh-askpass-gnome-7.2p2-74.19.1 openssh-askpass-gnome-debuginfo-7.2p2-74.19.1 openssh-fips-7.2p2-74.19.1 openssh-helpers-debuginfo-7.2p2-74.19.1 openssh-debuginfo-7.2p2-74.19.1 openssh-debugsource-7.2p2-74.19.1 openssh-7.2p2-74.19.1 openssh-helpers-7.2p2-74.19.1

178649 - Gentoo Linux GLSA-201807-02 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: GLSA-201807-02

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201807-02

Affected packages: www-apache/passenger < 5.3.2

178650 - Gentoo Linux GLSA-201807-01 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: GLSA-201807-01

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201807-01

Affected packages: dev-python/tqdm < 4.23.3

193965 - Fedora Linux 28 FEDORA-2018-acfce682f4 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-7490

Description The scan detected that the host is missing the following update: FEDORA-2018-acfce682f4

Fedora Core 28 uwsgi-2.0.17.1-1.fc28

196050 - Red Hat Enterprise Linux RHSA-2018-2253 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-2940, CVE-2018-2941, CVE-2018-2952, CVE-2018-2964, CVE-2018-2973

Description The scan detected that the host is missing the following update: RHSA-2018-2253

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-July/msg00038.html

RHEL7D x86_64 java-1.8.0-oracle-javafx-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-devel-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-src-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-plugin-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-jdbc-1.8.0.181-1jpp.2.el7

RHEL7S x86_64 java-1.8.0-oracle-javafx-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-devel-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-src-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-plugin-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-jdbc-1.8.0.181-1jpp.2.el7

RHEL7WS x86_64 java-1.8.0-oracle-javafx-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-devel-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-src-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-plugin-1.8.0.181-1jpp.2.el7 java-1.8.0-oracle-jdbc-1.8.0.181-1jpp.2.el7

196051 - Red Hat Enterprise Linux RHSA-2018-2254 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-2940, CVE-2018-2941, CVE-2018-2952, CVE-2018-2973

Description The scan detected that the host is missing the following update: RHSA-2018-2254

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-July/msg00036.html

RHEL7D x86_64 java-1.7.0-oracle-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-plugin-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-devel-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-javafx-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-src-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-jdbc-1.7.0.191-1jpp.2.el7

RHEL7S x86_64 java-1.7.0-oracle-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-plugin-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-devel-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-javafx-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-src-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-jdbc-1.7.0.191-1jpp.2.el7

RHEL7WS x86_64 java-1.7.0-oracle-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-plugin-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-devel-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-javafx-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-src-1.7.0.191-1jpp.2.el7 java-1.7.0-oracle-jdbc-1.7.0.191-1jpp.2.el7

146877 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:1997-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6252

Description The scan detected that the host is missing the following update: SUSE-SU-2018:1997-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-July/004291.html

SuSE SLED 12 SP3 x86_64 shadow-4.2.1-27.9.1 shadow-debugsource-4.2.1-27.9.1 shadow-debuginfo-4.2.1-27.9.1

SuSE SLES 12 SP3 x86_64 shadow-4.2.1-27.9.1 shadow-debugsource-4.2.1-27.9.1 shadow-debuginfo-4.2.1-27.9.1

146884 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:2040-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-18207

Description The scan detected that the host is missing the following update: SUSE-SU-2018:2040-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-July/004297.html

SuSE SLED 12 SP3 x86_64 python-base-2.7.13-28.6.1 libpython2_7-1_0-32bit-2.7.13-28.6.1 python-base-debuginfo-2.7.13-28.6.1 python-devel-2.7.13-28.6.1 python-debugsource-2.7.13-28.6.1 python-base-debugsource-2.7.13-28.6.1 python-curses-debuginfo-2.7.13-28.6.1 python-debuginfo-2.7.13-28.6.1 python-curses-2.7.13-28.6.1 python-tk-debuginfo-2.7.13-28.6.1 python-base-debuginfo-32bit-2.7.13-28.6.1 libpython2_7-1_0-2.7.13-28.6.1 python-tk-2.7.13-28.6.1 libpython2_7-1_0-debuginfo-32bit-2.7.13-28.6.1 python-2.7.13-28.6.1 python-xml-2.7.13-28.6.1 python-xml-debuginfo-2.7.13-28.6.1 libpython2_7-1_0-debuginfo-2.7.13-28.6.1

SuSE SLES 12 SP3 noarch python-doc-pdf-2.7.13-28.6.1 python-doc-2.7.13-28.6.1 x86_64 python-base-2.7.13-28.6.1 python-idle-2.7.13-28.6.1 libpython2_7-1_0-32bit-2.7.13-28.6.1 python-debuginfo-32bit-2.7.13-28.6.1 python-debugsource-2.7.13-28.6.1 python-base-debugsource-2.7.13-28.6.1 python-curses-debuginfo-2.7.13-28.6.1 python-debuginfo-2.7.13-28.6.1 python-curses-2.7.13-28.6.1 python-gdbm-debuginfo-2.7.13-28.6.1 python-base-32bit-2.7.13-28.6.1 python-tk-debuginfo-2.7.13-28.6.1 python-base-debuginfo-32bit-2.7.13-28.6.1 libpython2_7-1_0-2.7.13-28.6.1 python-tk-2.7.13-28.6.1 python-base-debuginfo-2.7.13-28.6.1 python-2.7.13-28.6.1 python-xml-2.7.13-28.6.1 python-gdbm-2.7.13-28.6.1 python-32bit-2.7.13-28.6.1 libpython2_7-1_0-debuginfo-32bit-2.7.13-28.6.1 python-xml-debuginfo-2.7.13-28.6.1 libpython2_7-1_0-debuginfo-2.7.13-28.6.1 python-demo-2.7.13-28.6.1

146887 - SuSE SLES 11 SP4 SUSE-SU-2018:2037-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-11806, CVE-2018-12617, CVE-2018-12891, CVE-2018-12893, CVE-2018-3665

Description The scan detected that the host is missing the following update: SUSE-SU-2018:2037-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-July/004294.html

SuSE SLES 11 SP4 x86_64 xen-libs-4.4.4_34-61.32.1 xen-doc-html-4.4.4_34-61.32.1 xen-4.4.4_34-61.32.1 xen-tools-domU-4.4.4_34-61.32.1 xen-libs-32bit-4.4.4_34-61.32.1 xen-kmp-default-4.4.4_34_3.0.101_108.57-61.32.1 xen-tools-4.4.4_34-61.32.1 i586 xen-libs-4.4.4_34-61.32.1 xen-kmp-pae-4.4.4_34_3.0.101_108.57-61.32.1 xen-kmp-default-4.4.4_34_3.0.101_108.57-61.32.1 xen-tools-domU-4.4.4_34-61.32.1

163666 - Oracle Enterprise Linux ELSA-2018-2242 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-2952

Description The scan detected that the host is missing the following update: ELSA-2018-2242

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-July/007905.html

OEL7 x86_64 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5 163667 - Oracle Enterprise Linux ELSA-2018-2241 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-2952

Description The scan detected that the host is missing the following update: ELSA-2018-2241

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-July/007900.html

OEL6 x86_64 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el6_10 i386 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el6_10

175423 - Scientific Linux Security ERRATA Moderate: java-1.8.0-openjdk on SL6.x i386/x86_64 (1807-9618)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2018-2952

Description The scan detected that the host is missing the following update: Security ERRATA Moderate: java-1.8.0-openjdk on SL6.x i386/x86_64 (1807-9618)

SL6 i386 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10 noarch java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el6_10 x86_64 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10

175425 - Scientific Linux Security ERRATA Moderate: java-1.8.0-openjdk on SL7.x x86_64 (1807-8939)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2018-2952

Description The scan detected that the host is missing the following update: Security ERRATA Moderate: java-1.8.0-openjdk on SL7.x x86_64 (1807-8939)

SL7 x86_64 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5 noarch java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5

193949 - Fedora Linux 28 FEDORA-2018-9d667bdff8 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-0739, CVE-2018-12437

Description The scan detected that the host is missing the following update: FEDORA-2018-9d667bdff8

Fedora Core 28 libtomcrypt-1.18.2-1.fc28

193954 - Fedora Linux 28 FEDORA-2018-941d094624 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-11469

Description The scan detected that the host is missing the following update: FEDORA-2018-941d094624

Fedora Core 28 haproxy-1.8.12-2.fc28 193957 - Fedora Linux 27 FEDORA-2018-39e0872379 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-0739, CVE-2018-12437

Description The scan detected that the host is missing the following update: FEDORA-2018-39e0872379

Fedora Core 27 libtomcrypt-1.18.2-1.fc27

196045 - Red Hat Enterprise Linux RHSA-2018-2242 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-2952

Description The scan detected that the host is missing the following update: RHSA-2018-2242

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-July/msg00030.html

RHEL7D x86_64 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5 noarch java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5

RHEL7S noarch java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5 x86_64 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5

RHEL7WS x86_64 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5 noarch java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5 java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5

196049 - Red Hat Enterprise Linux RHSA-2018-2250 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-3639

Description The scan detected that the host is missing the following update: RHSA-2018-2250

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-July/msg00035.html

RHEL6_7S i386 kernel-2.6.32-573.60.1.el6 kernel-debug-debuginfo-2.6.32-573.60.1.el6 python-perf-debuginfo-2.6.32-573.60.1.el6 perf-2.6.32-573.60.1.el6 kernel-debug-devel-2.6.32-573.60.1.el6 kernel-devel-2.6.32-573.60.1.el6 perf-debuginfo-2.6.32-573.60.1.el6 kernel-debug-2.6.32-573.60.1.el6 python-perf-2.6.32-573.60.1.el6 kernel-debuginfo-2.6.32-573.60.1.el6 kernel-debuginfo-common-i686-2.6.32-573.60.1.el6 kernel-headers-2.6.32-573.60.1.el6 noarch kernel-doc-2.6.32-573.60.1.el6 kernel-firmware-2.6.32-573.60.1.el6 kernel-abi-whitelists-2.6.32-573.60.1.el6 x86_64 perf-debuginfo-2.6.32-573.60.1.el6 kernel-2.6.32-573.60.1.el6 python-perf-2.6.32-573.60.1.el6 kernel-headers-2.6.32-573.60.1.el6 kernel-debuginfo-common-x86_64-2.6.32-573.60.1.el6 kernel-debug-2.6.32-573.60.1.el6 kernel-debug-debuginfo-2.6.32-573.60.1.el6 python-perf-debuginfo-2.6.32-573.60.1.el6 kernel-debug-devel-2.6.32-573.60.1.el6 perf-2.6.32-573.60.1.el6 kernel-debuginfo-common-i686-2.6.32-573.60.1.el6 kernel-devel-2.6.32-573.60.1.el6 kernel-debuginfo-2.6.32-573.60.1.el6

196052 - Red Hat Enterprise Linux RHSA-2018-2241 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-2952

Description The scan detected that the host is missing the following update: RHSA-2018-2241

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-July/msg00028.html

RHEL6D i386 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10 noarch java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el6_10 x86_64 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10

RHEL6S i386 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10 noarch java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el6_10 x86_64 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10

RHEL6WS x86_64 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el6_10 i386 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10 java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el6_10

88960 - Slackware Linux 14.0, 14.1, 14.2 SSA:2018-199-01 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1333, CVE-2018-8011

Description The scan detected that the host is missing the following update: SSA:2018-199-01

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.437384

Slackware 14.0 x86_64 httpd-2.4.34-x86_64-1

Slackware 14.2 x86_64 httpd-2.4.34-x86_64-1 i586 httpd-2.4.34-i586-1

Slackware 14.1 x86_64 httpd-2.4.34-x86_64-1

88961 - Slackware Linux 14.0, 14.1, 14.2 SSA:2018-201-01 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: SSA:2018-201-01

Slackware 14.0 x86_64 php-5.6.37-x86_64-1

Slackware 14.2 x86_64 php-5.6.37-x86_64-1 i586 php-5.6.37-i586-1

Slackware 14.1 x86_64 php-5.6.37-x86_64-1

131155 - Debian Linux 9.0 DSA-4252-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-14055, CVE-2018-14056

Description The scan detected that the host is missing the following update: DSA-4252-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4252

Debian 9.0 all znc_1.6.5-1+deb9u1

131158 - Debian Linux 9.0 DSA-4255-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-10886

Description The scan detected that the host is missing the following update: DSA-4255-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4255

Debian 9.0 all ant_1.9.9-1+deb9u1

131159 - Debian Linux 9.0 DSA-4251-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-11529

Description The scan detected that the host is missing the following update: DSA-4251-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4251

Debian 9.0 all vlc_3.0.3-1-0+deb9u1

131161 - Debian Linux 9.0 DSA-4250-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-12895

Description The scan detected that the host is missing the following update: DSA-4250-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4250

Debian 9.0 all wordpress_4.7.5+dfsg-2+deb9u4

131162 - Debian Linux 9.0 DSA-4253-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-10900

Description The scan detected that the host is missing the following update: DSA-4253-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4253

Debian 9.0 all network-manager-vpnc_1.2.4-4+deb9u1

182736 - FreeBSD mutt Remote Code Injection And Path Traversal Vulnerability (a2f35081-8a02-11e8-8fa5-4437e6ad11c4)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-14349, CVE-2018-14350, CVE-2018-14351, CVE-2018-14352, CVE-2018-14353, CVE-2018-14354, CVE-2018- 14355, CVE-2018-14356, CVE-2018-14357, CVE-2018-14358, CVE-2018-14359, CVE-2018-14362

Description The scan detected that the host is missing the following update: mutt -- remote code injection and path traversal vulnerability (a2f35081-8a02-11e8-8fa5-4437e6ad11c4)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/a2f35081-8a02-11e8-8fa5-4437e6ad11c4.html

Affected packages: mutt < 1.10.1

182737 - FreeBSD vlc Use After Free Vulnerability (dc57ad48-ecbb-439b-a4d0-5869be47684e)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-11529

Description The scan detected that the host is missing the following update: vlc -- Use after free vulnerability (dc57ad48-ecbb-439b-a4d0-5869be47684e)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/dc57ad48-ecbb-439b-a4d0-5869be47684e.html

Affected packages: vlc <= 2.2.8_6,4 vlc-qt4 <= 2.2.8_6,4

182738 - FreeBSD Memory Leak In Different Components (efe43d2b-8f35-11e8-b9e8-dcfe074bd614)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-14072, CVE-2018-14073 Description The scan detected that the host is missing the following update: Memory leak in different components (efe43d2b-8f35-11e8-b9e8-dcfe074bd614)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/efe43d2b-8f35-11e8-b9e8-dcfe074bd614.html

Affected packages: libsixel < 1.8.2,1

182739 - FreeBSD znc Multiple Vulnerabilities (c6d1a8a6-8a91-11e8-be4d-005056925db4)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-14055, CVE-2018-14056

Description The scan detected that the host is missing the following update: znc -- multiple vulnerabilities (c6d1a8a6-8a91-11e8-be4d-005056925db4)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/c6d1a8a6-8a91-11e8-be4d-005056925db4.html

Affected packages: znc < 1.7.1

182740 - FreeBSD jenkins Multiple Vulnerabilities (20a1881e-8a9e-11e8-bddf-d017c2ca229d)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1999001, CVE-2018-1999002, CVE-2018-1999003, CVE-2018-1999004, CVE-2018-1999005, CVE-2018-1999006, CVE-2018-1999007

Description The scan detected that the host is missing the following update: jenkins -- multiple vulnerabilities (20a1881e-8a9e-11e8-bddf-d017c2ca229d)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/20a1881e-8a9e-11e8-bddf-d017c2ca229d.html

Affected packages: jenkins < 2.133 jenkins-lts < 2.121.2

182741 - FreeBSD Gitlab Remote Code Execution Vulnerability In GitLab Projects Import (8fc615cc-8a66-11e8-8c75- d8cb8abf62dd)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-14364

Description The scan detected that the host is missing the following update: Gitlab -- Remote Code Execution Vulnerability in GitLab Projects Import (8fc615cc-8a66-11e8-8c75-d8cb8abf62dd)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/8fc615cc-8a66-11e8-8c75-d8cb8abf62dd.html

Affected packages: 11.0.0 <= gitlab-ce < 11.0.4 11.0.0 <= gitlab < 11.0.4 10.8.0 <= gitlab-ce < 10.8.6 10.8.0 <= gitlab < 10.8.6 8.9.0 <= gitlab-ce < 10.7.7 8.9.0 <= gitlab < 10.7.7

182742 - FreeBSD Apache httpd Multiple Vulnerabilities (8b1a50ab-8a8e-11e8-add2-b499baebfeaf)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1333, CVE-2018-8011

Description The scan detected that the host is missing the following update: Apache httpd -- multiple vulnerabilities (8b1a50ab-8a8e-11e8-add2-b499baebfeaf)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/8b1a50ab-8a8e-11e8-add2-b499baebfeaf.html

Affected packages: apache24 < 2.4.34

182743 - FreeBSD mutt/neomutt Multiple Vulnerabilities (fe12ef83-8b47-11e8-96cc-001a4a7ec6be)

Description The scan detected that the host is missing the following update: mutt/neomutt -- multiple vulnerabilities (fe12ef83-8b47-11e8-96cc-001a4a7ec6be) Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/fe12ef83-8b47-11e8-96cc-001a4a7ec6be.html

Affected packages: neomutt < 20180716 mutt < 1.10.1 mutt14 < *

186316 - Ubuntu Linux 14.04, 16.04, 18.04 USN-3722-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2018-0360, CVE-2018-0361

Description The scan detected that the host is missing the following update: USN-3722-1

Ubuntu 16.04 clamav_0.100.1+dfsg-1ubuntu0.16.04.1

Ubuntu 14.04 clamav_0.100.1+dfsg-1ubuntu0.14.04.1

Ubuntu 18.04 clamav_0.100.1+dfsg-1ubuntu0.18.04.1

186319 - Ubuntu Linux 14.04 USN-3721-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2018-10886

Description The scan detected that the host is missing the following update: USN-3721-1

193951 - Fedora Linux 27 FEDORA-2018-f38d1cb219 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1000622

Description The scan detected that the host is missing the following update: FEDORA-2018-f38d1cb219

Fedora Core 27 rust-1.27.1-2.fc27

193952 - Fedora Linux 28 FEDORA-2018-6abfa0012f Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-10860

Description The scan detected that the host is missing the following update: FEDORA-2018-6abfa0012f

Fedora Core 28 perl-Archive-Zip-1.60-3.fc28

193953 - Fedora Linux 28 FEDORA-2018-f8fd4c5798 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-0618

Description The scan detected that the host is missing the following update: FEDORA-2018-f8fd4c5798 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/7/?count=200&page=1

Fedora Core 28 mailman-2.1.26-4.fc28

193955 - Fedora Linux 28 FEDORA-2018-6243646704 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-10892

Description The scan detected that the host is missing the following update: FEDORA-2018-6243646704

Fedora Core 28 podman-0.7.2-2.git4ca4c5f.fc28

193956 - Fedora Linux 28 FEDORA-2018-a9fe5e183e Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2018-a9fe5e183e

Fedora Core 28 python-cryptography-vectors-2.3-1.fc28 python-cryptography-2.3-1.fc28

193959 - Fedora Linux 28 FEDORA-2018-61dbd4a787 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2018-61dbd4a787

Fedora Core 28 qutebrowser-1.4.1-1.fc28

193961 - Fedora Linux 27 FEDORA-2018-ebebe9abe2 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-10860

Description The scan detected that the host is missing the following update: FEDORA-2018-ebebe9abe2

Fedora Core 27 perl-Archive-Zip-1.59-6.fc27

193962 - Fedora Linux 28 FEDORA-2018-6f20801518 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2018-6f20801518

Fedora Core 28 gnome-bluetooth-3.28.1-1.fc28

193963 - Fedora Linux 28 FEDORA-2018-eb5ea0abaf Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-10900

Description The scan detected that the host is missing the following update: FEDORA-2018-eb5ea0abaf

Fedora Core 28

NetworkManager-vpnc-1.2.6-1.fc28

193964 - Fedora Linux 28 FEDORA-2018-499d74c768 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1000622

Description The scan detected that the host is missing the following update: FEDORA-2018-499d74c768

Fedora Core 28 rust-1.27.1-2.fc28

193966 - Fedora Linux 28 FEDORA-2018-327707371e Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-10861, CVE-2018-1128, CVE-2018-1129

Description The scan detected that the host is missing the following update: FEDORA-2018-327707371e

Fedora Core 28 ceph-12.2.6-1.fc28

193968 - Fedora Linux 27 FEDORA-2018-35325c9faf Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-10895

Description The scan detected that the host is missing the following update: FEDORA-2018-35325c9faf

Fedora Core 27 qutebrowser-1.4.1-1.fc27

193969 - Fedora Linux 28 FEDORA-2018-1434efb8f3 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-12422

Description The scan detected that the host is missing the following update: FEDORA-2018-1434efb8f3

Fedora Core 28 evolution-3.28.4-1.fc28 evolution-data-server-3.28.4-1.fc28 evolution-ews-3.28.4-1.fc28

196055 - Red Hat Enterprise Linux RHSA-2018-2224 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: RHSA-2018-2224

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-July/msg00024.html

RHEL6_7S i386 redhat-release-server-6Server-6.7.0.5.el6_7.1 x86_64 redhat-release-server-6Server-6.7.0.5.el6_7.1

146880 - SuSE Linux 15.0 openSUSE-SU-2018:2019-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2015-3243

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:2019-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-07/msg00053.html

SuSE Linux 15.0 x86_64 rsyslog-module-relp-8.33.1-lp150.2.3.2 rsyslog-module-omhttpfs-8.33.1-lp150.2.3.2 rsyslog-module-udpspoof-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-dbi-8.33.1-lp150.2.3.2 rsyslog-module-elasticsearch-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-udpspoof-8.33.1-lp150.2.3.2 rsyslog-module-mmnormalize-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-gtls-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-omamqp1-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-snmp-8.33.1-lp150.2.3.2 rsyslog-module-gssapi-8.33.1-lp150.2.3.2 rsyslog-module-mysql-8.33.1-lp150.2.3.2 rsyslog-module-omtcl-debuginfo-8.33.1-lp150.2.3.2 rsyslog-diag-tools-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-gcrypt-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-gssapi-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-dbi-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-gtls-8.33.1-lp150.2.3.2 rsyslog-module-omtcl-8.33.1-lp150.2.3.2 rsyslog-module-omhttpfs-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-elasticsearch-8.33.1-lp150.2.3.2 rsyslog-module-pgsql-debuginfo-8.33.1-lp150.2.3.2 rsyslog-diag-tools-8.33.1-lp150.2.3.2 rsyslog-module-mysql-debuginfo-8.33.1-lp150.2.3.2 rsyslog-8.33.1-lp150.2.3.2 rsyslog-module-omamqp1-8.33.1-lp150.2.3.2 rsyslog-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-relp-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-pgsql-8.33.1-lp150.2.3.2 rsyslog-doc-8.33.1-lp150.2.3.2 rsyslog-module-gcrypt-8.33.1-lp150.2.3.2 rsyslog-debugsource-8.33.1-lp150.2.3.2 rsyslog-module-mmnormalize-8.33.1-lp150.2.3.2 rsyslog-module-snmp-debuginfo-8.33.1-lp150.2.3.2 i586 rsyslog-module-relp-8.33.1-lp150.2.3.2 rsyslog-module-omhttpfs-8.33.1-lp150.2.3.2 rsyslog-module-udpspoof-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-dbi-8.33.1-lp150.2.3.2 rsyslog-module-elasticsearch-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-udpspoof-8.33.1-lp150.2.3.2 rsyslog-module-mmnormalize-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-gtls-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-omamqp1-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-snmp-8.33.1-lp150.2.3.2 rsyslog-module-gssapi-8.33.1-lp150.2.3.2 rsyslog-module-mysql-8.33.1-lp150.2.3.2 rsyslog-module-omtcl-debuginfo-8.33.1-lp150.2.3.2 rsyslog-diag-tools-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-gcrypt-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-gssapi-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-dbi-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-gtls-8.33.1-lp150.2.3.2 rsyslog-module-omtcl-8.33.1-lp150.2.3.2 rsyslog-module-omhttpfs-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-elasticsearch-8.33.1-lp150.2.3.2 rsyslog-module-pgsql-debuginfo-8.33.1-lp150.2.3.2 rsyslog-diag-tools-8.33.1-lp150.2.3.2 rsyslog-module-mysql-debuginfo-8.33.1-lp150.2.3.2 rsyslog-8.33.1-lp150.2.3.2 rsyslog-module-omamqp1-8.33.1-lp150.2.3.2 rsyslog-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-relp-debuginfo-8.33.1-lp150.2.3.2 rsyslog-module-pgsql-8.33.1-lp150.2.3.2 rsyslog-doc-8.33.1-lp150.2.3.2 rsyslog-module-gcrypt-8.33.1-lp150.2.3.2 rsyslog-debugsource-8.33.1-lp150.2.3.2 rsyslog-module-mmnormalize-8.33.1-lp150.2.3.2 rsyslog-module-snmp-debuginfo-8.33.1-lp150.2.3.2

146885 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:2038-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2015-3243

Description The scan detected that the host is missing the following update: SUSE-SU-2018:2038-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-July/004295.html

SuSE SLED 12 SP3 x86_64 rsyslog-8.24.0-3.3.1 rsyslog-debuginfo-8.24.0-3.3.1 rsyslog-debugsource-8.24.0-3.3.1

SuSE SLES 12 SP3 x86_64 rsyslog-module-gssapi-8.24.0-3.3.1 rsyslog-diag-tools-debuginfo-8.24.0-3.3.1 rsyslog-doc-8.24.0-3.3.1 rsyslog-module-mysql-8.24.0-3.3.1 rsyslog-module-gtls-debuginfo-8.24.0-3.3.1 rsyslog-module-gssapi-debuginfo-8.24.0-3.3.1 rsyslog-module-udpspoof-debuginfo-8.24.0-3.3.1 rsyslog-8.24.0-3.3.1 rsyslog-debugsource-8.24.0-3.3.1 rsyslog-module-mysql-debuginfo-8.24.0-3.3.1 rsyslog-debuginfo-8.24.0-3.3.1 rsyslog-module-pgsql-debuginfo-8.24.0-3.3.1 rsyslog-module-snmp-debuginfo-8.24.0-3.3.1 rsyslog-module-relp-debuginfo-8.24.0-3.3.1 rsyslog-module-udpspoof-8.24.0-3.3.1 rsyslog-module-snmp-8.24.0-3.3.1 rsyslog-module-gtls-8.24.0-3.3.1 rsyslog-module-relp-8.24.0-3.3.1 rsyslog-module-pgsql-8.24.0-3.3.1 rsyslog-diag-tools-8.24.0-3.3.1

ENHANCED CHECKS

The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 135211 - Oracle Solaris 11.3.34.4.0 Update Is Not Installed (CVE-2018-2926)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2018-2926