2019-JAN-04 FSL version 7.6.88
MCAFEE FOUNDSTONE FSL UPDATE
To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.
NEW CHECKS
24552 - (HPESBHF03906) HPE Intelligent Management Center Multiple Vulnerabilities
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-7114, CVE-2018-7115, CVE-2018-7116
Description Multiple vulnerabilities are present in some versions of HPE Intelligent Management Center.
Observation HPE Intelligent Management Center (iMC) is an enterprise-class network management platform.
Multiple vulnerabilities are present in some versions of HPE Intelligent Management Center. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause a denial of service, cause buffer overflow or execute arbitrary code on the target system.
147517 - SuSE Linux 15.0 openSUSE-SU-2018:4306-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-16873, CVE-2018-16874, CVE-2018-16875, CVE-2018-7187
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:4306-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2018-12/msg00154.html
SuSE Linux 15.0 i586 go-1.10.4-lp150.2.7.1 go-doc-1.10.4-lp150.2.7.1 noarch docker-runc-kubic-test-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 docker-kubic-bash-completion-18.06.1_ce-lp150.5.6.1 golang-packaging-15.0.11-lp150.2.3.1 containerd-kubic-test-1.1.2-lp150.4.3.1 containerd-test-1.1.2-lp150.4.3.1 docker-bash-completion-18.06.1_ce-lp150.5.6.1 docker-runc-test-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 docker-zsh-completion-18.06.1_ce-lp150.5.6.1 docker-kubic-zsh-completion-18.06.1_ce-lp150.5.6.1 x86_64 containerd-kubic-ctr-1.1.2-lp150.4.3.1 golang-github-docker-libnetwork-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 go-race-1.10.4-lp150.2.7.1 docker-test-debuginfo-18.06.1_ce-lp150.5.6.1 docker-libnetwork-kubic-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 docker-18.06.1_ce-lp150.5.6.1 docker-kubic-debugsource-18.06.1_ce-lp150.5.6.1 containerd-1.1.2-lp150.4.3.1 docker-libnetwork-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 docker-runc-kubic-debuginfo-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 docker-debugsource-18.06.1_ce-lp150.5.6.1 go-1.10.4-lp150.2.7.1 docker-libnetwork-debuginfo-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 docker-kubic-test-debuginfo-18.06.1_ce-lp150.5.6.1 go1.10-doc-1.10.7-lp150.2.1 docker-debuginfo-18.06.1_ce-lp150.5.6.1 docker-kubic-debuginfo-18.06.1_ce-lp150.5.6.1 docker-libnetwork-kubic-debuginfo-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 docker-kubic-18.06.1_ce-lp150.5.6.1 containerd-ctr-1.1.2-lp150.4.3.1 docker-test-18.06.1_ce-lp150.5.6.1 docker-runc-debuginfo-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 docker-kubic-test-18.06.1_ce-lp150.5.6.1 containerd-kubic-1.1.2-lp150.4.3.1 go1.10-1.10.7-lp150.2.1 go-doc-1.10.4-lp150.2.7.1 go1.10-race-1.10.7-lp150.2.1
24570 - Cisco Adaptive Security Appliance Software Privilege Escalation Vulnerability (cisco-sa-20181219-asa-privesc)
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-15465
Description A vulnerability is present in some versions of Cisco ASA devices.
Observation Cisco Adaptive Security Appliance is a word-class line of network security devices.
A vulnerability is present in some versions of Cisco ASA devices. The flaw is in authorization subsystem of Cisco ASA. Successful exploitation could allow a remote attacker to escalate privileges on the target system.
24540 - IBM DB2 Buffer Overflow Vulnerability (ibm10737295)
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-1897 Description A vulnerability is present in some versions of IBM DB2.
Observation IBM DB2 is a popular relational database management server.
A vulnerability is present in some versions of IBM DB2. The flaw lies in IBM Db2 db2pdcfg. Successful exploitation could allow a local attacker to escalate privileges and execute arbitrary code on the target system.
24561 - Mozilla Firefox Multiple Vulnerabilities Prior To 64
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-12405, CVE-2018-12406, CVE-2018-12407, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018- 18494, CVE-2018-18495, CVE-2018-18496, CVE-2018-18497, CVE-2018-18498
Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.
Observation Mozilla Firefox is a popular web browser.
Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system and cause a denial of service condition.
24562 - Mozilla Firefox Multiple Vulnerabilities Prior To 64
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-12405, CVE-2018-12406, CVE-2018-12407, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018- 18494, CVE-2018-18495, CVE-2018-18496, CVE-2018-18497, CVE-2018-18498
Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.
Observation Mozilla Firefox is a popular web browser.
Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system and cause a denial of service condition.
24563 - Mozilla Firefox ESR Vulnerabilities Prior To ESR 60.4
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-12405, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018-18494, CVE-2018-18498
Description Multiple Vulnerabilities are present in some versions of Mozilla Firefox ESR. Observation Mozilla Firefox ESR is a popular web browser.
Multiple Vulnerabilities are present in some versions of Mozilla Firefox ESR. The flaws lie in multiple components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system and cause a denial of service condition.
24564 - Mozilla Firefox ESR Vulnerabilities Prior To ESR 60.4
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-12405, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018-18494, CVE-2018-18498
Description Multiple Vulnerabilities are present in some versions of Mozilla Firefox ESR.
Observation Mozilla Firefox ESR is a popular web browser.
Multiple Vulnerabilities are present in some versions of Mozilla Firefox ESR. The flaws lie in multiple components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system and cause a denial of service condition.
24571 - WordPress Multiple Vulnerabilities Prior To 5.0.1
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-MAP-NOMATCH
Description Multiple vulnerabilities are present in some versions of WordPress.
Observation WordPress is a popular blog application.
Multiple vulnerabilities are present in some versions of WordPress. The flaws lie in multiple components. Successful exploitation could allow an attacker to lead to a cross-site scripting attacks, obtain sensitive information, or bypass certain security restrictions.
131264 - Debian Linux 9.0 DSA-4359-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2018-12086, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227, CVE-2018-19622, CVE-2018-19623, CVE-2018- 19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628
Description The scan detected that the host is missing the following update: DSA-4359-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4359 Debian 9.0 all wireshark_2.6.5-1~deb9u1
147506 - SuSE Linux 15.0 openSUSE-SU-2019:1-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-20184, CVE-2018-20189
Description The scan detected that the host is missing the following update: openSUSE-SU-2019:1-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2019-01/msg00000.html
SuSE Linux 15.0 x86_64 GraphicsMagick-devel-1.3.29-lp150.3.18.1 libGraphicsMagick3-config-1.3.29-lp150.3.18.1 libGraphicsMagick++-devel-1.3.29-lp150.3.18.1 GraphicsMagick-1.3.29-lp150.3.18.1 libGraphicsMagick-Q16-3-1.3.29-lp150.3.18.1 libGraphicsMagickWand-Q16-2-debuginfo-1.3.29-lp150.3.18.1 libGraphicsMagick++-Q16-12-debuginfo-1.3.29-lp150.3.18.1 libGraphicsMagick++-Q16-12-1.3.29-lp150.3.18.1 libGraphicsMagickWand-Q16-2-1.3.29-lp150.3.18.1 perl-GraphicsMagick-1.3.29-lp150.3.18.1 libGraphicsMagick-Q16-3-debuginfo-1.3.29-lp150.3.18.1 GraphicsMagick-debuginfo-1.3.29-lp150.3.18.1 GraphicsMagick-debugsource-1.3.29-lp150.3.18.1 perl-GraphicsMagick-debuginfo-1.3.29-lp150.3.18.1
147509 - SuSE Linux 42.3 openSUSE-SU-2018:4282-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-19788
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:4282-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2018-12/msg00137.html
SuSE Linux 42.3 i586 polkit-devel-0.113-14.6.1 typelib-1_0-Polkit-1_0-0.113-14.6.1 polkit-debuginfo-0.113-14.6.1 polkit-devel-debuginfo-0.113-14.6.1 polkit-debugsource-0.113-14.6.1 polkit-0.113-14.6.1 libpolkit0-debuginfo-0.113-14.6.1 libpolkit0-0.113-14.6.1 noarch polkit-doc-0.113-14.6.1 x86_64 polkit-devel-0.113-14.6.1 typelib-1_0-Polkit-1_0-0.113-14.6.1 libpolkit0-32bit-0.113-14.6.1 polkit-debuginfo-0.113-14.6.1 polkit-devel-debuginfo-0.113-14.6.1 polkit-debugsource-0.113-14.6.1 libpolkit0-debuginfo-32bit-0.113-14.6.1 polkit-0.113-14.6.1 libpolkit0-debuginfo-0.113-14.6.1 libpolkit0-0.113-14.6.1
147510 - SuSE Linux 42.3 openSUSE-SU-2018:4287-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-1160
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:4287-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2018-12/msg00141.html
SuSE Linux 42.3 x86_64 netatalk-debugsource-3.1.7-8.3.1 netatalk-debuginfo-3.1.7-8.3.1 netatalk-3.1.7-8.3.1 libatalk16-debuginfo-3.1.7-8.3.1 netatalk-devel-3.1.7-8.3.1 libatalk16-3.1.7-8.3.1 i586 netatalk-debugsource-3.1.7-8.3.1 netatalk-debuginfo-3.1.7-8.3.1 netatalk-3.1.7-8.3.1 libatalk16-debuginfo-3.1.7-8.3.1 netatalk-devel-3.1.7-8.3.1 libatalk16-3.1.7-8.3.1
147511 - SuSE SLES 12 SP3, 12 SP4 SUSE-SU-2018:4296-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-2775, CVE-2016-6893, CVE-2018-0618, CVE-2018-13796, CVE-2018-5950
Description The scan detected that the host is missing the following update: SUSE-SU-2018:4296-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-December/005005.html
SuSE SLES 12 SP3 x86_64 mailman-debuginfo-2.1.17-3.3.3 mailman-2.1.17-3.3.3 mailman-debugsource-2.1.17-3.3.3
SuSE SLES 12 SP4 x86_64 mailman-debuginfo-2.1.17-3.3.3 mailman-2.1.17-3.3.3 mailman-debugsource-2.1.17-3.3.3
147514 - SuSE Linux 15.0 openSUSE-SU-2018:4304-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-15468, CVE-2018-15469, CVE-2018-15470, CVE-2018-18883, CVE-2018-19961, CVE-2018-19962, CVE-2018- 19965, CVE-2018-19966, CVE-2018-3646
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:4304-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2018-12/msg00152.html
SuSE Linux 15.0 x86_64 xen-doc-html-4.10.2_04-lp150.2.12.1 xen-4.10.2_04-lp150.2.12.1 xen-tools-domU-debuginfo-4.10.2_04-lp150.2.12.1 xen-tools-domU-4.10.2_04-lp150.2.12.1 xen-libs-32bit-4.10.2_04-lp150.2.12.1 xen-libs-4.10.2_04-lp150.2.12.1 xen-tools-4.10.2_04-lp150.2.12.1 xen-libs-debuginfo-4.10.2_04-lp150.2.12.1 xen-devel-4.10.2_04-lp150.2.12.1 xen-libs-32bit-debuginfo-4.10.2_04-lp150.2.12.1 xen-tools-debuginfo-4.10.2_04-lp150.2.12.1 xen-debugsource-4.10.2_04-lp150.2.12.1 i586 xen-tools-domU-debuginfo-4.10.2_04-lp150.2.12.1 xen-tools-domU-4.10.2_04-lp150.2.12.1 xen-libs-4.10.2_04-lp150.2.12.1 xen-libs-debuginfo-4.10.2_04-lp150.2.12.1 xen-devel-4.10.2_04-lp150.2.12.1 xen-debugsource-4.10.2_04-lp150.2.12.1
147516 - SuSE Linux 42.3 openSUSE-SU-2018:4313-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-20184, CVE-2018-20189
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:4313-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2018-12/msg00148.html
SuSE Linux 42.3 x86_64 libGraphicsMagick++-Q16-12-debuginfo-1.3.25-120.1 libGraphicsMagickWand-Q16-2-1.3.25-120.1 GraphicsMagick-devel-1.3.25-120.1 libGraphicsMagick-Q16-3-1.3.25-120.1 perl-GraphicsMagick-debuginfo-1.3.25-120.1 libGraphicsMagick++-devel-1.3.25-120.1 GraphicsMagick-debugsource-1.3.25-120.1 perl-GraphicsMagick-1.3.25-120.1 libGraphicsMagick3-config-1.3.25-120.1 libGraphicsMagick++-Q16-12-1.3.25-120.1 GraphicsMagick-debuginfo-1.3.25-120.1 libGraphicsMagick-Q16-3-debuginfo-1.3.25-120.1 libGraphicsMagickWand-Q16-2-debuginfo-1.3.25-120.1 GraphicsMagick-1.3.25-120.1 i586 libGraphicsMagick++-Q16-12-debuginfo-1.3.25-120.1 libGraphicsMagickWand-Q16-2-1.3.25-120.1 GraphicsMagick-devel-1.3.25-120.1 libGraphicsMagick-Q16-3-1.3.25-120.1 perl-GraphicsMagick-debuginfo-1.3.25-120.1 libGraphicsMagick++-devel-1.3.25-120.1 GraphicsMagick-debugsource-1.3.25-120.1 perl-GraphicsMagick-1.3.25-120.1 libGraphicsMagick3-config-1.3.25-120.1 libGraphicsMagick++-Q16-12-1.3.25-120.1 GraphicsMagick-debuginfo-1.3.25-120.1 libGraphicsMagick-Q16-3-debuginfo-1.3.25-120.1 libGraphicsMagickWand-Q16-2-debuginfo-1.3.25-120.1 GraphicsMagick-1.3.25-120.1 24574 - IBM AIX Itds Multiple Vulnerabilities (itds_advisory2)
Category: SSH Module -> NonIntrusive -> AIX Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0702, CVE-2018-1388, CVE-2018-1426, CVE-2018-1427, CVE-2018-1447
Description Multiple vulnerabilities are present in some versions of IBM AIX.
Observation IBM AIX is a Unix-like operating system.
Multiple vulnerabilities are present in some versions of IBM AIX. The flaws lie in IBM Tivoli Directory Server and IBM Security Directory Server. Successful exploitation could allow an attacker to obtain sensitive information, cause a denial of service condition.
24578 - IBM WebSphere Application Server Liberty Cross-Site Scripting Vulnerability (ibm10729547)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1767
Description A vulnerability is present in some versions of IBM WebSphere Application Server Liberty.
Observation IBM WebSphere Application Server Liberty is a server engine for Java EE Web applications.
A vulnerability is present in some versions of IBM WebSphere Application Server Liberty. The flaw lies in CacheMonitor component. Successful exploitation could allow a remote attacker to conduct cross site scripting attacks and or disclose sensitive information on the target system.
147507 - SuSE Linux 42.3 openSUSE-SU-2018:4299-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-5804, CVE-2018-5805, CVE-2018-5806, CVE-2018-5808, CVE-2018-5816
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:4299-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2018-12/msg00144.html
SuSE Linux 42.3 x86_64 libraw15-debuginfo-0.17.1-26.1 libraw-devel-0.17.1-26.1 libraw-tools-debuginfo-0.17.1-26.1 libraw-tools-0.17.1-26.1 libraw-devel-static-0.17.1-26.1 libraw-debugsource-0.17.1-26.1 libraw15-0.17.1-26.1 i586 libraw15-debuginfo-0.17.1-26.1 libraw-devel-0.17.1-26.1 libraw-tools-debuginfo-0.17.1-26.1 libraw-tools-0.17.1-26.1 libraw-devel-static-0.17.1-26.1 libraw-debugsource-0.17.1-26.1 libraw15-0.17.1-26.1
194628 - Fedora Linux 28 FEDORA-2018-93a16d053f Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-7441, CVE-2018-7442
Description The scan detected that the host is missing the following update: FEDORA-2018-93a16d053f
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=2
Fedora Core 28 leptonica-1.77.0-1.fc28 mingw-leptonica-1.77.0-1.fc28
194630 - Fedora Linux 29 FEDORA-2018-4db33b3753 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-7441, CVE-2018-7442
Description The scan detected that the host is missing the following update: FEDORA-2018-4db33b3753
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=1
Fedora Core 29 leptonica-1.77.0-1.fc29 mingw-leptonica-1.77.0-1.fc29 194632 - Fedora Linux 28 FEDORA-2018-ea05fcd378 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-11099, CVE-2018-11129, CVE-2018-11130
Description The scan detected that the host is missing the following update: FEDORA-2018-ea05fcd378
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=1
Fedora Core 28 vcftools-0.1.16-1.fc28
194633 - Fedora Linux 28 FEDORA-2018-e69d2aaa60 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-12895
Description The scan detected that the host is missing the following update: FEDORA-2018-e69d2aaa60
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=1
Fedora Core 28 wordpress-5.0.2-1.fc28
24567 - (SB10260) McAfee Agent Multiple Vulnerabilities
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2018-6705, CVE-2018-6706, CVE-2018-6707
Description Multiple vulnerabilities are present in some versions of McAfee Agent.
Observation McAfee Agent is client software used to communicate with McAfee ePolicy Orchestrator.
Multiple vulnerabilities are present in some versions of McAfee Agent. The flaws lie in multiple components. Successful exploitation could allow a local attacker to perform arbitrary command execution, cause a denial of service condition or unexpected behavior. 131265 - Debian Linux 9.0 DSA-4360-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-10209, CVE-2016-10349, CVE-2016-10350, CVE-2017-14166, CVE-2017-14501, CVE-2017-14502, CVE-2017- 14503, CVE-2018-1000877, CVE-2018-1000878, CVE-2018-1000880
Description The scan detected that the host is missing the following update: DSA-4360-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4360
Debian 9.0 all libarchive-tools_3.2.2-2+deb9u1 bsdtar_3.2.2-2+deb9u1 bsdcpio_3.2.2-2+deb9u1 libarchive-dev_3.2.2-2+deb9u1 libarchive13_3.2.2-2+deb9u1
131266 - Debian Linux 9.0 DSA-4358-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-3740
Description The scan detected that the host is missing the following update: DSA-4358-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4358
Debian 9.0 all ruby-sanitize_2.1.0-2+deb9u1
147512 - SuSE SLES 11 SP4 SUSE-SU-2018:4274-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-8610, CVE-2018-0734, CVE-2018-5407
Description The scan detected that the host is missing the following update: SUSE-SU-2018:4274-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-December/005002.html
SuSE SLES 11 SP4 i586 libopenssl0_9_8-hmac-0.9.8j-0.106.18.1 openssl-doc-0.9.8j-0.106.18.1 libopenssl0_9_8-0.9.8j-0.106.18.1 openssl-0.9.8j-0.106.18.1 x86_64 openssl-doc-0.9.8j-0.106.18.1 libopenssl0_9_8-32bit-0.9.8j-0.106.18.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.18.1 openssl-0.9.8j-0.106.18.1 libopenssl0_9_8-0.9.8j-0.106.18.1 libopenssl0_9_8-hmac-0.9.8j-0.106.18.1
178696 - Gentoo Linux GLSA-201812-11 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: GLSA-201812-11
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201812-11
Affected packages: dev-lang/rust < 1.29.1 dev-lang/rust-bin < 1.29.1
178697 - Gentoo Linux GLSA-201812-10 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: GLSA-201812-10
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201812-10
Affected packages: x11-libs/gksu <= 2.0.2
194631 - Fedora Linux 28 FEDORA-2018-31c2a0b2ea Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-16737, CVE-2018-16738, CVE-2018-16758
Description The scan detected that the host is missing the following update: FEDORA-2018-31c2a0b2ea
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=2
Fedora Core 28 tinc-1.0.35-1.fc28
194639 - Fedora Linux 29 FEDORA-2018-afae5e8438 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-16737, CVE-2018-16738, CVE-2018-16758
Description The scan detected that the host is missing the following update: FEDORA-2018-afae5e8438
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=2
Fedora Core 29 tinc-1.0.35-1.fc29
147513 - SuSE Linux 15.0 openSUSE-SU-2018:4307-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:4307-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2018-12/msg00155.html
SuSE Linux 15.0 x86_64 wireshark-debugsource-2.4.11-lp150.2.16.1 wireshark-devel-2.4.11-lp150.2.16.1 libwireshark9-2.4.11-lp150.2.16.1 libwiretap7-debuginfo-2.4.11-lp150.2.16.1 wireshark-ui-qt-2.4.11-lp150.2.16.1 wireshark-ui-qt-debuginfo-2.4.11-lp150.2.16.1 libwireshark9-debuginfo-2.4.11-lp150.2.16.1 libwsutil8-debuginfo-2.4.11-lp150.2.16.1 libwscodecs1-2.4.11-lp150.2.16.1 libwscodecs1-debuginfo-2.4.11-lp150.2.16.1 libwsutil8-2.4.11-lp150.2.16.1 libwiretap7-2.4.11-lp150.2.16.1 wireshark-debuginfo-2.4.11-lp150.2.16.1 wireshark-2.4.11-lp150.2.16.1 i586 wireshark-debugsource-2.4.11-lp150.2.16.1 wireshark-devel-2.4.11-lp150.2.16.1 libwireshark9-2.4.11-lp150.2.16.1 libwiretap7-debuginfo-2.4.11-lp150.2.16.1 wireshark-ui-qt-2.4.11-lp150.2.16.1 wireshark-ui-qt-debuginfo-2.4.11-lp150.2.16.1 libwireshark9-debuginfo-2.4.11-lp150.2.16.1 libwsutil8-debuginfo-2.4.11-lp150.2.16.1 libwscodecs1-2.4.11-lp150.2.16.1 libwscodecs1-debuginfo-2.4.11-lp150.2.16.1 libwsutil8-2.4.11-lp150.2.16.1 libwiretap7-2.4.11-lp150.2.16.1 wireshark-debuginfo-2.4.11-lp150.2.16.1 wireshark-2.4.11-lp150.2.16.1
147515 - SuSE SLES 12 SP3, 12 SP4, SLED 12 SP3, 12 SP4 SUSE-SU-2018:4298-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627
Description The scan detected that the host is missing the following update: SUSE-SU-2018:4298-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-December/005007.html SuSE SLED 12 SP3 x86_64 wireshark-gtk-2.4.11-48.35.1 libwiretap7-debuginfo-2.4.11-48.35.1 libwireshark9-2.4.11-48.35.1 libwscodecs1-debuginfo-2.4.11-48.35.1 libwiretap7-2.4.11-48.35.1 libwsutil8-debuginfo-2.4.11-48.35.1 wireshark-debugsource-2.4.11-48.35.1 libwsutil8-2.4.11-48.35.1 wireshark-debuginfo-2.4.11-48.35.1 wireshark-gtk-debuginfo-2.4.11-48.35.1 libwireshark9-debuginfo-2.4.11-48.35.1 wireshark-2.4.11-48.35.1 libwscodecs1-2.4.11-48.35.1
SuSE SLED 12 SP4 x86_64 wireshark-gtk-2.4.11-48.35.1 libwiretap7-debuginfo-2.4.11-48.35.1 libwireshark9-2.4.11-48.35.1 libwscodecs1-debuginfo-2.4.11-48.35.1 libwiretap7-2.4.11-48.35.1 libwsutil8-debuginfo-2.4.11-48.35.1 wireshark-debugsource-2.4.11-48.35.1 libwsutil8-2.4.11-48.35.1 wireshark-debuginfo-2.4.11-48.35.1 wireshark-gtk-debuginfo-2.4.11-48.35.1 libwireshark9-debuginfo-2.4.11-48.35.1 wireshark-2.4.11-48.35.1 libwscodecs1-2.4.11-48.35.1
SuSE SLES 12 SP4 x86_64 wireshark-gtk-2.4.11-48.35.1 libwiretap7-debuginfo-2.4.11-48.35.1 libwireshark9-2.4.11-48.35.1 libwscodecs1-debuginfo-2.4.11-48.35.1 libwiretap7-2.4.11-48.35.1 libwsutil8-debuginfo-2.4.11-48.35.1 wireshark-debugsource-2.4.11-48.35.1 libwsutil8-2.4.11-48.35.1 wireshark-debuginfo-2.4.11-48.35.1 wireshark-gtk-debuginfo-2.4.11-48.35.1 libwireshark9-debuginfo-2.4.11-48.35.1 wireshark-2.4.11-48.35.1 libwscodecs1-2.4.11-48.35.1
SuSE SLES 12 SP3 x86_64 wireshark-gtk-2.4.11-48.35.1 libwiretap7-debuginfo-2.4.11-48.35.1 libwireshark9-2.4.11-48.35.1 libwscodecs1-debuginfo-2.4.11-48.35.1 libwiretap7-2.4.11-48.35.1 libwsutil8-debuginfo-2.4.11-48.35.1 wireshark-debugsource-2.4.11-48.35.1 libwsutil8-2.4.11-48.35.1 wireshark-debuginfo-2.4.11-48.35.1 wireshark-gtk-debuginfo-2.4.11-48.35.1 libwireshark9-debuginfo-2.4.11-48.35.1 wireshark-2.4.11-48.35.1 libwscodecs1-2.4.11-48.35.1
194625 - Fedora Linux 29 FEDORA-2018-679f8aba03 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-16646, CVE-2018-18897, CVE-2018-19058, CVE-2018-19059, CVE-2018-19060, CVE-2018-19149
Description The scan detected that the host is missing the following update: FEDORA-2018-679f8aba03
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=1
Fedora Core 29 mingw-poppler-0.67.0-2.fc29
194636 - Fedora Linux 28 FEDORA-2018-12b934e224 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-18267, CVE-2018-13988, CVE-2018-16646, CVE-2018-18897, CVE-2018-19058, CVE-2018-19059, CVE-2018- 19060, CVE-2018-19149
Description The scan detected that the host is missing the following update: FEDORA-2018-12b934e224
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=1
Fedora Core 28 mingw-poppler-0.62.0-2.fc28
194638 - Fedora Linux 28 FEDORA-2018-200c84e08a Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-18088, CVE-2018-5785, CVE-2018-6616
Description The scan detected that the host is missing the following update: FEDORA-2018-200c84e08a Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=1
Fedora Core 28 mingw-openjpeg2-2.3.0-6.fc28 openjpeg2-2.3.0-10.fc28
24611 - (APSB19-02) Multiple vulnerabilities In Adobe Acrobat and Reader
Category: Windows Host Assessment -> Adobe Patches Only (CATEGORY REQUIRES CREDENTIALS) Risk Level: Low CVE: CVE-2018-16011, CVE-2018-16018
Description Multiple vulnerabilities are present in some versions of Adobe Reader and Acrobat.
Observation Adobe Reader and Acrobat are popular applications used to handle PDF files.
Multiple vulnerabilities are present in some versions of Adobe Reader and Acrobat. The flaws lie in undetermined components. Successful exploitation could allow an attacker to obtain sensitive information, execute arbitrary code or obtain elevated privileges.
The update provided by Adobe bulletin APSB19-02 resolves these issues.
131267 - Debian Linux 9.0 DSA-4361-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-20430, CVE-2018-20431
Description The scan detected that the host is missing the following update: DSA-4361-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4361
Debian 9.0 all libextractor3_1:1.3-4+deb9u3 libextractor-dev_1:1.3-4+deb9u3 extract_1:1.3-4+deb9u3 libextractor-dbg_1:1.3-4+deb9u3
182876 - FreeBSD gitea Privilege Escalation, XSS (29d34524-0542-11e9-a444-080027fee39c) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: gitea -- privilege escalation, XSS (29d34524-0542-11e9-a444-080027fee39c)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/29d34524-0542-11e9-a444-080027fee39c.html
Affected packages: gitea < 1.6.2
182877 - FreeBSD rpm4 Regression In -setperms, -setugids And -restore (f8fe2905-0918-11e9-a550-00262d164c21)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: rpm4 -- regression in -setperms, -setugids and -restore (f8fe2905-0918-11e9-a550-00262d164c21)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/f8fe2905-0918-11e9-a550-00262d164c21.html
Affected packages: rpm4 < 4.14.2.1
194622 - Fedora Linux 29 FEDORA-2018-1bd545ef39 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-20167
Description The scan detected that the host is missing the following update: FEDORA-2018-1bd545ef39
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2019/1/?count=200&page=1
Fedora Core 29 terminology-1.3.2-1.fc29
194623 - Fedora Linux 28 FEDORA-2018-27f957ae8e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-20167
Description The scan detected that the host is missing the following update: FEDORA-2018-27f957ae8e
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2019/1/?count=200&page=1
Fedora Core 28 terminology-1.3.2-1.fc28
194624 - Fedora Linux 29 FEDORA-2018-b4f6179eae Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2018-b4f6179eae
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=1
Fedora Core 29 php-pear-1.10.7-2.fc29
194626 - Fedora Linux 28 FEDORA-2018-e2e8a07a01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-4437
Description The scan detected that the host is missing the following update: FEDORA-2018-e2e8a07a01
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=2
Fedora Core 28 webkit2gtk3-2.22.5-1.fc28
194627 - Fedora Linux 28 FEDORA-2018-50e3877b63 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2018-50e3877b63
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=1
Fedora Core 28 php-pear-1.10.7-2.fc28
194629 - Fedora Linux 29 FEDORA-2018-f80b495582 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-20145
Description The scan detected that the host is missing the following update: FEDORA-2018-f80b495582
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=2
Fedora Core 29 mosquitto-1.5.5-1.fc29
194634 - Fedora Linux 29 FEDORA-2018-801432b551 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-20337, CVE-2018-20363, CVE-2018-20364, CVE-2018-20365 Description The scan detected that the host is missing the following update: FEDORA-2018-801432b551
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=1
Fedora Core 29
LibRaw-0.19.2-1.fc29
194635 - Fedora Linux 28 FEDORA-2018-5acdf115df Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-20145
Description The scan detected that the host is missing the following update: FEDORA-2018-5acdf115df
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=2
Fedora Core 28 mosquitto-1.5.5-1.fc28
194637 - Fedora Linux 29 FEDORA-2018-25b3204dc8 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2018-25b3204dc8
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=1
Fedora Core 29 wordpress-5.0.2-1.fc29 194640 - Fedora Linux 28 FEDORA-2018-5f91fbf4fd Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2018-5f91fbf4fd
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=2
Fedora Core 28 sqlite-3.22.0-5.fc28
194641 - Fedora Linux 28 FEDORA-2018-f7d9989c42 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-16869
Description The scan detected that the host is missing the following update: FEDORA-2018-f7d9989c42
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=2
Fedora Core 28 nettle-3.4.1-1.fc28
194642 - Fedora Linux 29 FEDORA-2018-7d6590724e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2018-7d6590724e
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/12/?count=200&page=1
Fedora Core 29 electron-cash-3.3.4-1.fc29
147508 - SuSE Linux 15.0 openSUSE-SU-2018:4283-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-0495, CVE-2018-12384, CVE-2018-12404
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:4283-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2018-12/msg00138.html
SuSE Linux 15.0 x86_64 mozilla-nss-32bit-3.40.1-lp150.2.10.2 mozilla-nspr-debugsource-4.20-lp150.2.3.1 mozilla-nss-debuginfo-3.40.1-lp150.2.10.2 mozilla-nss-certs-3.40.1-lp150.2.10.2 mozilla-nspr-4.20-lp150.2.3.1 mozilla-nss-certs-32bit-3.40.1-lp150.2.10.2 mozilla-nss-32bit-debuginfo-3.40.1-lp150.2.10.2 mozilla-nss-tools-3.40.1-lp150.2.10.2 mozilla-nss-devel-3.40.1-lp150.2.10.2 mozilla-nss-debugsource-3.40.1-lp150.2.10.2 mozilla-nspr-debuginfo-4.20-lp150.2.3.1 libsoftokn3-3.40.1-lp150.2.10.2 mozilla-nss-sysinit-3.40.1-lp150.2.10.2 mozilla-nss-certs-debuginfo-3.40.1-lp150.2.10.2 mozilla-nspr-devel-4.20-lp150.2.3.1 mozilla-nspr-32bit-4.20-lp150.2.3.1 mozilla-nss-certs-32bit-debuginfo-3.40.1-lp150.2.10.2 mozilla-nss-sysinit-32bit-debuginfo-3.40.1-lp150.2.10.2 libfreebl3-3.40.1-lp150.2.10.2 mozilla-nspr-32bit-debuginfo-4.20-lp150.2.3.1 libsoftokn3-debuginfo-3.40.1-lp150.2.10.2 libfreebl3-32bit-debuginfo-3.40.1-lp150.2.10.2 mozilla-nss-sysinit-32bit-3.40.1-lp150.2.10.2 libsoftokn3-32bit-debuginfo-3.40.1-lp150.2.10.2 mozilla-nss-sysinit-debuginfo-3.40.1-lp150.2.10.2 mozilla-nss-tools-debuginfo-3.40.1-lp150.2.10.2 libsoftokn3-32bit-3.40.1-lp150.2.10.2 mozilla-nss-3.40.1-lp150.2.10.2 libfreebl3-32bit-3.40.1-lp150.2.10.2 libfreebl3-debuginfo-3.40.1-lp150.2.10.2 i586 libfreebl3-3.40.1-lp150.2.10.2 mozilla-nss-sysinit-3.40.1-lp150.2.10.2 mozilla-nspr-debuginfo-4.20-lp150.2.3.1 libsoftokn3-3.40.1-lp150.2.10.2 mozilla-nss-tools-debuginfo-3.40.1-lp150.2.10.2 mozilla-nss-debuginfo-3.40.1-lp150.2.10.2 mozilla-nspr-debugsource-4.20-lp150.2.3.1 mozilla-nss-certs-3.40.1-lp150.2.10.2 libsoftokn3-debuginfo-3.40.1-lp150.2.10.2 mozilla-nss-sysinit-debuginfo-3.40.1-lp150.2.10.2 mozilla-nss-3.40.1-lp150.2.10.2 mozilla-nspr-4.20-lp150.2.3.1 mozilla-nss-devel-3.40.1-lp150.2.10.2 mozilla-nss-certs-debuginfo-3.40.1-lp150.2.10.2 mozilla-nspr-devel-4.20-lp150.2.3.1 libfreebl3-debuginfo-3.40.1-lp150.2.10.2 mozilla-nss-tools-3.40.1-lp150.2.10.2 mozilla-nss-debugsource-3.40.1-lp150.2.10.2
ENHANCED CHECKS
The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 182841 - FreeBSD Flash Player Arbitrary Code Execution (8f128c72-ecf9-11e8-aa00-6451062f0f7a)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2018-15981
Update Details Risk is updated
196190 - Red Hat Enterprise Linux RHSA-2018-3644 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-15981
Update Details Risk is updated
24556 - Microsoft Office 365 ProPlus and Office 2019 Dec 2018 Updates
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8587, CVE-2018-8597, CVE-2018-8598, CVE-2018-8627, CVE-2018-8628, CVE-2018-8636
Update Details Risk is updated
147420 - SuSE Linux 15.0 openSUSE-SU-2018:4043-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-17953
Update Details Risk is updated
131255 - Debian Linux 9.0 DSA-4347-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2018-18311, CVE-2018-18312, CVE-2018-18313, CVE-2018-18314
Update Details Risk is updated
147218 - SuSE SLED 12 SP3 SUSE-SU-2018:3343-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-5800, CVE-2018-5801, CVE-2018-5802, CVE-2018-5810, CVE-2018-5813
Update Details Risk is updated
182827 - FreeBSD Gitlab Multiple Vulnerabilities (b9591212-dba7-11e8-9416-001b217b3468)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2018-18640, CVE-2018-18641, CVE-2018-18642, CVE-2018-18643, CVE-2018-18644, CVE-2018-18645, CVE-2018- 18646, CVE-2018-18647, CVE-2018-18648, CVE-2018-18649
Update Details Risk is updated
186503 - Ubuntu Linux 14.04, 16.04, 18.04, 18.10 USN-3834-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2018-18311, CVE-2018-18312, CVE-2018-18313, CVE-2018-18314
Update Details Risk is updated
186505 - Ubuntu Linux 14.04, 16.04, 18.04 USN-3838-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2018-5807, CVE-2018-5810, CVE-2018-5811, CVE-2018-5812, CVE-2018-5813, CVE-2018-5815, CVE-2018-5816
Update Details Risk is updated 194021 - Fedora Linux 28 FEDORA-2018-f37cbaafdf Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-5815, CVE-2018-5816
Update Details Risk is updated
194051 - Fedora Linux 27 FEDORA-2018-baa8315daa Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-5815, CVE-2018-5816
Update Details Risk is updated
194531 - Fedora Linux 29 FEDORA-2018-f467c36c2b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-19486
Update Details Risk is updated
194544 - Fedora Linux 29 FEDORA-2018-9dbe983805 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-18311, CVE-2018-18312, CVE-2018-18313, CVE-2018-18314
Update Details Risk is updated
24490 - INVT Electric VT-Designer Multiple Vulnerabilities (ICSA-18-333-01)
Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-18983, CVE-2018-18987
Update Details Risk is updated
146483 - SuSE Linux 42.3 openSUSE-SU-2018:0731-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-5800, CVE-2018-5801, CVE-2018-5802 Update Details Risk is updated
147467 - SuSE Linux 15.0, 42.3 openSUSE-SU-2018:4124-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-19968, CVE-2018-19969, CVE-2018-19970
Update Details Risk is updated
163730 - Oracle Enterprise Linux ELSA-2018-3065 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-5800, CVE-2018-5801, CVE-2018-5802, CVE-2018-5805, CVE-2018-5806
Update Details Risk is updated
175476 - Scientific Linux Security ERRATA Moderate: libkdcraw on SL7.x x86_64 (1811-6180)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2018-5800, CVE-2018-5801, CVE-2018-5802, CVE-2018-5805, CVE-2018-5806
Update Details Risk is updated
182608 - FreeBSD libraw Multiple DoS Vulnerabilities (c60804f1-126f-11e8-8b5b-4ccc6adda413)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-16909, CVE-2017-16910
Update Details Risk is updated
182609 - FreeBSD libraw Multiple DoS Vulnerabilities (6f0b0cbf-1274-11e8-8b5b-4ccc6adda413)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-5800, CVE-2018-5801, CVE-2018-5802
Update Details Risk is updated
186152 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3615-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-16909, CVE-2017-16910, CVE-2018-5800, CVE-2018-5801, CVE-2018-5802
Update Details Risk is updated
196128 - Red Hat Enterprise Linux RHSA-2018-3065 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-5800, CVE-2018-5801, CVE-2018-5802, CVE-2018-5805, CVE-2018-5806
Update Details Risk is updated
24508 - Wireshark Multiple Vulnerabilities Prior To 2.6.5
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018- 19628
Update Details Risk is updated
147213 - SuSE SLES 11 SP4 SUSE-SU-2018:3156-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647
Update Details Risk is updated
147417 - SuSE Linux 15.0 openSUSE-SU-2018:4041-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-16476
Update Details Risk is updated
147446 - SuSE Linux 15.0 openSUSE-SU-2018:4156-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10851, CVE-2018-14626
Update Details Risk is updated
147451 - SuSE Linux 15.0 openSUSE-SU-2018:4152-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10851, CVE-2018-14626, CVE-2018-14644, CVE-2018-16855
Update Details Risk is updated
147461 - SuSE Linux 15.0 openSUSE-SU-2018:4174-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-15750, CVE-2018-15751
Update Details Risk is updated
147476 - SuSE Linux 42.3 openSUSE-SU-2018:4151-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10851, CVE-2018-14626, CVE-2018-14644
Update Details Risk is updated
147502 - SuSE Linux 42.3 openSUSE-SU-2018:4197-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-15750, CVE-2018-15751
Update Details Risk is updated
182798 - FreeBSD asterisk Remote Crash Vulnerability In HTTP Websocket Upgrade (77f67b46-bd75-11e8-81b6- 001999f8d30b)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-17281
Update Details Risk is updated
182811 - FreeBSD tinc Buffer Overflow (a4eb38ea-cc06-11e8-ada4-408d5cf35399)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-16737, CVE-2018-16738, CVE-2018-16758
Update Details Risk is updated
182828 - FreeBSD salt Multiple Vulnerabilities (4f7c6af3-6a2c-4ead-8453-04e509688d45)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-15750, CVE-2018-15751
Update Details Risk is updated
182839 - FreeBSD Flash Player Information Disclosure (b69292e8-e798-11e8-ae07-6451062f0f7a)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-15978
Update Details Risk is updated
182843 - FreeBSD powerdns Multiple Vulnerabilities (0aee2f13-ec1d-11e8-8c92-6805ca2fa271)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10851, CVE-2018-14626
Update Details Risk is updated
182845 - FreeBSD powerdns-recursor Multiple Vulnerabilities (e9aa0e4c-ea8b-11e8-a5b7-00e04c1ea73d)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10851, CVE-2018-14626, CVE-2018-14644
Update Details Risk is updated
182852 - FreeBSD Rails Active Job Vulnerability (f96044a2-7df9-414b-9f6b-6e5b85d06c86)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-16476
Update Details Risk is updated 182860 - FreeBSD powerdns-recursor Crafted Query Can Cause A Denial Of Service (f6d6308a-f2ec-11e8-b005- 6805ca2fa271)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-16855
Update Details Risk is updated
194333 - Fedora Linux 28 FEDORA-2018-9a6af7815a Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-12543
Update Details Risk is updated
194347 - Fedora Linux 29 FEDORA-2018-ff1fdf28aa Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-12543
Update Details Risk is updated
194348 - Fedora Linux 29 FEDORA-2018-ac14dbf3fd Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647
Update Details Risk is updated
194349 - Fedora Linux 29 FEDORA-2018-71fd5db181 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647
Update Details Risk is updated
194351 - Fedora Linux 29 FEDORA-2018-9860917db0 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647 Update Details Risk is updated
194353 - Fedora Linux 28 FEDORA-2018-7689556ab2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647
Update Details Risk is updated
194356 - Fedora Linux 28 FEDORA-2018-d3b53d81e6 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647
Update Details Risk is updated
194374 - Fedora Linux 29 FEDORA-2018-ee97fc9e81 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647
Update Details Risk is updated
194420 - Fedora Linux 28 FEDORA-2018-bbbd8cc3a6 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647
Update Details Risk is updated
194421 - Fedora Linux 28 FEDORA-2018-49d6e4bc3f Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647
Update Details Risk is updated
194460 - Fedora Linux 28 FEDORA-2018-2ff7cdbb7b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10851, CVE-2018-14626
Update Details Risk is updated
194462 - Fedora Linux 29 FEDORA-2018-85fc964de8 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10851, CVE-2018-14626
Update Details Risk is updated
194540 - Fedora Linux 28 FEDORA-2018-5ed8fb9efa Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647
Update Details Risk is updated
194558 - Fedora Linux 29 FEDORA-2018-4544e8dbc8 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647
Update Details Risk is updated
194564 - Fedora Linux 29 FEDORA-2018-937e8a39c4 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14647
Update Details Risk is updated
194581 - Fedora Linux 29 FEDORA-2018-7ebfe1e6f2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-19518, CVE-2018-19935
Update Details Risk is updated 194585 - Fedora Linux 28 FEDORA-2018-c341b70641 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10851, CVE-2018-14626, CVE-2018-14644, CVE-2018-16855
Update Details Risk is updated
194587 - Fedora Linux 28 FEDORA-2018-dfe1f0bac6 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-19518, CVE-2018-19935
Update Details Risk is updated
194598 - Fedora Linux 29 FEDORA-2018-e14840a7f5 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-10851, CVE-2018-14626, CVE-2018-14644, CVE-2018-16855
Update Details Risk is updated
196191 - Red Hat Enterprise Linux RHSA-2018-3618 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-15978
Update Details Risk is updated
24509 - Wireshark Multiple Vulnerabilities Prior To 2.4.11
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627
Update Details Risk is updated
131219 - Debian Linux 9.0 DSA-4312-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-16738, CVE-2018-16758 Update Details Risk is updated
147346 - SuSE Linux 15.0 openSUSE-SU-2018:3798-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-11797
Update Details Risk is updated
147452 - SuSE Linux 15.0 openSUSE-SU-2018:4144-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-19519
Update Details Risk is updated
147469 - SuSE SLES 12 SP3, 12 SP4, SLED 12 SP3, 12 SP4 SUSE-SU-2018:4149-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-19519
Update Details Risk is updated
182813 - FreeBSD Gitlab Multiple Vulnerabilities (23413442-c8ea-11e8-b35c-001b217b3468)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-17939, CVE-2018-17975, CVE-2018-17976
Update Details Risk is updated
193085 - Fedora Linux 26 FEDORA-2017-e68e87955b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-16910
Update Details Risk is updated
193891 - Fedora Linux 28 FEDORA-2018-866bd0e3c2 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-5801
Update Details Risk is updated
193990 - Fedora Linux 27 FEDORA-2018-ae1ced8fb6 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-5801
Update Details Risk is updated
194524 - Fedora Linux 29 FEDORA-2018-9f375c6c01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14663
Update Details Risk is updated
194526 - Fedora Linux 28 FEDORA-2018-ef486b9e50 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-14663
Update Details Risk is updated
194618 - Fedora Linux 29 FEDORA-2018-4be0428ab2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-19787
Update Details Risk is updated
70074 - mcafee.fasl3.inc
Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH
Update Details FASLScript is updated HOW TO UPDATE
FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.
FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.
MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.
MCAFEE TECHNICAL SUPPORT
ServicePortal: https://mysupport.mcafee.com Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.
Copyright 2019 McAfee, Inc. McAfee is a registered trademark of McAfee, Inc. and/or its affiliates