DOCSLIB.ORG

Mcafee Foundstone Fsl Update

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Mcafee Foundstone Fsl Update 2020-JUL-30 FSL version 7.6.168 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 26730 - WebSphere Application Server Remote Code Execution Vulnerability (CVE-2020-4450) Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-4450 Description A vulnerability is present in some versions of IBM WebSphere Application Server. Observation IBM WebSphere Application Server is a server engine for Java EE Web applications. A vulnerability is present in some versions of IBM WebSphere Application Server. The flaw is in the handling of some specially-crafted sequence of serialized objects. Successful exploitation could allow an attacker to execute arbitrary code on the target. 26850 - Security Vulnerabilities Fixed In Firefox 78 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-12402, CVE-2020-12415, CVE-2020-12416, CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020- 12420, CVE-2020-12421, CVE-2020-12422, CVE-2020-12423, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426 Description Multiple vulnerabilities are present in some versions of Mozilla Firefox. Observation Mozilla Firefox is a popular web browser. Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition, disclosure of sensitive information or execute arbitrary code on the target system. 26858 - Security Vulnerabilities Fixed In Firefox ESR 68.10 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421 Description Multiple vulnerabilities are present in some versions of Mozilla Firefox ESR. Observation Mozilla Firefox ESR is a popular web browser. Multiple vulnerabilities are present in some versions of Mozilla Firefox ESR. The flaw lies in multiple components. Successful exploitation could allow an attacker to cause a denial of service condition. 149211 - SuSE Linux 15.1 openSUSE-SU-2020:1037-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-11328, CVE-2019-19724, CVE-2020-13845, CVE-2020-13846, CVE-2020-13847 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:1037-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-07/msg00122.html SuSE Linux 15.1 x86_64 singularity-3.6.0-lp151.2.6.1 singularity-debuginfo-3.6.0-lp151.2.6.1 26726 - WordPress Multiple Vulnerabilities Prior To 5.4.2 Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-MAP-NOMATCH Description Multiple vulnerabilities are present in some versions of WordPress. Observation WordPress is a popular blog application. Multiple vulnerabilities are present in some versions of WordPress. The flaws lie in multiple components. Successful exploitation could allow an attacker to gain elevated privileges or perform cross-site scripting attacks. 26728 - Privilege Escalation Vulnerability In WebSphere Application Server (CVE-2020-4362) Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-4362 Description A vulnerability is present in some versions of IBM WebSphere Application Server. Observation IBM WebSphere Application Server is a server engine for Java EE Web applications. A vulnerability is present in some versions of IBM WebSphere Application Server. The flaw occurs when using token-based authentication in an admin request over the SOAP connector. Successful exploitation could allow an attacker to gain elevated privileges. 26734 - Joomla CSRF In Com_postinstall Vulnerability (20200605) Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-2020-13760 Description A vulnerability is present in some versions of Joomla!. Observation Joomla! is a content management system. A vulnerability is present in some versions of Joomla!. The flaw lies in the com_postinstall component. Successful exploitation could allow an attacker to conduct cross-site request forgery attacks. 131635 - Debian Linux 10.0 DSA-4729-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2019-14380, CVE-2019-17113 Description The scan detected that the host is missing the following update: DSA-4729-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2020/dsa-4729 Debian 10.0 all libopenmpt-dev_0.4.3-1+deb10u1 libopenmpt-modplug-dev_0.4.3-1+deb10u1 libopenmpt-doc_0.4.3-1+deb10u1 openmpt123_0.4.3-1+deb10u1 libopenmpt0_0.4.3-1+deb10u1 libopenmpt-modplug1_0.4.3-1+deb10u1 149190 - SuSE Linux 15.1 openSUSE-SU-2020:1102-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-13934, CVE-2020-13935 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:1102-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-07/msg00185.html SuSE Linux 15.1 noarch tomcat-webapps-9.0.36-lp151.3.27.1 tomcat-el-3_0-api-9.0.36-lp151.3.27.1 tomcat-9.0.36-lp151.3.27.1 tomcat-servlet-4_0-api-9.0.36-lp151.3.27.1 tomcat-lib-9.0.36-lp151.3.27.1 tomcat-javadoc-9.0.36-lp151.3.27.1 tomcat-admin-webapps-9.0.36-lp151.3.27.1 tomcat-docs-webapp-9.0.36-lp151.3.27.1 tomcat-jsvc-9.0.36-lp151.3.27.1 tomcat-embed-9.0.36-lp151.3.27.1 tomcat-jsp-2_3-api-9.0.36-lp151.3.27.1 149191 - SuSE Linux 15.2 openSUSE-SU-2020:1062-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-12771, CVE-2020-15393 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:1062-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-07/msg00147.html SuSE Linux 15.2 x86_64 kernel-debug-debuginfo-5.3.18-lp152.33.1 kernel-debug-debugsource-5.3.18-lp152.33.1 kernel-kvmsmall-debuginfo-5.3.18-lp152.33.1 kernel-preempt-devel-5.3.18-lp152.33.1 kernel-default-debuginfo-5.3.18-lp152.33.1 kernel-preempt-devel-debuginfo-5.3.18-lp152.33.1 kernel-kvmsmall-devel-5.3.18-lp152.33.1 kernel-preempt-5.3.18-lp152.33.1 kernel-preempt-debugsource-5.3.18-lp152.33.1 kernel-debug-5.3.18-lp152.33.1 kernel-debug-devel-5.3.18-lp152.33.1 kernel-default-5.3.18-lp152.33.1 kernel-default-base-5.3.18-lp152.33.1.lp152.8.4.4 kernel-default-devel-5.3.18-lp152.33.1 kernel-obs-build-debugsource-5.3.18-lp152.33.1 kernel-kvmsmall-5.3.18-lp152.33.1 kernel-default-devel-debuginfo-5.3.18-lp152.33.1 kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.33.1 kernel-default-debugsource-5.3.18-lp152.33.1 kernel-syms-5.3.18-lp152.33.1 kernel-default-base-rebuild-5.3.18-lp152.33.1.lp152.8.4.4 kernel-debug-devel-debuginfo-5.3.18-lp152.33.1 kernel-preempt-debuginfo-5.3.18-lp152.33.1 kernel-kvmsmall-debugsource-5.3.18-lp152.33.1 kernel-obs-qa-5.3.18-lp152.33.1 kernel-obs-build-5.3.18-lp152.33.1 noarch kernel-source-5.3.18-lp152.33.1 kernel-macros-5.3.18-lp152.33.1 kernel-source-vanilla-5.3.18-lp152.33.1 kernel-docs-html-5.3.18-lp152.33.1 kernel-devel-5.3.18-lp152.33.1 kernel-docs-5.3.18-lp152.33.1 149192 - SuSE SLED 15 SP1, 15 SP2 SUSE-SU-2020:2029-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-15503 Description The scan detected that the host is missing the following update: SUSE-SU-2020:2029-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-July/007173.html SuSE SLED 15 SP1 x86_64 libraw16-0.18.9-3.11.1 libraw16-debuginfo-0.18.9-3.11.1 libraw-debugsource-0.18.9-3.11.1 libraw-debuginfo-0.18.9-3.11.1 libraw-devel-0.18.9-3.11.1 SuSE SLED 15 SP2 x86_64 libraw16-0.18.9-3.11.1 libraw16-debuginfo-0.18.9-3.11.1 libraw-debugsource-0.18.9-3.11.1 libraw-debuginfo-0.18.9-3.11.1 libraw-devel-0.18.9-3.11.1 149193 - SuSE Linux 15.2 openSUSE-SU-2020:1027-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-12823 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:1027-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-07/msg00112.html SuSE Linux 15.2 x86_64 openconnect-debugsource-7.08-lp152.9.4.2 openconnect-7.08-lp152.9.4.2 openconnect-debuginfo-7.08-lp152.9.4.2 openconnect-devel-7.08-lp152.9.4.2 openconnect-doc-7.08-lp152.9.4.2 noarch openconnect-lang-7.08-lp152.9.4.2 149194 - SuSE SLES 12 SP5 SUSE-SU-2020:2037-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-13934, CVE-2020-13935 Description The scan detected that the host is missing the following update: SUSE-SU-2020:2037-1 Observation Updates often remediate critical security problems that should be quickly addressed.
Load more

Recommended publications
  • Rawkit Documentation Release 0.6.0
    rawkit Documentation Release 0.6.0 Cameron Paul, Sam Whited Sep 20, 2018 Contents 1 Requirements 3 2 Installing rawkit 5 3 Getting Help 7 4 Tutorials 9 5 Architecture and Design 13 6 API Reference 15 7 Indices and tables 73 Python Module Index 75 i ii rawkit Documentation, Release 0.6.0 Note: rawkit is still alpha quality software. Until it hits 1.0, it may undergo substantial changes, including breaking API changes. rawkit is a ctypes-based set of LibRaw bindings for Python inspired by Wand. It is licensed under the MIT License. from rawkit.raw import Raw from rawkit.options import WhiteBalance with Raw(filename='some/raw/image.CR2') as raw: raw.options.white_balance= WhiteBalance(camera=False, auto=True) raw.save(filename='some/destination/image.ppm') Contents 1 rawkit Documentation, Release 0.6.0 2 Contents CHAPTER 1 Requirements • Python – CPython 2.7+ – CPython 3.4+ – PyPy 2.5+ – PyPy3 2.4+ • LibRaw – LibRaw 0.16.x (API version 10) – LibRaw 0.17.x (API version 11) 3 rawkit Documentation, Release 0.6.0 4 Chapter 1. Requirements CHAPTER 2 Installing rawkit First, you’ll need to install LibRaw: • libraw on Arch • LibRaw on Fedora 21+ • libraw10 on Ubuntu Utopic+ • libraw-bin on Debian Jessie+ Now you can fetch rawkit from PyPi: $ pip install rawkit 5 rawkit Documentation, Release 0.6.0 6 Chapter 2. Installing rawkit CHAPTER 3 Getting Help Need help? Join the #photoshell channel on Freenode. As always, don’t ask to ask (just ask) and if no one is around: be patient, if you part before we can answer there’s not much we can do.
    [Show full text]
  • Security: Patches, BIOS and EC Write Protection, Reproducible Builds (Diffoscope) and Coreboot
    Published on Tux Machines (http://www.tuxmachines.org) Home > content > Security: Patches, BIOS and EC Write Protection, Reproducible Builds (DiffoScope) and Coreboot Security: Patches, BIOS and EC Write Protection, Reproducible Builds (DiffoScope) and Coreboot By Roy Schestowitz Created 25/07/2020 - 1:48am Submitted by Roy Schestowitz on Saturday 25th of July 2020 01:48:23 AM Filed under Security [1] Security updates for Friday [2] Security updates have been issued by Debian (qemu), Fedora (java-11-openjdk, mod_authnz_pam, podofo, and python27), openSUSE (cni-plugins, tomcat, and xmlgraphics- batik), Oracle (dbus and thunderbird), SUSE (freerdp, kernel, libraw, perl-YAML-LibYAML, and samba), and Ubuntu (libvncserver and openjdk-lts). Librem 14 Features BIOS and EC Write Protection [3] We have been focused on BIOS security at Purism since the beginning, starting with our initiative to replace the proprietary BIOS on our first generation laptops with the open source coreboot project. This was a great first step as it not only meant customers could avoid proprietary code in line with Purism?s social purpose, it also meant the BIOS on Purism laptops could be audited for security bugs and possible backdoors to help avoid problems like the privilege escalation bug in Lenovo?s AMI firmware. Our next goal in BIOS security was to eliminate, replace or otherwise bypass the proprietary Intel Management Engine (ME) in our firmware. We have made massive progress on this front and our Librem laptops, Librem Mini, and Librem Server all ship with an ME that?s been disabled and neutralized. After that we shifted focus to protecting the BIOS against tampering.
    [Show full text]
  • The Showfoto Handbook the Showfoto Handbook
    The Showfoto Handbook The Showfoto Handbook 2 Contents 1 Introduction 13 1.1 Background . 13 1.1.1 About Showfoto . 13 1.1.2 Reporting Bugs . 13 1.1.3 Support . 13 1.1.4 Getting Involved . 13 1.2 Supported Image Formats . 14 1.2.1 Introduction . 14 1.2.2 Still Image Compression . 14 1.2.3 JPEG . 14 1.2.4 TIFF . 15 1.2.5 PNG . 15 1.2.6 PGF . 15 1.2.7 RAW . 15 2 The Showfoto sidebar 17 2.1 The Showfoto Right Sidebar . 17 2.1.1 Introduction to the Right Sidebar . 17 2.1.2 Properties . 17 2.1.3 Metadata . 18 2.1.3.1 EXIF Tags . 19 2.1.3.1.1 What is EXIF . 19 2.1.3.1.2 How to Use EXIF Viewer . 19 2.1.3.2 Makernote Tags . 20 2.1.3.2.1 What is Makernote . 20 2.1.3.2.2 How to Use Makernote Viewer . 20 2.1.3.3 IPTC Tags . 20 2.1.3.3.1 What is IPTC . 20 2.1.3.3.2 How to Use IPTC Viewer . 21 2.1.3.4 XMP Tags . 21 2.1.3.4.1 What is XMP . 21 2.1.3.4.2 How to Use XMP Viewer . 21 2.1.4 Colors . 21 The Showfoto Handbook 2.1.4.1 Histogram Viewer . 21 2.1.4.2 How To Use an Histogram . 23 2.1.5 Maps . 25 2.1.6 Captions . 26 2.1.6.1 Introduction .
    [Show full text]
  • Red Hat Enterprise Linux 7 7.8 Release Notes
    Red Hat Enterprise Linux 7 7.8 Release Notes Release Notes for Red Hat Enterprise Linux 7.8 Last Updated: 2021-03-02 Red Hat Enterprise Linux 7 7.8 Release Notes Release Notes for Red Hat Enterprise Linux 7.8 Legal Notice Copyright © 2021 Red Hat, Inc. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/ . In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries. Node.js ® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
    [Show full text]
  • Red Hat Enterprise Linux 7 7.9 Release Notes
    Red Hat Enterprise Linux 7 7.9 Release Notes Release Notes for Red Hat Enterprise Linux 7.9 Last Updated: 2021-08-17 Red Hat Enterprise Linux 7 7.9 Release Notes Release Notes for Red Hat Enterprise Linux 7.9 Legal Notice Copyright © 2021 Red Hat, Inc. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/ . In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries. Node.js ® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
    [Show full text]
  • Linux Box — Rev
    Linux Box | Rev Howard Gibson 2021/03/28 Contents 1 Introduction 1 1.1 Objective . 1 1.2 Copyright . 1 1.3 Why Linux? . 1 1.4 Summary . 2 1.4.1 Installation . 2 1.4.2 DVDs . 2 1.4.3 Gnome 3 . 3 1.4.4 SElinux . 4 1.4.5 MBR and GPT Formatted Disks . 4 2 Hardware 4 2.1 Motherboard . 5 2.2 CPU . 6 2.3 Memory . 6 2.4 Networking . 6 2.5 Video Card . 6 2.6 Hard Drives . 6 2.7 External Drives . 6 2.8 Interfaces . 7 2.9 Case . 7 2.10 Power Supply . 7 2.11 CD DVD and Blu-ray . 7 2.12 SATA Controller . 7 i 2.13 Sound Card . 8 2.14 Modem . 8 2.15 Keyboard and Mouse . 8 2.16 Monitor . 8 2.17 Scanner . 8 3 Installation 8 3.1 Planning . 8 3.1.1 Partitioning . 9 3.1.2 Security . 9 3.1.3 Backups . 11 3.2 /usr/local . 11 3.3 Text Editing . 11 3.4 Upgrading Fedora . 12 3.5 Root Access . 13 3.6 Installation . 13 3.7 Booting . 13 3.8 Installation . 14 3.9 Booting for the first time . 17 3.10 Logging in for the first time . 17 3.11 Updates . 18 3.12 Firewall . 18 3.13 sshd . 18 3.14 Extra Software . 19 3.15 Not Free Software . 21 3.16 /opt . 22 3.17 Interesting stuff I have selected in the past . 22 3.18 Window Managers . 23 3.18.1 Gnome 3 .
    [Show full text]
  • Cyber Intelligence Report
    05-27 Weekly Awareness Report (WAR) May 27, 2019 The Cyber Intelligence Report is an Open Source Intelligence AKA OSINT resource focusing on advanced persistent threats and other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime category directed at both business and political targets. Attack vectors include system compromise, social engineering, and even traditional espionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk. Summary Symantec ThreatCon Low: Basic network posture This condition applies when there is no discernible network incident activity and no malicious code activity with a moderate or severe risk rating. Under these conditions, only a routine security posture, designed to defeat normal network threats, is warranted. Automated systems and alerting mechanisms should be used. Sophos: last 10 Malware Last 10 PUAs * Troj/VBInj-TW * IStartSurfInstaller * Troj/Mdrop-IQG * iMyMac * Troj/Ransom-FKW * Bundlore * Troj/Inject-ECZ * VR Brothers * JS/Drop-BAK * AddDrop Bundled Installs * Troj/Inject-ECY * Genieo * Troj/DocDl-TXE * Lalaker1 Game Hacker * Troj/DocDl-TXC * DealPly Updater * Troj/Stealer-QR * 4Share Downloader * Troj/Phish-FEK * UltraDownloader Interesting News * IT threat evolution Q1 2019 Zebrocy and GreyEnergy, four zero-day vulnerabilities in Windows, attacks on cryptocurrency exchanges, a very old bug in WinRAR, attacks on smart devices and other events of the first quarter of 2019. * * The IWC Cyber Range is scheduled to release a new version May 1st. Ghidra and Grass Marlin are now installed along with several more Red/Blue Team tools. If you are interested, we have an active FaceBook Group and YouTube Channel.
    [Show full text]
  • Using a Virtual Machine and a X Server to (Almost) Use Siril on Windows
    Using a virtual machine and a X server to (almost) use Siril on Windows Mathieu Bertholet 23/10/2015 Rev. 00 – Initial Version Summary Overview ............................................................................................................................................3 Download the Ubuntu installation ......................................................................................................3 Install VirtualBox.................................................................................................................................4 Creating our virtual machine. ..............................................................................................................5 Installing our virtual machine ............................................................................................................ 11 Change the network parameters of your virtual machine : ........................................................ 13 Let’s install Siril in hapiness ............................................................................................................... 14 Install pre requisites ...................................................................................................................... 14 Install Siril ..................................................................................................................................... 14 MobaXterm Installation .................................................................................................................... 16 Copy
    [Show full text]
  • Mcafee Foundstone Fsl Update
    2017-SEP-28 FSL version 7.5.963 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 22461 - (APSB17-30) Vulnerabilities In Adobe ColdFusion Category: Windows Host Assessment -> Adobe Patches Only (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-11283, CVE-2017-11284, CVE-2017-11285, CVE-2017-11286 Description Multiple vulnerabilities are present in some versions of Adobe ColdFusion. Observation Adobe ColdFusion is a web application development platform. Multiple vulnerabilities are present in some versions of Adobe ColdFusion. The flaws lie in multiple components. Successful exploitation could allow an attacker to obtain sensitive information, or execute arbitrary code. The update provided by Adobe bulletin APSB17-30 resolves these issues. The target system appears to be missing this update. 22492 - Schneider Electric InduSoft Web Studio Missing Authentication Vulnerability Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-13997 Description A vulnerability in some versions of Schneider Electric InduSoft Web Studio could lead to a remote code execution. Observation InduSoft Web Studio is a tool to build SCADA (Supervisory Control And Data Acquisition) or HMI (Human-Machine Interface) applications. A vulnerability in some versions of Schneider Electric InduSoft Web Studio could lead
    [Show full text]
  • Mcafee Foundstone Fsl Update
    2019-JAN-04 FSL version 7.6.88 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 24552 - (HPESBHF03906) HPE Intelligent Management Center Multiple Vulnerabilities Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-7114, CVE-2018-7115, CVE-2018-7116 Description Multiple vulnerabilities are present in some versions of HPE Intelligent Management Center. Observation HPE Intelligent Management Center (iMC) is an enterprise-class network management platform. Multiple vulnerabilities are present in some versions of HPE Intelligent Management Center. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause a denial of service, cause buffer overflow or execute arbitrary code on the target system. 147517 - SuSE Linux 15.0 openSUSE-SU-2018:4306-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-16873, CVE-2018-16874, CVE-2018-16875, CVE-2018-7187 Description The scan detected that the host is missing the following update: openSUSE-SU-2018:4306-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2018-12/msg00154.html SuSE Linux 15.0 i586 go-1.10.4-lp150.2.7.1 go-doc-1.10.4-lp150.2.7.1
    [Show full text]
  • Piekarski-Tutorial-L
    Tutorial Notes – Building User Interfaces With Video and 3D Graphics For Fun and Profit! Building User Interfaces With Video and 3D Graphics For Fun and Profit! Tutorial Notes Linux Conf Au 2005 Canberra, ACT, Australia By Wayne Piekarski [email protected] http://www.tinmith.net/wayne Wearable Computer Lab School of Computer and Information Science The University of South Australia Wayne Piekarski – Linux Conf Au – Canberra, ACT – April 2005 1 Tutorial Notes – Building User Interfaces With Video and 3D Graphics For Fun and Profit! Abstract With the availability of cheap video capture and 3D graphics hardware on most desktop computers, we now have the ability to investigate new ways of interaction that were previously beyond the reach of the average hobbyist at home. Rather than viewing everything on a 2D desktop, what possibilities exist for viewing information in 3D? Instead of using a keyboard and mouse, what other more intuitive ways are there to interact with a 3D environment? This tutorial gives an introduction to some of the less mainstream possibilities that are available on your Linux PC running at home right now. Linux is an ideal platform for performing this type of work with, since there is a wide range of existing source code which can be extended in any way that you can imagine. The purpose of this tutorial is to encourage developers to think of new possibilities for input devices and user interfaces for their computers. In order to support this, I will also cover some of the less used and understood subsystems available under Linux, including the DRI and OpenGL 3D interfaces in XFree86, accessing video cameras using Video4Linux and the 1394 Firewire drivers, using free libraries such as ARToolkit for 3D object tracking, libraries such as OpenCV for vision recognition, and scene graph libraries for rendering 3D graphics.
    [Show full text]
  • OSSIM 1 Build Guide
    OSSIM 1 Build guide OSSIM Build Instructions Version 1.4 27 Sep 2010 RadiantBlue Technologies, Inc. 516 East New Haven Ave. Melbourne, FL 32901 www.radiantblue.com www.ossim.org OSSIM 2 Build guide Table of Contents 1 INTRODUCTION ...........................................................................................................................................................2 1.1 OBTAINING THE SOURCE...............................................................................................................................................................2 1.2 STANDARD ENVIRONMENT VARIABLES .....................................................................................................................................3 1.3 MODULES AND THEIR DEPENDENCIES........................................................................................................................................4 1.4 COMPILE VARIABLES......................................................................................................................................................................4 2 COMPILING THE LIBRARIES ....................................................................................................................................6 2.1 BUILDING ON UNIX FLAVOR SYSTEMS INCLUDING MACS......................................................................................................7 2.2 BUILDING ON WINDOWS...............................................................................................................................................................8
    [Show full text]