Mcafee Foundstone Fsl Update

2020-MAR-11 FSL version 7.6.150

MCAFEE FOUNDSTONE FSL UPDATE

To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.

NEW CHECKS

148787 - SuSE Linux 15.1 openSUSE-SU-2020:0272-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2009-4112, CVE-2018-20723, CVE-2018-20724, CVE-2018-20725, CVE-2018-20726, CVE-2019-16723, CVE-2019- 17357, CVE-2019-17358, CVE-2020-7106, CVE-2020-7237

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0272-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00009.html

SuSE Linux 15.1 x86_64 cacti-spine-debuginfo-1.2.9-lp151.3.3.1 cacti-spine-debugsource-1.2.9-lp151.3.3.1 cacti-spine-1.2.9-lp151.3.3.1 noarch cacti-1.2.9-lp151.3.3.1

26147 - Mozilla Firefox Vulnerabilities Prior To 73

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-6796, CVE-2020-6798, CVE-2020-6799, CVE-2020-6800, CVE-2020-6801

Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.

Observation Mozilla Firefox is a popular web browser.

Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition or execute arbitrary code on the target system.

148777 - SuSE Linux 15.1 openSUSE-SU-2020:0307-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-12528, CVE-2020-8449, CVE-2020-8450, CVE-2020-8517

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0307-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00045.html

SuSE Linux 15.1 x86_64 squid-debuginfo-4.10-lp151.2.11.1 squid-debugsource-4.10-lp151.2.11.1 squid-4.10-lp151.2.11.1

148780 - SuSE Linux 15.1 openSUSE-SU-2020:0259-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-6407, CVE-2020-6418

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0259-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00096.html

SuSE Linux 15.1 x86_64 chromium-debuginfo-80.0.3987.122-lp151.2.66.1 chromium-debugsource-80.0.3987.122-lp151.2.66.1 chromedriver-debuginfo-80.0.3987.122-lp151.2.66.1 chromedriver-80.0.3987.122-lp151.2.66.1 chromium-80.0.3987.122-lp151.2.66.1

148781 - SuSE SLES 12 SP4 SUSE-SU-2020:0599-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14895, CVE-2019-14896, CVE-2019-14897, CVE-2019-14901, CVE-2019-15213, CVE-2019- 16994, CVE-2019-18660, CVE-2019-18683, CVE-2019-18808, CVE-2019-18809, CVE-2019-19036, CVE-2019-19045, CVE-2019- 19049, CVE-2019-19051, CVE-2019-19052, CVE-2019-19054, CVE-2019-19056, CVE-2019-19057, CVE-2019-19058, CVE-2019- 19060, CVE-2019-19062, CVE-2019-19063, CVE-2019-19065, CVE-2019-19066, CVE-2019-19067, CVE-2019-19068, CVE-2019- 19073, CVE-2019-19074, CVE-2019-19075, CVE-2019-19077, CVE-2019-19227, CVE-2019-19318, CVE-2019-19319, CVE-2019- 19332, CVE-2019-19338, CVE-2019-19447, CVE-2019-19523, CVE-2019-19524, CVE-2019-19525, CVE-2019-19526, CVE-2019- 19527, CVE-2019-19528, CVE-2019-19529, CVE-2019-19530, CVE-2019-19531, CVE-2019-19532, CVE-2019-19533, CVE-2019- 19534, CVE-2019-19535, CVE-2019-19536, CVE-2019-19537, CVE-2019-19543, CVE-2019-19767, CVE-2019-19965, CVE-2019- 19966, CVE-2019-20054, CVE-2019-20095, CVE-2019-20096, CVE-2020-7053

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0599-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006580.html

SuSE SLES 12 SP4 x86_64 kernel-rt-base-4.12.14-8.12.1 kernel-rt-4.12.14-8.12.1 ocfs2-kmp-rt-4.12.14-8.12.1 kernel-rt-devel-4.12.14-8.12.1 kernel-rt_debug-devel-4.12.14-8.12.1 cluster-md-kmp-rt-4.12.14-8.12.1 kernel-syms-rt-4.12.14-8.12.1 gfs2-kmp-rt-4.12.14-8.12.1 dlm-kmp-rt-4.12.14-8.12.1 noarch kernel-source-rt-4.12.14-8.12.1 kernel-devel-rt-4.12.14-8.12.1

148782 - SuSE SLES 12 SP5 SUSE-SU-2020:0557-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-9674, CVE-2020-8492

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0557-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006563.html

SuSE SLES 12 SP5 x86_64 python36-base-debugsource-3.6.10-4.6.1 python36-debuginfo-3.6.10-4.6.1 libpython3_6m1_0-debuginfo-3.6.10-4.6.1 python36-base-debuginfo-3.6.10-4.6.1 libpython3_6m1_0-3.6.10-4.6.1 python36-3.6.10-4.6.1 python36-base-3.6.10-4.6.1 python36-debugsource-3.6.10-4.6.1 148783 - SuSE Linux 15.1 openSUSE-SU-2020:0293-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-15604, CVE-2019-15605, CVE-2019-15606

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0293-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00032.html

SuSE Linux 15.1 i586 npm8-8.17.0-lp151.2.12.1 nodejs8-debugsource-8.17.0-lp151.2.12.1 nodejs8-devel-8.17.0-lp151.2.12.1 nodejs8-8.17.0-lp151.2.12.1 nodejs8-debuginfo-8.17.0-lp151.2.12.1 noarch nodejs8-docs-8.17.0-lp151.2.12.1 x86_64 npm8-8.17.0-lp151.2.12.1 nodejs8-debugsource-8.17.0-lp151.2.12.1 nodejs8-devel-8.17.0-lp151.2.12.1 nodejs8-8.17.0-lp151.2.12.1 nodejs8-debuginfo-8.17.0-lp151.2.12.1

148784 - SuSE Linux 15.1 openSUSE-SU-2020:0273-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-9272, CVE-2020-9273

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0273-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00010.html

SuSE Linux 15.1 x86_64 proftpd-pgsql-1.3.6c-lp151.3.9.1 proftpd-radius-1.3.6c-lp151.3.9.1 proftpd-sqlite-debuginfo-1.3.6c-lp151.3.9.1 proftpd-doc-1.3.6c-lp151.3.9.1 proftpd-devel-1.3.6c-lp151.3.9.1 proftpd-ldap-debuginfo-1.3.6c-lp151.3.9.1 proftpd-pgsql-debuginfo-1.3.6c-lp151.3.9.1 proftpd-debugsource-1.3.6c-lp151.3.9.1 proftpd-lang-1.3.6c-bp151.4.9.1 proftpd-mysql-1.3.6c-lp151.3.9.1 proftpd-radius-debuginfo-1.3.6c-lp151.3.9.1 proftpd-ldap-1.3.6c-lp151.3.9.1 proftpd-debuginfo-1.3.6c-lp151.3.9.1 proftpd-1.3.6c-lp151.3.9.1 proftpd-sqlite-1.3.6c-lp151.3.9.1 proftpd-mysql-debuginfo-1.3.6c-lp151.3.9.1 noarch proftpd-lang-1.3.6c-lp151.3.9.1

148785 - SuSE SLES 12 SP4, 12 SP5, SLED 12 SP4 SUSE-SU-2020:0490-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0490-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-February/006533.html

SuSE SLES 12 SP4 x86_64 ppp-debugsource-2.4.7-4.3.1 ppp-2.4.7-4.3.1 ppp-debuginfo-2.4.7-4.3.1

SuSE SLED 12 SP4 x86_64 ppp-debugsource-2.4.7-4.3.1 ppp-2.4.7-4.3.1 ppp-debuginfo-2.4.7-4.3.1

SuSE SLES 12 SP5 x86_64 ppp-debugsource-2.4.7-4.3.1 ppp-2.4.7-4.3.1 ppp-debuginfo-2.4.7-4.3.1

148786 - SuSE Linux 15.1 openSUSE-SU-2020:0248-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-8955

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0248-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00095.html

SuSE Linux 15.1 x86_64 weechat-guile-2.1-lp151.3.3.1 weechat-lua-debuginfo-2.1-lp151.3.3.1 weechat-python-debuginfo-2.1-lp151.3.3.1 weechat-debugsource-2.1-lp151.3.3.1 weechat-devel-2.1-lp151.3.3.1 weechat-guile-debuginfo-2.1-lp151.3.3.1 weechat-debuginfo-2.1-lp151.3.3.1 weechat-tcl-2.1-lp151.3.3.1 weechat-perl-debuginfo-2.1-lp151.3.3.1 weechat-tcl-debuginfo-2.1-lp151.3.3.1 weechat-aspell-debuginfo-2.1-lp151.3.3.1 weechat-2.1-lp151.3.3.1 weechat-aspell-2.1-lp151.3.3.1 weechat-perl-2.1-lp151.3.3.1 weechat-python-2.1-lp151.3.3.1 weechat-ruby-debuginfo-2.1-lp151.3.3.1 weechat-ruby-2.1-lp151.3.3.1 weechat-lua-2.1-lp151.3.3.1 noarch weechat-ruby-debuginfo-2.1-bp150.3.3.1 weechat-perl-2.1-bp151.4.3.1 weechat-debugsource-2.1-bp150.3.3.1 weechat-aspell-debuginfo-2.1-bp150.3.3.1 weechat-guile-2.1-bp151.4.3.1 weechat-guile-debuginfo-2.1-bp150.3.3.1 weechat-python-2.1-bp151.4.3.1 weechat-perl-debuginfo-2.1-bp150.3.3.1 weechat-ruby-2.1-bp151.4.3.1 weechat-python-debuginfo-2.1-bp150.3.3.1 weechat-2.1-bp151.4.3.1 weechat-debuginfo-2.1-bp150.3.3.1 weechat-lua-2.1-bp151.4.3.1 weechat-tcl-debuginfo-2.1-bp150.3.3.1 weechat-devel-2.1-bp151.4.3.1 weechat-lang-2.1-lp151.3.3.1 weechat-aspell-2.1-bp151.4.3.1 weechat-tcl-2.1-bp151.4.3.1 weechat-lua-debuginfo-2.1-bp150.3.3.1

148788 - SuSE SLES 12 SP4, 12 SP5, SLED 12 SP4 SUSE-SU-2020:0497-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2016-9063, CVE-2017-1000158, CVE-2017-9233

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0497-1

SuSE SLES 12 SP4 x86_64 libpython3_4m1_0-debuginfo-3.4.10-25.39.2 python3-3.4.10-25.39.3 python3-curses-3.4.10-25.39.3 python3-base-3.4.10-25.39.2 python3-base-debuginfo-3.4.10-25.39.2 python3-curses-debuginfo-3.4.10-25.39.3 python3-debugsource-3.4.10-25.39.3 python3-base-debugsource-3.4.10-25.39.2 libpython3_4m1_0-3.4.10-25.39.2 python3-debuginfo-3.4.10-25.39.3

SuSE SLED 12 SP4 x86_64 libpython3_4m1_0-debuginfo-3.4.10-25.39.2 python3-3.4.10-25.39.3 python3-curses-3.4.10-25.39.3 python3-base-3.4.10-25.39.2 python3-base-debuginfo-3.4.10-25.39.2 python3-curses-debuginfo-3.4.10-25.39.3 python3-debugsource-3.4.10-25.39.3 python3-base-debugsource-3.4.10-25.39.2 libpython3_4m1_0-3.4.10-25.39.2 python3-debuginfo-3.4.10-25.39.3

SuSE SLES 12 SP5 x86_64 python3-base-debugsource-3.4.10-25.39.2 python3-tk-3.4.10-25.39.3 libpython3_4m1_0-32bit-3.4.10-25.39.2 libpython3_4m1_0-3.4.10-25.39.2 python3-base-3.4.10-25.39.2 libpython3_4m1_0-debuginfo-3.4.10-25.39.2 libpython3_4m1_0-debuginfo-32bit-3.4.10-25.39.2 python3-base-debuginfo-3.4.10-25.39.2 python3-base-debuginfo-32bit-3.4.10-25.39.2 python3-curses-debuginfo-3.4.10-25.39.3 python3-debugsource-3.4.10-25.39.3 python3-tk-debuginfo-3.4.10-25.39.3 python3-3.4.10-25.39.3 python3-curses-3.4.10-25.39.3 python3-debuginfo-3.4.10-25.39.3

148789 - SuSE Linux 15.1 openSUSE-SU-2020:0286-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0286-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00024.html

SuSE Linux 15.1 i586 ppp-debugsource-2.4.7-lp151.5.3.1 ppp-debuginfo-2.4.7-lp151.5.3.1 ppp-devel-2.4.7-lp151.5.3.1 ppp-2.4.7-lp151.5.3.1 noarch ppp-modem-2.4.7-lp151.5.3.1 x86_64 ppp-debugsource-2.4.7-lp151.5.3.1 ppp-debuginfo-2.4.7-lp151.5.3.1 ppp-devel-2.4.7-lp151.5.3.1 ppp-2.4.7-lp151.5.3.1

148790 - SuSE SLES 12 SP4, 12 SP5, SLED 12 SP4, 12 SP5 SUSE-SU-2020:0523-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-2574

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0523-1

SuSE SLES 12 SP4 x86_64 mariadb-100-errormessages-10.0.40.3-2.15.1 mariadb-100-debuginfo-10.0.40.3-2.15.1 libmysqlclient18-10.0.40.3-2.15.1 libmysqlclient18-debuginfo-10.0.40.3-2.15.1 libmysqlclient18-32bit-10.0.40.3-2.15.1 libmysqlclient18-debuginfo-32bit-10.0.40.3-2.15.1 mariadb-100-debugsource-10.0.40.3-2.15.1

SuSE SLES 12 SP5 x86_64 mariadb-100-errormessages-10.0.40.3-2.15.1 mariadb-100-debuginfo-10.0.40.3-2.15.1 libmysqlclient18-10.0.40.3-2.15.1 libmysqlclient18-debuginfo-10.0.40.3-2.15.1 libmysqlclient18-32bit-10.0.40.3-2.15.1 libmysqlclient18-debuginfo-32bit-10.0.40.3-2.15.1 mariadb-100-debugsource-10.0.40.3-2.15.1

SuSE SLED 12 SP4 x86_64 mariadb-100-debugsource-10.0.40.3-2.15.1 mariadb-100-debuginfo-10.0.40.3-2.15.1 libmysqlclient_r18-32bit-10.0.40.3-2.15.1 libmysqlclient_r18-10.0.40.3-2.15.1

SuSE SLED 12 SP5 x86_64 mariadb-100-debugsource-10.0.40.3-2.15.1 mariadb-100-debuginfo-10.0.40.3-2.15.1 libmysqlclient_r18-32bit-10.0.40.3-2.15.1 libmysqlclient_r18-10.0.40.3-2.15.1

148791 - SuSE Linux 15.1 openSUSE-SU-2020:0301-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-7041, CVE-2020-7042, CVE-2020-7043

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0301-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00039.html

SuSE Linux 15.1 x86_64 openfortivpn-debuginfo-1.12.0-lp151.2.5.1 openfortivpn-1.12.0-lp151.2.5.1 openfortivpn-debugsource-1.12.0-lp151.2.5.1

148792 - SuSE Linux 15.1 openSUSE-SU-2020:0289-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-18901, CVE-2020-2574

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0289-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00027.html

SuSE Linux 15.1 i586 mariadb-debugsource-10.2.31-lp151.2.12.1 mariadb-galera-10.2.31-lp151.2.12.1 mariadb-10.2.31-lp151.2.12.1 libmysqld-devel-10.2.31-lp151.2.12.1 mariadb-test-10.2.31-lp151.2.12.1 libmysqld19-debuginfo-10.2.31-lp151.2.12.1 libmysqld19-10.2.31-lp151.2.12.1 mariadb-tools-10.2.31-lp151.2.12.1 mariadb-debuginfo-10.2.31-lp151.2.12.1 mariadb-bench-10.2.31-lp151.2.12.1 mariadb-test-debuginfo-10.2.31-lp151.2.12.1 mariadb-client-debuginfo-10.2.31-lp151.2.12.1 mariadb-bench-debuginfo-10.2.31-lp151.2.12.1 mariadb-tools-debuginfo-10.2.31-lp151.2.12.1 mariadb-client-10.2.31-lp151.2.12.1 noarch mariadb-errormessages-10.2.31-lp151.2.12.1 x86_64 mariadb-debugsource-10.2.31-lp151.2.12.1 mariadb-galera-10.2.31-lp151.2.12.1 mariadb-10.2.31-lp151.2.12.1 libmysqld-devel-10.2.31-lp151.2.12.1 mariadb-test-10.2.31-lp151.2.12.1 libmysqld19-debuginfo-10.2.31-lp151.2.12.1 libmysqld19-10.2.31-lp151.2.12.1 mariadb-tools-10.2.31-lp151.2.12.1 mariadb-debuginfo-10.2.31-lp151.2.12.1 mariadb-bench-10.2.31-lp151.2.12.1 mariadb-test-debuginfo-10.2.31-lp151.2.12.1 mariadb-client-debuginfo-10.2.31-lp151.2.12.1 mariadb-bench-debuginfo-10.2.31-lp151.2.12.1 mariadb-tools-debuginfo-10.2.31-lp151.2.12.1 mariadb-client-10.2.31-lp151.2.12.1

148793 - SuSE SLES 12 SP5 SUSE-SU-2020:0487-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-12528, CVE-2020-8449, CVE-2020-8450, CVE-2020-8517

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0487-1

SuSE SLES 12 SP5 x86_64 squid-debugsource-4.10-4.6.1 squid-debuginfo-4.10-4.6.1 squid-4.10-4.6.1

148794 - SuSE Linux 15.1 openSUSE-SU-2020:0274-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-9674, CVE-2020-8492

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0274-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00013.html

SuSE Linux 15.1 x86_64 python3-base-3.6.10-lp151.6.11.1 python3-tools-3.6.10-lp151.6.11.1 libpython3_6m1_0-3.6.10-lp151.6.11.1 python3-curses-3.6.10-lp151.6.11.1 python3-devel-3.6.10-lp151.6.11.1 python3-devel-debuginfo-3.6.10-lp151.6.11.1 python3-curses-debuginfo-3.6.10-lp151.6.11.1 python3-tk-debuginfo-3.6.10-lp151.6.11.1 python3-base-32bit-3.6.10-lp151.6.11.1 libpython3_6m1_0-32bit-3.6.10-lp151.6.11.1 python3-testsuite-3.6.10-lp151.6.11.1 python3-debuginfo-3.6.10-lp151.6.11.1 python3-dbm-3.6.10-lp151.6.11.1 python3-debugsource-3.6.10-lp151.6.11.1 python3-base-32bit-debuginfo-3.6.10-lp151.6.11.1 python3-testsuite-debuginfo-3.6.10-lp151.6.11.1 python3-dbm-debuginfo-3.6.10-lp151.6.11.1 python3-base-debuginfo-3.6.10-lp151.6.11.1 python3-3.6.10-lp151.6.11.1 libpython3_6m1_0-32bit-debuginfo-3.6.10-lp151.6.11.1 python3-idle-3.6.10-lp151.6.11.1 python3-32bit-3.6.10-lp151.6.11.1 python3-32bit-debuginfo-3.6.10-lp151.6.11.1 python3-tk-3.6.10-lp151.6.11.1 libpython3_6m1_0-debuginfo-3.6.10-lp151.6.11.1 python3-base-debugsource-3.6.10-lp151.6.11.1 i586 python3-base-3.6.10-lp151.6.11.1 python3-tools-3.6.10-lp151.6.11.1 libpython3_6m1_0-3.6.10-lp151.6.11.1 python3-curses-3.6.10-lp151.6.11.1 python3-devel-3.6.10-lp151.6.11.1 python3-devel-debuginfo-3.6.10-lp151.6.11.1 python3-curses-debuginfo-3.6.10-lp151.6.11.1 python3-tk-debuginfo-3.6.10-lp151.6.11.1 python3-testsuite-3.6.10-lp151.6.11.1 python3-debuginfo-3.6.10-lp151.6.11.1 python3-dbm-3.6.10-lp151.6.11.1 python3-debugsource-3.6.10-lp151.6.11.1 python3-testsuite-debuginfo-3.6.10-lp151.6.11.1 python3-dbm-debuginfo-3.6.10-lp151.6.11.1 python3-base-debuginfo-3.6.10-lp151.6.11.1 python3-3.6.10-lp151.6.11.1 python3-idle-3.6.10-lp151.6.11.1 python3-tk-3.6.10-lp151.6.11.1 libpython3_6m1_0-debuginfo-3.6.10-lp151.6.11.1 python3-base-debugsource-3.6.10-lp151.6.11.1

148795 - SuSE SLES 12 SP4, 12 SP5 SUSE-SU-2020:0505-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-18901, CVE-2020-2574

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0505-1

SuSE SLES 12 SP4 noarch mariadb-errormessages-10.2.31-3.25.1 x86_64 mariadb-client-debuginfo-10.2.31-3.25.1 mariadb-tools-10.2.31-3.25.1 mariadb-tools-debuginfo-10.2.31-3.25.1 mariadb-debugsource-10.2.31-3.25.1 mariadb-10.2.31-3.25.1 mariadb-debuginfo-10.2.31-3.25.1 mariadb-client-10.2.31-3.25.1

SuSE SLES 12 SP5 noarch mariadb-errormessages-10.2.31-3.25.1 x86_64 mariadb-client-debuginfo-10.2.31-3.25.1 mariadb-tools-10.2.31-3.25.1 mariadb-tools-debuginfo-10.2.31-3.25.1 mariadb-debugsource-10.2.31-3.25.1 mariadb-10.2.31-3.25.1 mariadb-debuginfo-10.2.31-3.25.1 mariadb-client-10.2.31-3.25.1

148796 - SuSE SLES 12 SP4, SLED 12 SP4 SUSE-SU-2020:0584-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-15213, CVE-2019-16994, CVE-2019-18808, CVE-2019- 19036, CVE-2019-19045, CVE-2019-19051, CVE-2019-19054, CVE-2019-19066, CVE-2019-19318, CVE-2019-19319, CVE-2019- 19332, CVE-2019-19338, CVE-2019-19447, CVE-2019-19523, CVE-2019-19524, CVE-2019-19525, CVE-2019-19526, CVE-2019- 19527, CVE-2019-19528, CVE-2019-19529, CVE-2019-19530, CVE-2019-19531, CVE-2019-19532, CVE-2019-19533, CVE-2019- 19534, CVE-2019-19535, CVE-2019-19536, CVE-2019-19537, CVE-2019-19543, CVE-2019-19767, CVE-2019-19965, CVE-2019- 19966, CVE-2019-20054, CVE-2019-20095, CVE-2019-20096, CVE-2020-2732, CVE-2020-7053, CVE-2020-8428, CVE-2020- 8648, CVE-2020-8992

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0584-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006575.html

SuSE SLED 12 SP4 x86_64 kernel-default-extra-debuginfo-4.12.14-95.48.1 kernel-default-extra-4.12.14-95.48.1 kernel-default-debuginfo-4.12.14-95.48.1 kernel-default-debugsource-4.12.14-95.48.1

SuSE SLES 12 SP4 noarch kernel-devel-4.12.14-95.48.1 kernel-source-4.12.14-95.48.1 kernel-macros-4.12.14-95.48.1 x86_64 kernel-default-base-4.12.14-95.48.1 kernel-default-4.12.14-95.48.1 kernel-default-debuginfo-4.12.14-95.48.1 kernel-default-debugsource-4.12.14-95.48.1 kernel-default-devel-debuginfo-4.12.14-95.48.1 kernel-default-devel-4.12.14-95.48.1 kernel-default-base-debuginfo-4.12.14-95.48.1 kernel-syms-4.12.14-95.48.1

148797 - SuSE SLES 12 SP4, 12 SP5 SUSE-SU-2020:0528-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-4732, CVE-2020-2583, CVE-2020-2593, CVE-2020-2604, CVE-2020-2659

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0528-1

SuSE SLES 12 SP4 x86_64 java-1_8_0-ibm-alsa-1.8.0_sr6.5-30.63.1 java-1_8_0-ibm-plugin-1.8.0_sr6.5-30.63.1 java-1_8_0-ibm-1.8.0_sr6.5-30.63.1

SuSE SLES 12 SP5 x86_64 java-1_8_0-ibm-alsa-1.8.0_sr6.5-30.63.1 java-1_8_0-ibm-plugin-1.8.0_sr6.5-30.63.1 java-1_8_0-ibm-1.8.0_sr6.5-30.63.1

148798 - SuSE Linux 15.1 openSUSE-SU-2020:0250-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0250-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00099.html

SuSE Linux 15.1 x86_64 enigmail-2.1.5-lp151.2.9.1

148799 - SuSE Linux 15.1 openSUSE-SU-2020:0264-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-20030, CVE-2019-9278

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0264-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00004.html

SuSE Linux 15.1 x86_64 libexif-debugsource-0.6.21-lp151.4.3.1 libexif-devel-0.6.21-lp151.4.3.1 libexif-devel-32bit-0.6.21-lp151.4.3.1 libexif12-0.6.21-lp151.4.3.1 libexif12-debuginfo-0.6.21-lp151.4.3.1 libexif12-32bit-0.6.21-lp151.4.3.1 libexif12-32bit-debuginfo-0.6.21-lp151.4.3.1 i586 libexif-debugsource-0.6.21-lp151.4.3.1 libexif12-0.6.21-lp151.4.3.1 libexif12-debuginfo-0.6.21-lp151.4.3.1 libexif-devel-0.6.21-lp151.4.3.1

148800 - SuSE SLES 12 SP5 SUSE-SU-2020:0558-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-16994, CVE-2019-19036, CVE-2019-19045, CVE-2019- 19054, CVE-2019-19318, CVE-2019-19927, CVE-2019-19965, CVE-2020-2732, CVE-2020-7053, CVE-2020-8428, CVE-2020- 8648, CVE-2020-8992

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0558-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006562.html

SuSE SLES 12 SP5 x86_64 kernel-azure-4.12.14-16.10.1 kernel-azure-debugsource-4.12.14-16.10.1 kernel-syms-azure-4.12.14-16.10.1 kernel-azure-base-4.12.14-16.10.1 kernel-azure-devel-4.12.14-16.10.1 kernel-azure-debuginfo-4.12.14-16.10.1 kernel-azure-base-debuginfo-4.12.14-16.10.1 noarch kernel-source-azure-4.12.14-16.10.1 kernel-devel-azure-4.12.14-16.10.1

148801 - SuSE Linux 15.1 openSUSE-SU-2020:0253-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-20105

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0253-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00101.html

SuSE Linux 15.1 noarch yast2-rmt-1.2.2-lp151.2.3.1

148802 - SuSE Linux 15.1 openSUSE-SU-2020:0247-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-5208

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0247-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00093.html

SuSE Linux 15.1 x86_64 ipmitool-1.8.18-lp151.4.3.1 ipmitool-debugsource-1.8.18-lp151.4.3.1 ipmitool-debuginfo-1.8.18-lp151.4.3.1 noarch ipmitool-bmc-snmp-proxy-1.8.18-lp151.4.3.1

148803 - SuSE SLES 12 SP4 SUSE-SU-2020:0559-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-16994, CVE-2019-18808, CVE-2019-19036, CVE-2019- 19045, CVE-2019-19054, CVE-2019-19066, CVE-2019-19318, CVE-2019-19319, CVE-2019-19447, CVE-2019-19767, CVE-2019- 19965, CVE-2019-19966, CVE-2019-20054, CVE-2019-20095, CVE-2019-20096, CVE-2020-2732, CVE-2020-7053, CVE-2020- 8428, CVE-2020-8648, CVE-2020-8992

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0559-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006564.html

SuSE SLES 12 SP4 x86_64 kernel-syms-azure-4.12.14-6.37.1 kernel-azure-debuginfo-4.12.14-6.37.1 kernel-azure-debugsource-4.12.14-6.37.1 kernel-azure-devel-4.12.14-6.37.1 kernel-azure-base-debuginfo-4.12.14-6.37.1 kernel-azure-4.12.14-6.37.1 kernel-azure-base-4.12.14-6.37.1 noarch kernel-devel-azure-4.12.14-6.37.1 kernel-source-azure-4.12.14-6.37.1

148804 - SuSE Linux 15.1 openSUSE-SU-2020:0302-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-3687, CVE-2020-8013

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0302-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00040.html

SuSE Linux 15.1 i586 permissions-20181116-lp151.4.12.1 permissions-debuginfo-20181116-lp151.4.12.1 permissions-debugsource-20181116-lp151.4.12.1 noarch permissions-zypp-plugin-20181116-lp151.4.12.1 x86_64 permissions-20181116-lp151.4.12.1 permissions-debuginfo-20181116-lp151.4.12.1 permissions-debugsource-20181116-lp151.4.12.1

148805 - SuSE SLED 15 SP1 SUSE-SU-2020:0560-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-15213, CVE-2019-16746, CVE-2019-16994, CVE-2019- 18808, CVE-2019-19036, CVE-2019-19045, CVE-2019-19051, CVE-2019-19054, CVE-2019-19066, CVE-2019-19318, CVE-2019- 19319, CVE-2019-19332, CVE-2019-19338, CVE-2019-19447, CVE-2019-19523, CVE-2019-19526, CVE-2019-19527, CVE-2019- 19532, CVE-2019-19533, CVE-2019-19535, CVE-2019-19537, CVE-2019-19767, CVE-2019-19927, CVE-2019-19965, CVE-2019- 19966, CVE-2019-20054, CVE-2019-20095, CVE-2019-20096, CVE-2020-2732, CVE-2020-7053, CVE-2020-8428, CVE-2020- 8648, CVE-2020-8992

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0560-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006566.html

SuSE SLED 15 SP1 x86_64 kernel-default-debuginfo-4.12.14-197.34.1 kernel-default-extra-debuginfo-4.12.14-197.34.1 kernel-default-extra-4.12.14-197.34.1 kernel-default-debugsource-4.12.14-197.34.1

148806 - SuSE Linux 15.1 openSUSE-SU-2020:0278-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0278-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00016.html

SuSE Linux 15.1 i586 typelib-1_0-JavaScriptCore-4_0-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-debuginfo-2.26.4-lp151.2.12.1 webkit2gtk-4_0-injected-bundles-debuginfo-2.26.4-lp151.2.12.1 typelib-1_0-WebKit2-4_0-2.26.4-lp151.2.12.1 webkit2gtk3-devel-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-2.26.4-lp151.2.12.1 webkit-jsc-4-debuginfo-2.26.4-lp151.2.12.1 webkit2gtk-4_0-injected-bundles-2.26.4-lp151.2.12.1 webkit-jsc-4-2.26.4-lp151.2.12.1 typelib-1_0-WebKit2WebExtension-4_0-2.26.4-lp151.2.12.1 webkit2gtk3-debugsource-2.26.4-lp151.2.12.1 webkit2gtk3-minibrowser-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-2.26.4-lp151.2.12.1 webkit2gtk3-minibrowser-debuginfo-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-debuginfo-2.26.4-lp151.2.12.1 noarch libwebkit2gtk3-lang-2.26.4-lp151.2.12.1 x86_64 typelib-1_0-JavaScriptCore-4_0-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-debuginfo-2.26.4-lp151.2.12.1 webkit2gtk-4_0-injected-bundles-debuginfo-2.26.4-lp151.2.12.1 typelib-1_0-WebKit2-4_0-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-32bit-2.26.4-lp151.2.12.1 webkit2gtk3-devel-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-2.26.4-lp151.2.12.1 webkit-jsc-4-debuginfo-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-32bit-debuginfo-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-32bit-2.26.4-lp151.2.12.1 webkit2gtk-4_0-injected-bundles-2.26.4-lp151.2.12.1 webkit-jsc-4-2.26.4-lp151.2.12.1 typelib-1_0-WebKit2WebExtension-4_0-2.26.4-lp151.2.12.1 webkit2gtk3-debugsource-2.26.4-lp151.2.12.1 webkit2gtk3-minibrowser-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-2.26.4-lp151.2.12.1 webkit2gtk3-minibrowser-debuginfo-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-debuginfo-2.26.4-lp151.2.12.1

148807 - SuSE Linux 15.1 openSUSE-SU-2020:0255-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-18900

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0255-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00106.html

SuSE Linux 15.1 i586 libzypp-17.19.0-lp151.2.10.1 zypper-1.14.33-lp151.2.10.1 perl-solv-debuginfo-0.7.10-lp151.2.10.1 libsolv-tools-debuginfo-0.7.10-lp151.2.10.1 libsolv-debugsource-0.7.10-lp151.2.10.1 ruby-solv-0.7.10-lp151.2.10.1 python3-solv-0.7.10-lp151.2.10.1 python-solv-0.7.10-lp151.2.10.1 zypper-debuginfo-1.14.33-lp151.2.10.1 libzypp-debuginfo-17.19.0-lp151.2.10.1 libsolv-devel-0.7.10-lp151.2.10.1 libzypp-devel-17.19.0-lp151.2.10.1 libsolv-devel-debuginfo-0.7.10-lp151.2.10.1 libsolv-demo-debuginfo-0.7.10-lp151.2.10.1 libsolv-tools-0.7.10-lp151.2.10.1 ruby-solv-debuginfo-0.7.10-lp151.2.10.1 libzypp-debugsource-17.19.0-lp151.2.10.1 zypper-debugsource-1.14.33-lp151.2.10.1 python3-solv-debuginfo-0.7.10-lp151.2.10.1 python-solv-debuginfo-0.7.10-lp151.2.10.1 perl-solv-0.7.10-lp151.2.10.1 libzypp-devel-doc-17.19.0-lp151.2.10.1 libsolv-demo-0.7.10-lp151.2.10.1 libsolv-debuginfo-0.7.10-lp151.2.10.1 noarch zypper-needs-restarting-1.14.33-lp151.2.10.1 zypper-aptitude-1.14.33-lp151.2.10.1 zypper-log-1.14.33-lp151.2.10.1 x86_64 libzypp-17.19.0-lp151.2.10.1 zypper-1.14.33-lp151.2.10.1 perl-solv-debuginfo-0.7.10-lp151.2.10.1 libsolv-tools-debuginfo-0.7.10-lp151.2.10.1 libsolv-debugsource-0.7.10-lp151.2.10.1 ruby-solv-0.7.10-lp151.2.10.1 python3-solv-0.7.10-lp151.2.10.1 python-solv-0.7.10-lp151.2.10.1 zypper-debuginfo-1.14.33-lp151.2.10.1 libzypp-debuginfo-17.19.0-lp151.2.10.1 libsolv-devel-0.7.10-lp151.2.10.1 libzypp-devel-17.19.0-lp151.2.10.1 libsolv-devel-debuginfo-0.7.10-lp151.2.10.1 libsolv-demo-debuginfo-0.7.10-lp151.2.10.1 libsolv-tools-0.7.10-lp151.2.10.1 ruby-solv-debuginfo-0.7.10-lp151.2.10.1 libzypp-debugsource-17.19.0-lp151.2.10.1 zypper-debugsource-1.14.33-lp151.2.10.1 python3-solv-debuginfo-0.7.10-lp151.2.10.1 python-solv-debuginfo-0.7.10-lp151.2.10.1 perl-solv-0.7.10-lp151.2.10.1 libzypp-devel-doc-17.19.0-lp151.2.10.1 libsolv-demo-0.7.10-lp151.2.10.1 libsolv-debuginfo-0.7.10-lp151.2.10.1

148808 - SuSE SLES 12 SP5, SLED 12 SP5 SUSE-SU-2020:0580-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-16994, CVE-2019-18808, CVE-2019-19036, CVE-2019- 19045, CVE-2019-19054, CVE-2019-19318, CVE-2019-19319, CVE-2019-19447, CVE-2019-19767, CVE-2019-19927, CVE-2019- 19965, CVE-2019-19966, CVE-2019-20054, CVE-2019-20095, CVE-2019-20096, CVE-2020-7053, CVE-2020-8428, CVE-2020- 8648, CVE-2020-8992

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0580-1

SuSE SLED 12 SP5 x86_64 kernel-default-extra-debuginfo-4.12.14-122.17.1 kernel-default-debugsource-4.12.14-122.17.1 kernel-default-extra-4.12.14-122.17.1 kernel-default-debuginfo-4.12.14-122.17.1

SuSE SLES 12 SP5 noarch kernel-macros-4.12.14-122.17.1 kernel-source-4.12.14-122.17.1 kernel-devel-4.12.14-122.17.1 x86_64 kernel-default-base-debuginfo-4.12.14-122.17.1 kernel-default-debugsource-4.12.14-122.17.1 kernel-syms-4.12.14-122.17.1 kernel-default-debuginfo-4.12.14-122.17.1 kernel-default-devel-debuginfo-4.12.14-122.17.1 kernel-default-4.12.14-122.17.1 kernel-default-base-4.12.14-122.17.1 kernel-default-devel-4.12.14-122.17.1

160686 - CentOS 6 CESA-2020-0631 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597

Description The scan detected that the host is missing the following update: CESA-2020-0631

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035650.html

CentOS 6 x86_64 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10 i686 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10

160687 - CentOS 7 CESA-2020-0578 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2019-16865, CVE-2020-5312

Description The scan detected that the host is missing the following update: CESA-2020-0578

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035646.html

CentOS 7 x86_64 python-pillow-qt-2.0.0-20.gitd1c6db8.el7_7 python-pillow-sane-2.0.0-20.gitd1c6db8.el7_7 python-pillow-devel-2.0.0-20.gitd1c6db8.el7_7 python-pillow-2.0.0-20.gitd1c6db8.el7_7 python-pillow-tk-2.0.0-20.gitd1c6db8.el7_7 python-pillow-doc-2.0.0-20.gitd1c6db8.el7_7 i686 python-pillow-2.0.0-20.gitd1c6db8.el7_7 python-pillow-devel-2.0.0-20.gitd1c6db8.el7_7

160688 - CentOS 7 CESA-2020-0568 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2019-14868

Description The scan detected that the host is missing the following update: CESA-2020-0568

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035647.html

CentOS 7 x86_64 ksh-20120801-140.el7_7

160689 - CentOS 7 CESA-2020-0374 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2019-14816, CVE-2019-14895, CVE-2019-14898, CVE-2019-14901, CVE-2019-17133

Description The scan detected that the host is missing the following update: CESA-2020-0374

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035645.html

CentOS 7 x86_64 kernel-debug-3.10.0-1062.12.1.el7 kernel-tools-libs-3.10.0-1062.12.1.el7 kernel-tools-libs-devel-3.10.0-1062.12.1.el7 kernel-debug-devel-3.10.0-1062.12.1.el7 kernel-devel-3.10.0-1062.12.1.el7 python-perf-3.10.0-1062.12.1.el7 kernel-headers-3.10.0-1062.12.1.el7 kernel-tools-3.10.0-1062.12.1.el7 kernel-3.10.0-1062.12.1.el7 bpftool-3.10.0-1062.12.1.el7 perf-3.10.0-1062.12.1.el7 noarch kernel-abi-whitelists-3.10.0-1062.12.1.el7 kernel-doc-3.10.0-1062.12.1.el7

160690 - CentOS 7 CESA-2020-0703 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2019-15605

Description The scan detected that the host is missing the following update: CESA-2020-0703

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-March/035655.html

CentOS 7 x86_64 http-parser-devel-2.7.1-8.el7_7.2 http-parser-2.7.1-8.el7_7.2 i686 http-parser-devel-2.7.1-8.el7_7.2 http-parser-2.7.1-8.el7_7.2

160691 - CentOS 6 CESA-2020-0702 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2018-1311

Description The scan detected that the host is missing the following update: CESA-2020-0702

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-March/035653.html

CentOS 6 i686 xerces-c-3.0.1-21.el6_10 xerces-c-devel-3.0.1-21.el6_10 noarch xerces-c-doc-3.0.1-21.el6_10 x86_64 xerces-c-3.0.1-21.el6_10 xerces-c-devel-3.0.1-21.el6_10

160692 - CentOS 6 CESA-2020-0574 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800

Description The scan detected that the host is missing the following update: CESA-2020-0574

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035649.html

CentOS 6 x86_64 thunderbird-68.5.0-1.el6.centos i686 thunderbird-68.5.0-1.el6.centos

160693 - CentOS 7 CESA-2020-0704 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2018-1311

Description The scan detected that the host is missing the following update: CESA-2020-0704

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-March/035654.html

CentOS 7 i686 xerces-c-3.1.1-10.el7_7 xerces-c-devel-3.1.1-10.el7_7 noarch xerces-c-doc-3.1.1-10.el7_7 x86_64 xerces-c-3.1.1-10.el7_7 xerces-c-devel-3.1.1-10.el7_7 160694 - CentOS 6 CESA-2020-0632 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659

Description The scan detected that the host is missing the following update: CESA-2020-0632

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035651.html

CentOS 6 i686 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10 noarch java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.el6_10 x86_64 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10

160695 - CentOS 7 CESA-2020-0576 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800

Description The scan detected that the host is missing the following update: CESA-2020-0576

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035648.html

CentOS 7 x86_64 thunderbird-68.5.0-1.el7.centos

160696 - CentOS 7 CESA-2020-0630 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597

Description The scan detected that the host is missing the following update: CESA-2020-0630

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035652.html

CentOS 7 x86_64 ppp-devel-2.4.5-34.el7_7 ppp-2.4.5-34.el7_7 i686 ppp-devel-2.4.5-34.el7_7

164137 - Oracle Enterprise Linux ELSA-2020-0630 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597

Description The scan detected that the host is missing the following update: ELSA-2020-0630

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2020-February/009666.html

OEL7 x86_64 ppp-devel-2.4.5-34.el7_7 ppp-2.4.5-34.el7_7

164138 - Oracle Enterprise Linux ELSA-2020-0632 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659

Description The scan detected that the host is missing the following update: ELSA-2020-0632

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2020-February/009668.html

OEL6 x86_64 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.0.1.el6_10 i386 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.0.1.el6_10

164139 - Oracle Enterprise Linux ELSA-2020-0631 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597

Description The scan detected that the host is missing the following update: ELSA-2020-0631

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2020-February/009667.html

OEL6 x86_64 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10 i386 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10

164140 - Oracle Enterprise Linux ELSA-2020-0633 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597

Description The scan detected that the host is missing the following update: ELSA-2020-0633

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2020-February/009670.html

OEL8 x86_64 ppp-devel-2.4.7-26.el8_1 ppp-2.4.7-26.el8_1

183208 - FreeBSD TiMidity++ Multiple Vulnerabilities (d37407bd-5c5f-11ea-bb2a-8c164582fbac)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2017-11546, CVE-2017-11547, CVE-2017-11549

Description The scan detected that the host is missing the following update: TiMidity++ -- Multiple vulnerabilities (d37407bd-5c5f-11ea-bb2a-8c164582fbac)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/d37407bd-5c5f-11ea-bb2a-8c164582fbac.html

Affected packages: timidity++ < 2.15.0 timidity++-emacs < 2.15.0 timidity++-gtk < 2.15.0 timidity++-motif < 2.15.0 timidity++-slang < 2.15.0 timidity++-tcltk < 2.15.0 timidity++-xaw < 2.15.0 timidity++-xskin < 2.15.0

196615 - Red Hat Enterprise Linux RHSA-2020-0702 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-1311

Description The scan detected that the host is missing the following update: RHSA-2020-0702

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-March/msg00009.html

RHEL6D i386 xerces-c-devel-3.0.1-21.el6_10 xerces-c-debuginfo-3.0.1-21.el6_10 xerces-c-3.0.1-21.el6_10 noarch xerces-c-doc-3.0.1-21.el6_10 x86_64 xerces-c-devel-3.0.1-21.el6_10 xerces-c-debuginfo-3.0.1-21.el6_10 xerces-c-3.0.1-21.el6_10

RHEL6S i386 xerces-c-devel-3.0.1-21.el6_10 xerces-c-debuginfo-3.0.1-21.el6_10 xerces-c-3.0.1-21.el6_10 noarch xerces-c-doc-3.0.1-21.el6_10 x86_64 xerces-c-devel-3.0.1-21.el6_10 xerces-c-debuginfo-3.0.1-21.el6_10 xerces-c-3.0.1-21.el6_10

196616 - Red Hat Enterprise Linux RHSA-2020-0704 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-1311

Description The scan detected that the host is missing the following update: RHSA-2020-0704

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-March/msg00011.html

RHEL7D x86_64 xerces-c-devel-3.1.1-10.el7_7 xerces-c-debuginfo-3.1.1-10.el7_7 xerces-c-3.1.1-10.el7_7 noarch xerces-c-doc-3.1.1-10.el7_7

RHEL7S noarch xerces-c-doc-3.1.1-10.el7_7 x86_64 xerces-c-devel-3.1.1-10.el7_7 xerces-c-debuginfo-3.1.1-10.el7_7 xerces-c-3.1.1-10.el7_7

RHEL7WS x86_64 xerces-c-devel-3.1.1-10.el7_7 xerces-c-debuginfo-3.1.1-10.el7_7 xerces-c-3.1.1-10.el7_7 noarch xerces-c-doc-3.1.1-10.el7_7

196617 - Red Hat Enterprise Linux RHSA-2020-0632 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659

Description The scan detected that the host is missing the following update: RHSA-2020-0632

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-February/msg00082.html

RHEL6D i386 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10 noarch java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.el6_10 x86_64 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10

RHEL6S i386 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10 noarch java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.el6_10 x86_64 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10

RHEL6WS x86_64 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 i386 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10

196618 - Red Hat Enterprise Linux RHSA-2020-0630 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597

Description The scan detected that the host is missing the following update: RHSA-2020-0630

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-February/msg00080.html

RHEL7D x86_64 ppp-devel-2.4.5-34.el7_7 ppp-debuginfo-2.4.5-34.el7_7 ppp-2.4.5-34.el7_7

RHEL7S x86_64 ppp-devel-2.4.5-34.el7_7 ppp-debuginfo-2.4.5-34.el7_7 ppp-2.4.5-34.el7_7

RHEL7WS x86_64 ppp-devel-2.4.5-34.el7_7 ppp-debuginfo-2.4.5-34.el7_7 ppp-2.4.5-34.el7_7

196619 - Red Hat Enterprise Linux RHSA-2020-0631 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597

Description The scan detected that the host is missing the following update: RHSA-2020-0631 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-February/msg00084.html

RHEL6D x86_64 ppp-debuginfo-2.4.5-11.el6_10 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10 i386 ppp-debuginfo-2.4.5-11.el6_10 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10

RHEL6S i386 ppp-debuginfo-2.4.5-11.el6_10 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10 x86_64 ppp-debuginfo-2.4.5-11.el6_10 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10

RHEL6WS x86_64 ppp-2.4.5-11.el6_10 ppp-debuginfo-2.4.5-11.el6_10 i386 ppp-2.4.5-11.el6_10 ppp-debuginfo-2.4.5-11.el6_10

196620 - Red Hat Enterprise Linux RHSA-2020-0703 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2019-15605

Description The scan detected that the host is missing the following update: RHSA-2020-0703

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-March/msg00010.html

RHEL7D x86_64 http-parser-debuginfo-2.7.1-8.el7_7.2 http-parser-2.7.1-8.el7_7.2 http-parser-devel-2.7.1-8.el7_7.2

RHEL7S x86_64 http-parser-debuginfo-2.7.1-8.el7_7.2 http-parser-2.7.1-8.el7_7.2 http-parser-devel-2.7.1-8.el7_7.2

RHEL7WS x86_64 http-parser-debuginfo-2.7.1-8.el7_7.2 http-parser-2.7.1-8.el7_7.2 http-parser-devel-2.7.1-8.el7_7.2

196621 - Red Hat Enterprise Linux RHSA-2020-0726 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2019-18634

Description The scan detected that the host is missing the following update: RHSA-2020-0726

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-March/msg00019.html

RHEL6D x86_64 sudo-1.8.6p3-29.el6_10.3 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-devel-1.8.6p3-29.el6_10.3 i386 sudo-1.8.6p3-29.el6_10.3 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-devel-1.8.6p3-29.el6_10.3

RHEL6S i386 sudo-1.8.6p3-29.el6_10.3 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-devel-1.8.6p3-29.el6_10.3 x86_64 sudo-1.8.6p3-29.el6_10.3 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-devel-1.8.6p3-29.el6_10.3

RHEL6WS x86_64 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-1.8.6p3-29.el6_10.3 i386 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-1.8.6p3-29.el6_10.3

26142 - Mozilla Thunderbird Vulnerabilities Prior To 68.5

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800

Description Multiple vulnerabilities are present in some versions of Mozilla Thunderbird.

Observation Mozilla Thunderbird is an open-source email, newsgroup, news feed, and chat client.

Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition or execute arbitrary code on the target system.

26143 - IBM WebSphere Application Server Vulnerability (CVE-2019-2989)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2019-2989

Description A vulnerability is present in some versions of IBM WebSphere Application Server.

Observation IBM WebSphere Application Server is a server engine for Java EE Web applications.

A vulnerability is present in some versions of IBM WebSphere Application Server. The flaw lies in the IBM Java SDK. Successful exploitation could allow an attacker to affect the integrity of the target system.

148779 - SuSE SLES 12 SP4, 12 SP5 SUSE-SU-2020:0555-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-18074

Description The scan detected that the host is missing the following update: SUSE-SU-2020:0555-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006561.html

SuSE SLES 12 SP4 noarch python3-asn1crypto-0.24.0-2.5.1 python3-packaging-17.1-2.5.1 python-asn1crypto-0.24.0-2.5.1 python-packaging-17.1-2.5.1 x86_64 python-PyYAML-5.1.2-26.9.4 python-PyYAML-debugsource-5.1.2-26.9.4 python-PyYAML-debuginfo-5.1.2-26.9.4

SuSE SLES 12 SP5 noarch python3-asn1crypto-0.24.0-2.5.1 python3-packaging-17.1-2.5.1 python-requests-2.20.1-8.7.7 python-asn1crypto-0.24.0-2.5.1 python-packaging-17.1-2.5.1 x86_64 python-PyYAML-5.1.2-26.9.4 python-PyYAML-debugsource-5.1.2-26.9.4 python-PyYAML-debuginfo-5.1.2-26.9.4

171198 - Amazon Linux AMI ALAS-2020-1347 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2020-7059, CVE-2020-7060

Description The scan detected that the host is missing the following update: ALAS-2020-1347

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://alas.aws.amazon.com/ALAS-2020-1347.html

Amazon Linux AMI x86_64 php73-intl-7.3.14-1.23.amzn1 php73-pspell-7.3.14-1.23.amzn1 php73-recode-7.3.14-1.23.amzn1 php73-mysqlnd-7.3.14-1.23.amzn1 php73-gd-7.3.14-1.23.amzn1 php73-7.3.14-1.23.amzn1 php73-ldap-7.3.14-1.23.amzn1 php73-fpm-7.3.14-1.23.amzn1 php73-dbg-7.3.14-1.23.amzn1 php73-pdo-7.3.14-1.23.amzn1 php73-mbstring-7.3.14-1.23.amzn1 php73-pgsql-7.3.14-1.23.amzn1 php73-common-7.3.14-1.23.amzn1 php73-devel-7.3.14-1.23.amzn1 php73-enchant-7.3.14-1.23.amzn1 php73-pdo-dblib-7.3.14-1.23.amzn1 php73-process-7.3.14-1.23.amzn1 php73-embedded-7.3.14-1.23.amzn1 php73-soap-7.3.14-1.23.amzn1 php73-gmp-7.3.14-1.23.amzn1 php73-json-7.3.14-1.23.amzn1 php73-cli-7.3.14-1.23.amzn1 php73-bcmath-7.3.14-1.23.amzn1 php73-snmp-7.3.14-1.23.amzn1 php73-opcache-7.3.14-1.23.amzn1 php73-xmlrpc-7.3.14-1.23.amzn1 php73-tidy-7.3.14-1.23.amzn1 php73-odbc-7.3.14-1.23.amzn1 php73-dba-7.3.14-1.23.amzn1 php73-debuginfo-7.3.14-1.23.amzn1 php73-imap-7.3.14-1.23.amzn1 php73-xml-7.3.14-1.23.amzn1 i686 php73-intl-7.3.14-1.23.amzn1 php73-pspell-7.3.14-1.23.amzn1 php73-recode-7.3.14-1.23.amzn1 php73-mysqlnd-7.3.14-1.23.amzn1 php73-gd-7.3.14-1.23.amzn1 php73-7.3.14-1.23.amzn1 php73-ldap-7.3.14-1.23.amzn1 php73-fpm-7.3.14-1.23.amzn1 php73-dbg-7.3.14-1.23.amzn1 php73-pdo-7.3.14-1.23.amzn1 php73-mbstring-7.3.14-1.23.amzn1 php73-common-7.3.14-1.23.amzn1 php73-devel-7.3.14-1.23.amzn1 php73-enchant-7.3.14-1.23.amzn1 php73-pdo-dblib-7.3.14-1.23.amzn1 php73-process-7.3.14-1.23.amzn1 php73-embedded-7.3.14-1.23.amzn1 php73-pgsql-7.3.14-1.23.amzn1 php73-snmp-7.3.14-1.23.amzn1 php73-json-7.3.14-1.23.amzn1 php73-gmp-7.3.14-1.23.amzn1 php73-cli-7.3.14-1.23.amzn1 php73-bcmath-7.3.14-1.23.amzn1 php73-soap-7.3.14-1.23.amzn1 php73-opcache-7.3.14-1.23.amzn1 php73-xmlrpc-7.3.14-1.23.amzn1 php73-tidy-7.3.14-1.23.amzn1 php73-odbc-7.3.14-1.23.amzn1 php73-dba-7.3.14-1.23.amzn1 php73-debuginfo-7.3.14-1.23.amzn1 php73-imap-7.3.14-1.23.amzn1 php73-xml-7.3.14-1.23.amzn1

171199 - Amazon Linux AMI ALAS-2020-1346 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2020-7059, CVE-2020-7060

Description The scan detected that the host is missing the following update: ALAS-2020-1346 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://alas.aws.amazon.com/ALAS-2020-1346.html

Amazon Linux AMI x86_64 php72-cli-7.2.27-1.20.amzn1 php72-opcache-7.2.27-1.20.amzn1 php72-embedded-7.2.27-1.20.amzn1 php72-json-7.2.27-1.20.amzn1 php72-mysqlnd-7.2.27-1.20.amzn1 php72-xml-7.2.27-1.20.amzn1 php72-xmlrpc-7.2.27-1.20.amzn1 php72-intl-7.2.27-1.20.amzn1 php72-snmp-7.2.27-1.20.amzn1 php72-process-7.2.27-1.20.amzn1 php72-common-7.2.27-1.20.amzn1 php72-ldap-7.2.27-1.20.amzn1 php72-pdo-7.2.27-1.20.amzn1 php72-bcmath-7.2.27-1.20.amzn1 php72-gmp-7.2.27-1.20.amzn1 php72-dba-7.2.27-1.20.amzn1 php72-debuginfo-7.2.27-1.20.amzn1 php72-recode-7.2.27-1.20.amzn1 php72-enchant-7.2.27-1.20.amzn1 php72-imap-7.2.27-1.20.amzn1 php72-mbstring-7.2.27-1.20.amzn1 php72-soap-7.2.27-1.20.amzn1 php72-gd-7.2.27-1.20.amzn1 php72-odbc-7.2.27-1.20.amzn1 php72-fpm-7.2.27-1.20.amzn1 php72-pgsql-7.2.27-1.20.amzn1 php72-tidy-7.2.27-1.20.amzn1 php72-devel-7.2.27-1.20.amzn1 php72-pspell-7.2.27-1.20.amzn1 php72-pdo-dblib-7.2.27-1.20.amzn1 php72-7.2.27-1.20.amzn1 php72-dbg-7.2.27-1.20.amzn1 i686 php72-ldap-7.2.27-1.20.amzn1 php72-opcache-7.2.27-1.20.amzn1 php72-embedded-7.2.27-1.20.amzn1 php72-json-7.2.27-1.20.amzn1 php72-mysqlnd-7.2.27-1.20.amzn1 php72-xml-7.2.27-1.20.amzn1 php72-xmlrpc-7.2.27-1.20.amzn1 php72-intl-7.2.27-1.20.amzn1 php72-cli-7.2.27-1.20.amzn1 php72-dbg-7.2.27-1.20.amzn1 php72-snmp-7.2.27-1.20.amzn1 php72-process-7.2.27-1.20.amzn1 php72-common-7.2.27-1.20.amzn1 php72-pdo-7.2.27-1.20.amzn1 php72-bcmath-7.2.27-1.20.amzn1 php72-gmp-7.2.27-1.20.amzn1 php72-dba-7.2.27-1.20.amzn1 php72-debuginfo-7.2.27-1.20.amzn1 php72-recode-7.2.27-1.20.amzn1 php72-imap-7.2.27-1.20.amzn1 php72-mbstring-7.2.27-1.20.amzn1 php72-soap-7.2.27-1.20.amzn1 php72-gd-7.2.27-1.20.amzn1 php72-odbc-7.2.27-1.20.amzn1 php72-fpm-7.2.27-1.20.amzn1 php72-pgsql-7.2.27-1.20.amzn1 php72-tidy-7.2.27-1.20.amzn1 php72-devel-7.2.27-1.20.amzn1 php72-pspell-7.2.27-1.20.amzn1 php72-pdo-dblib-7.2.27-1.20.amzn1 php72-7.2.27-1.20.amzn1 php72-enchant-7.2.27-1.20.amzn1

26144 - IBM Websphere Application Server Vulnerability (CVE-2019-4670)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2019-4670

Description A vulnerability is present in some versions of IBM WebSphere Application Server.

Observation IBM WebSphere Application Server is a server engine for Java EE Web applications.

A vulnerability is present in some versions of IBM WebSphere Application Server. The flaw is due to improper data representation. Successful exploitation could allow a remote attacker to disclose sensitive information on the target.

148778 - SuSE Linux 15.1 openSUSE-SU-2020:0261-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2019-0804

Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0261-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00108.html

SuSE Linux 15.1 noarch python-azure-agent-2.2.45-lp151.2.3.1 python-azure-agent-test-2.2.45-lp151.2.3.1

26137 - IBM WebSphere Application Server Vulnerability (1127367) Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Low CVE: CVE-2019-4663

Description A vulnerability is present in some versions of IBM WebSphere Application Server Liberty.

Observation IBM WebSphere Application Server Liberty is a server engine for Java EE Web applications.

A vulnerability is present in some versions of IBM WebSphere Application Server Liberty. The flaw lies in Admin Center. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.

26145 - PostgreSQL Core Server Vulnerability (CVE-2020-1720)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Low CVE: CVE-2020-1720

Description A vulnerability is present in some versions of PostgreSQL.

Observation PostgreSQL is an open-source object-relational database management system.

A vulnerability is present in some versions of PostgreSQL. The flaw lies in the core server. Successful exploitation could allow an attacker to affect integrity of the target system.

131537 - Debian Linux 10.0 DSA-4636-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2020-6802

Description The scan detected that the host is missing the following update: DSA-4636-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2020/dsa-4636

Debian 10.0 all python-bleach_3.1.1-0+deb10u1

131538 - Debian Linux 10.0, 9.0 DSA-4634-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2020-8794

Description The scan detected that the host is missing the following update: DSA-4634-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2020/dsa-4634

Debian 9.0 all opensmtpd_6.0.2p1-2+deb9u3

Debian 10.0 all opensmtpd_6.0.3p1-5+deb10u4

131539 - Debian Linux 10.0, 9.0 DSA-4635-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2020-9273

Description The scan detected that the host is missing the following update: DSA-4635-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2020/dsa-4635

Debian 9.0 all proftpd-mod-mysql_1.3.5b-4+deb9u4 proftpd-doc_1.3.5b-4+deb9u4 proftpd-mod-ldap_1.3.5b-4+deb9u4 proftpd-mod-geoip_1.3.5b-4+deb9u4 proftpd-basic_1.3.5b-4+deb9u4 proftpd-mod-pgsql_1.3.5b-4+deb9u4 proftpd-dev_1.3.5b-4+deb9u4 proftpd-mod-sqlite_1.3.5b-4+deb9u4 proftpd-mod-odbc_1.3.5b-4+deb9u4

Debian 10.0 all proftpd-mod-ldap_1.3.6-4+deb10u4 proftpd-doc_1.3.6-4+deb10u4 proftpd-dev_1.3.6-4+deb10u4 proftpd-mod-odbc_1.3.6-4+deb10u4 proftpd-basic_1.3.6-4+deb10u4 proftpd-mod-geoip_1.3.6-4+deb10u4 proftpd-mod-sqlite_1.3.6-4+deb10u4 proftpd-mod-snmp_1.3.6-4+deb10u4 proftpd-mod-pgsql_1.3.6-4+deb10u4 proftpd-mod-mysql_1.3.6-4+deb10u4

183206 - FreeBSD ntp Multiple Vulnerabilities (591a706b-5cdc-11ea-9a0a-206a8a720317)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: ntp -- Multiple vulnerabilities (591a706b-5cdc-11ea-9a0a-206a8a720317)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/591a706b-5cdc-11ea-9a0a-206a8a720317.html

Affected packages: 11.3 <= FreeBSD < 11.3_7 12.0 <= FreeBSD < 12.0_14 12.1 <= FreeBSD < 12.1_3 ntp < 4.2.8p14 ntp-devel <= 4.3.99_6

183207 - FreeBSD librsvg2 Multiple Vulnabilities (b66583ae-5aee-4cd5-bb31-b2d397f8b6b3)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2019-20446

Description The scan detected that the host is missing the following update: librsvg2 -- multiple vulnabilities (b66583ae-5aee-4cd5-bb31-b2d397f8b6b3)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/b66583ae-5aee-4cd5-bb31-b2d397f8b6b3.html

Affected packages: librsvg2 < 2.40.21 2.41.0 <= librsvg2-rust < 2.46.3

183209 - FreeBSD Solr Multiple Vulnerabilities (e59cb761-5ad8-11ea-abb7-001b217b3468)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2019-17558 Description The scan detected that the host is missing the following update: Solr -- multiple vulnerabilities (e59cb761-5ad8-11ea-abb7-001b217b3468)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/e59cb761-5ad8-11ea-abb7-001b217b3468.html

Affected packages: apache-solr < 8.3.1

ENHANCED CHECKS

The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 183202 - FreeBSD LPE And RCE In OpenSMTPD's Default Install (f0683976-5779-11ea-8a77-1c872ccb1e42)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2020-8793, CVE-2020-8794

Update Details FASLScript is updated

HOW TO UPDATE

FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.

FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.

MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.

MCAFEE TECHNICAL SUPPORT

ServicePortal: https://mysupport.mcafee.com Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.

This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.