2020-MAR-11 FSL version 7.6.150
MCAFEE FOUNDSTONE FSL UPDATE
To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.
NEW CHECKS
148787 - SuSE Linux 15.1 openSUSE-SU-2020:0272-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2009-4112, CVE-2018-20723, CVE-2018-20724, CVE-2018-20725, CVE-2018-20726, CVE-2019-16723, CVE-2019- 17357, CVE-2019-17358, CVE-2020-7106, CVE-2020-7237
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0272-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00009.html
SuSE Linux 15.1 x86_64 cacti-spine-debuginfo-1.2.9-lp151.3.3.1 cacti-spine-debugsource-1.2.9-lp151.3.3.1 cacti-spine-1.2.9-lp151.3.3.1 noarch cacti-1.2.9-lp151.3.3.1
26147 - Mozilla Firefox Vulnerabilities Prior To 73
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-6796, CVE-2020-6798, CVE-2020-6799, CVE-2020-6800, CVE-2020-6801
Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.
Observation Mozilla Firefox is a popular web browser.
Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition or execute arbitrary code on the target system.
148777 - SuSE Linux 15.1 openSUSE-SU-2020:0307-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-12528, CVE-2020-8449, CVE-2020-8450, CVE-2020-8517
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0307-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00045.html
SuSE Linux 15.1 x86_64 squid-debuginfo-4.10-lp151.2.11.1 squid-debugsource-4.10-lp151.2.11.1 squid-4.10-lp151.2.11.1
148780 - SuSE Linux 15.1 openSUSE-SU-2020:0259-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-6407, CVE-2020-6418
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0259-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00096.html
SuSE Linux 15.1 x86_64 chromium-debuginfo-80.0.3987.122-lp151.2.66.1 chromium-debugsource-80.0.3987.122-lp151.2.66.1 chromedriver-debuginfo-80.0.3987.122-lp151.2.66.1 chromedriver-80.0.3987.122-lp151.2.66.1 chromium-80.0.3987.122-lp151.2.66.1
148781 - SuSE SLES 12 SP4 SUSE-SU-2020:0599-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14895, CVE-2019-14896, CVE-2019-14897, CVE-2019-14901, CVE-2019-15213, CVE-2019- 16994, CVE-2019-18660, CVE-2019-18683, CVE-2019-18808, CVE-2019-18809, CVE-2019-19036, CVE-2019-19045, CVE-2019- 19049, CVE-2019-19051, CVE-2019-19052, CVE-2019-19054, CVE-2019-19056, CVE-2019-19057, CVE-2019-19058, CVE-2019- 19060, CVE-2019-19062, CVE-2019-19063, CVE-2019-19065, CVE-2019-19066, CVE-2019-19067, CVE-2019-19068, CVE-2019- 19073, CVE-2019-19074, CVE-2019-19075, CVE-2019-19077, CVE-2019-19227, CVE-2019-19318, CVE-2019-19319, CVE-2019- 19332, CVE-2019-19338, CVE-2019-19447, CVE-2019-19523, CVE-2019-19524, CVE-2019-19525, CVE-2019-19526, CVE-2019- 19527, CVE-2019-19528, CVE-2019-19529, CVE-2019-19530, CVE-2019-19531, CVE-2019-19532, CVE-2019-19533, CVE-2019- 19534, CVE-2019-19535, CVE-2019-19536, CVE-2019-19537, CVE-2019-19543, CVE-2019-19767, CVE-2019-19965, CVE-2019- 19966, CVE-2019-20054, CVE-2019-20095, CVE-2019-20096, CVE-2020-7053
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0599-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006580.html
SuSE SLES 12 SP4 x86_64 kernel-rt-base-4.12.14-8.12.1 kernel-rt-4.12.14-8.12.1 ocfs2-kmp-rt-4.12.14-8.12.1 kernel-rt-devel-4.12.14-8.12.1 kernel-rt_debug-devel-4.12.14-8.12.1 cluster-md-kmp-rt-4.12.14-8.12.1 kernel-syms-rt-4.12.14-8.12.1 gfs2-kmp-rt-4.12.14-8.12.1 dlm-kmp-rt-4.12.14-8.12.1 noarch kernel-source-rt-4.12.14-8.12.1 kernel-devel-rt-4.12.14-8.12.1
148782 - SuSE SLES 12 SP5 SUSE-SU-2020:0557-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-9674, CVE-2020-8492
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0557-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006563.html
SuSE SLES 12 SP5 x86_64 python36-base-debugsource-3.6.10-4.6.1 python36-debuginfo-3.6.10-4.6.1 libpython3_6m1_0-debuginfo-3.6.10-4.6.1 python36-base-debuginfo-3.6.10-4.6.1 libpython3_6m1_0-3.6.10-4.6.1 python36-3.6.10-4.6.1 python36-base-3.6.10-4.6.1 python36-debugsource-3.6.10-4.6.1 148783 - SuSE Linux 15.1 openSUSE-SU-2020:0293-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-15604, CVE-2019-15605, CVE-2019-15606
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0293-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00032.html
SuSE Linux 15.1 i586 npm8-8.17.0-lp151.2.12.1 nodejs8-debugsource-8.17.0-lp151.2.12.1 nodejs8-devel-8.17.0-lp151.2.12.1 nodejs8-8.17.0-lp151.2.12.1 nodejs8-debuginfo-8.17.0-lp151.2.12.1 noarch nodejs8-docs-8.17.0-lp151.2.12.1 x86_64 npm8-8.17.0-lp151.2.12.1 nodejs8-debugsource-8.17.0-lp151.2.12.1 nodejs8-devel-8.17.0-lp151.2.12.1 nodejs8-8.17.0-lp151.2.12.1 nodejs8-debuginfo-8.17.0-lp151.2.12.1
148784 - SuSE Linux 15.1 openSUSE-SU-2020:0273-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-9272, CVE-2020-9273
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0273-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00010.html
SuSE Linux 15.1 x86_64 proftpd-pgsql-1.3.6c-lp151.3.9.1 proftpd-radius-1.3.6c-lp151.3.9.1 proftpd-sqlite-debuginfo-1.3.6c-lp151.3.9.1 proftpd-doc-1.3.6c-lp151.3.9.1 proftpd-devel-1.3.6c-lp151.3.9.1 proftpd-ldap-debuginfo-1.3.6c-lp151.3.9.1 proftpd-pgsql-debuginfo-1.3.6c-lp151.3.9.1 proftpd-debugsource-1.3.6c-lp151.3.9.1 proftpd-lang-1.3.6c-bp151.4.9.1 proftpd-mysql-1.3.6c-lp151.3.9.1 proftpd-radius-debuginfo-1.3.6c-lp151.3.9.1 proftpd-ldap-1.3.6c-lp151.3.9.1 proftpd-debuginfo-1.3.6c-lp151.3.9.1 proftpd-1.3.6c-lp151.3.9.1 proftpd-sqlite-1.3.6c-lp151.3.9.1 proftpd-mysql-debuginfo-1.3.6c-lp151.3.9.1 noarch proftpd-lang-1.3.6c-lp151.3.9.1
148785 - SuSE SLES 12 SP4, 12 SP5, SLED 12 SP4 SUSE-SU-2020:0490-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0490-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-February/006533.html
SuSE SLES 12 SP4 x86_64 ppp-debugsource-2.4.7-4.3.1 ppp-2.4.7-4.3.1 ppp-debuginfo-2.4.7-4.3.1
SuSE SLED 12 SP4 x86_64 ppp-debugsource-2.4.7-4.3.1 ppp-2.4.7-4.3.1 ppp-debuginfo-2.4.7-4.3.1
SuSE SLES 12 SP5 x86_64 ppp-debugsource-2.4.7-4.3.1 ppp-2.4.7-4.3.1 ppp-debuginfo-2.4.7-4.3.1
148786 - SuSE Linux 15.1 openSUSE-SU-2020:0248-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-8955
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0248-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00095.html
SuSE Linux 15.1 x86_64 weechat-guile-2.1-lp151.3.3.1 weechat-lua-debuginfo-2.1-lp151.3.3.1 weechat-python-debuginfo-2.1-lp151.3.3.1 weechat-debugsource-2.1-lp151.3.3.1 weechat-devel-2.1-lp151.3.3.1 weechat-guile-debuginfo-2.1-lp151.3.3.1 weechat-debuginfo-2.1-lp151.3.3.1 weechat-tcl-2.1-lp151.3.3.1 weechat-perl-debuginfo-2.1-lp151.3.3.1 weechat-tcl-debuginfo-2.1-lp151.3.3.1 weechat-aspell-debuginfo-2.1-lp151.3.3.1 weechat-2.1-lp151.3.3.1 weechat-aspell-2.1-lp151.3.3.1 weechat-perl-2.1-lp151.3.3.1 weechat-python-2.1-lp151.3.3.1 weechat-ruby-debuginfo-2.1-lp151.3.3.1 weechat-ruby-2.1-lp151.3.3.1 weechat-lua-2.1-lp151.3.3.1 noarch weechat-ruby-debuginfo-2.1-bp150.3.3.1 weechat-perl-2.1-bp151.4.3.1 weechat-debugsource-2.1-bp150.3.3.1 weechat-aspell-debuginfo-2.1-bp150.3.3.1 weechat-guile-2.1-bp151.4.3.1 weechat-guile-debuginfo-2.1-bp150.3.3.1 weechat-python-2.1-bp151.4.3.1 weechat-perl-debuginfo-2.1-bp150.3.3.1 weechat-ruby-2.1-bp151.4.3.1 weechat-python-debuginfo-2.1-bp150.3.3.1 weechat-2.1-bp151.4.3.1 weechat-debuginfo-2.1-bp150.3.3.1 weechat-lua-2.1-bp151.4.3.1 weechat-tcl-debuginfo-2.1-bp150.3.3.1 weechat-devel-2.1-bp151.4.3.1 weechat-lang-2.1-lp151.3.3.1 weechat-aspell-2.1-bp151.4.3.1 weechat-tcl-2.1-bp151.4.3.1 weechat-lua-debuginfo-2.1-bp150.3.3.1
148788 - SuSE SLES 12 SP4, 12 SP5, SLED 12 SP4 SUSE-SU-2020:0497-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2016-9063, CVE-2017-1000158, CVE-2017-9233
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0497-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-February/006536.html
SuSE SLES 12 SP4 x86_64 libpython3_4m1_0-debuginfo-3.4.10-25.39.2 python3-3.4.10-25.39.3 python3-curses-3.4.10-25.39.3 python3-base-3.4.10-25.39.2 python3-base-debuginfo-3.4.10-25.39.2 python3-curses-debuginfo-3.4.10-25.39.3 python3-debugsource-3.4.10-25.39.3 python3-base-debugsource-3.4.10-25.39.2 libpython3_4m1_0-3.4.10-25.39.2 python3-debuginfo-3.4.10-25.39.3
SuSE SLED 12 SP4 x86_64 libpython3_4m1_0-debuginfo-3.4.10-25.39.2 python3-3.4.10-25.39.3 python3-curses-3.4.10-25.39.3 python3-base-3.4.10-25.39.2 python3-base-debuginfo-3.4.10-25.39.2 python3-curses-debuginfo-3.4.10-25.39.3 python3-debugsource-3.4.10-25.39.3 python3-base-debugsource-3.4.10-25.39.2 libpython3_4m1_0-3.4.10-25.39.2 python3-debuginfo-3.4.10-25.39.3
SuSE SLES 12 SP5 x86_64 python3-base-debugsource-3.4.10-25.39.2 python3-tk-3.4.10-25.39.3 libpython3_4m1_0-32bit-3.4.10-25.39.2 libpython3_4m1_0-3.4.10-25.39.2 python3-base-3.4.10-25.39.2 libpython3_4m1_0-debuginfo-3.4.10-25.39.2 libpython3_4m1_0-debuginfo-32bit-3.4.10-25.39.2 python3-base-debuginfo-3.4.10-25.39.2 python3-base-debuginfo-32bit-3.4.10-25.39.2 python3-curses-debuginfo-3.4.10-25.39.3 python3-debugsource-3.4.10-25.39.3 python3-tk-debuginfo-3.4.10-25.39.3 python3-3.4.10-25.39.3 python3-curses-3.4.10-25.39.3 python3-debuginfo-3.4.10-25.39.3
148789 - SuSE Linux 15.1 openSUSE-SU-2020:0286-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0286-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00024.html
SuSE Linux 15.1 i586 ppp-debugsource-2.4.7-lp151.5.3.1 ppp-debuginfo-2.4.7-lp151.5.3.1 ppp-devel-2.4.7-lp151.5.3.1 ppp-2.4.7-lp151.5.3.1 noarch ppp-modem-2.4.7-lp151.5.3.1 x86_64 ppp-debugsource-2.4.7-lp151.5.3.1 ppp-debuginfo-2.4.7-lp151.5.3.1 ppp-devel-2.4.7-lp151.5.3.1 ppp-2.4.7-lp151.5.3.1
148790 - SuSE SLES 12 SP4, 12 SP5, SLED 12 SP4, 12 SP5 SUSE-SU-2020:0523-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-2574
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0523-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-February/006548.html
SuSE SLES 12 SP4 x86_64 mariadb-100-errormessages-10.0.40.3-2.15.1 mariadb-100-debuginfo-10.0.40.3-2.15.1 libmysqlclient18-10.0.40.3-2.15.1 libmysqlclient18-debuginfo-10.0.40.3-2.15.1 libmysqlclient18-32bit-10.0.40.3-2.15.1 libmysqlclient18-debuginfo-32bit-10.0.40.3-2.15.1 mariadb-100-debugsource-10.0.40.3-2.15.1
SuSE SLES 12 SP5 x86_64 mariadb-100-errormessages-10.0.40.3-2.15.1 mariadb-100-debuginfo-10.0.40.3-2.15.1 libmysqlclient18-10.0.40.3-2.15.1 libmysqlclient18-debuginfo-10.0.40.3-2.15.1 libmysqlclient18-32bit-10.0.40.3-2.15.1 libmysqlclient18-debuginfo-32bit-10.0.40.3-2.15.1 mariadb-100-debugsource-10.0.40.3-2.15.1
SuSE SLED 12 SP4 x86_64 mariadb-100-debugsource-10.0.40.3-2.15.1 mariadb-100-debuginfo-10.0.40.3-2.15.1 libmysqlclient_r18-32bit-10.0.40.3-2.15.1 libmysqlclient_r18-10.0.40.3-2.15.1
SuSE SLED 12 SP5 x86_64 mariadb-100-debugsource-10.0.40.3-2.15.1 mariadb-100-debuginfo-10.0.40.3-2.15.1 libmysqlclient_r18-32bit-10.0.40.3-2.15.1 libmysqlclient_r18-10.0.40.3-2.15.1
148791 - SuSE Linux 15.1 openSUSE-SU-2020:0301-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-7041, CVE-2020-7042, CVE-2020-7043
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0301-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00039.html
SuSE Linux 15.1 x86_64 openfortivpn-debuginfo-1.12.0-lp151.2.5.1 openfortivpn-1.12.0-lp151.2.5.1 openfortivpn-debugsource-1.12.0-lp151.2.5.1
148792 - SuSE Linux 15.1 openSUSE-SU-2020:0289-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-18901, CVE-2020-2574
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0289-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00027.html
SuSE Linux 15.1 i586 mariadb-debugsource-10.2.31-lp151.2.12.1 mariadb-galera-10.2.31-lp151.2.12.1 mariadb-10.2.31-lp151.2.12.1 libmysqld-devel-10.2.31-lp151.2.12.1 mariadb-test-10.2.31-lp151.2.12.1 libmysqld19-debuginfo-10.2.31-lp151.2.12.1 libmysqld19-10.2.31-lp151.2.12.1 mariadb-tools-10.2.31-lp151.2.12.1 mariadb-debuginfo-10.2.31-lp151.2.12.1 mariadb-bench-10.2.31-lp151.2.12.1 mariadb-test-debuginfo-10.2.31-lp151.2.12.1 mariadb-client-debuginfo-10.2.31-lp151.2.12.1 mariadb-bench-debuginfo-10.2.31-lp151.2.12.1 mariadb-tools-debuginfo-10.2.31-lp151.2.12.1 mariadb-client-10.2.31-lp151.2.12.1 noarch mariadb-errormessages-10.2.31-lp151.2.12.1 x86_64 mariadb-debugsource-10.2.31-lp151.2.12.1 mariadb-galera-10.2.31-lp151.2.12.1 mariadb-10.2.31-lp151.2.12.1 libmysqld-devel-10.2.31-lp151.2.12.1 mariadb-test-10.2.31-lp151.2.12.1 libmysqld19-debuginfo-10.2.31-lp151.2.12.1 libmysqld19-10.2.31-lp151.2.12.1 mariadb-tools-10.2.31-lp151.2.12.1 mariadb-debuginfo-10.2.31-lp151.2.12.1 mariadb-bench-10.2.31-lp151.2.12.1 mariadb-test-debuginfo-10.2.31-lp151.2.12.1 mariadb-client-debuginfo-10.2.31-lp151.2.12.1 mariadb-bench-debuginfo-10.2.31-lp151.2.12.1 mariadb-tools-debuginfo-10.2.31-lp151.2.12.1 mariadb-client-10.2.31-lp151.2.12.1
148793 - SuSE SLES 12 SP5 SUSE-SU-2020:0487-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-12528, CVE-2020-8449, CVE-2020-8450, CVE-2020-8517
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0487-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-February/006532.html
SuSE SLES 12 SP5 x86_64 squid-debugsource-4.10-4.6.1 squid-debuginfo-4.10-4.6.1 squid-4.10-4.6.1
148794 - SuSE Linux 15.1 openSUSE-SU-2020:0274-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-9674, CVE-2020-8492
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0274-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00013.html
SuSE Linux 15.1 x86_64 python3-base-3.6.10-lp151.6.11.1 python3-tools-3.6.10-lp151.6.11.1 libpython3_6m1_0-3.6.10-lp151.6.11.1 python3-curses-3.6.10-lp151.6.11.1 python3-devel-3.6.10-lp151.6.11.1 python3-devel-debuginfo-3.6.10-lp151.6.11.1 python3-curses-debuginfo-3.6.10-lp151.6.11.1 python3-tk-debuginfo-3.6.10-lp151.6.11.1 python3-base-32bit-3.6.10-lp151.6.11.1 libpython3_6m1_0-32bit-3.6.10-lp151.6.11.1 python3-testsuite-3.6.10-lp151.6.11.1 python3-debuginfo-3.6.10-lp151.6.11.1 python3-dbm-3.6.10-lp151.6.11.1 python3-debugsource-3.6.10-lp151.6.11.1 python3-base-32bit-debuginfo-3.6.10-lp151.6.11.1 python3-testsuite-debuginfo-3.6.10-lp151.6.11.1 python3-dbm-debuginfo-3.6.10-lp151.6.11.1 python3-base-debuginfo-3.6.10-lp151.6.11.1 python3-3.6.10-lp151.6.11.1 libpython3_6m1_0-32bit-debuginfo-3.6.10-lp151.6.11.1 python3-idle-3.6.10-lp151.6.11.1 python3-32bit-3.6.10-lp151.6.11.1 python3-32bit-debuginfo-3.6.10-lp151.6.11.1 python3-tk-3.6.10-lp151.6.11.1 libpython3_6m1_0-debuginfo-3.6.10-lp151.6.11.1 python3-base-debugsource-3.6.10-lp151.6.11.1 i586 python3-base-3.6.10-lp151.6.11.1 python3-tools-3.6.10-lp151.6.11.1 libpython3_6m1_0-3.6.10-lp151.6.11.1 python3-curses-3.6.10-lp151.6.11.1 python3-devel-3.6.10-lp151.6.11.1 python3-devel-debuginfo-3.6.10-lp151.6.11.1 python3-curses-debuginfo-3.6.10-lp151.6.11.1 python3-tk-debuginfo-3.6.10-lp151.6.11.1 python3-testsuite-3.6.10-lp151.6.11.1 python3-debuginfo-3.6.10-lp151.6.11.1 python3-dbm-3.6.10-lp151.6.11.1 python3-debugsource-3.6.10-lp151.6.11.1 python3-testsuite-debuginfo-3.6.10-lp151.6.11.1 python3-dbm-debuginfo-3.6.10-lp151.6.11.1 python3-base-debuginfo-3.6.10-lp151.6.11.1 python3-3.6.10-lp151.6.11.1 python3-idle-3.6.10-lp151.6.11.1 python3-tk-3.6.10-lp151.6.11.1 libpython3_6m1_0-debuginfo-3.6.10-lp151.6.11.1 python3-base-debugsource-3.6.10-lp151.6.11.1
148795 - SuSE SLES 12 SP4, 12 SP5 SUSE-SU-2020:0505-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-18901, CVE-2020-2574
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0505-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-February/006539.html
SuSE SLES 12 SP4 noarch mariadb-errormessages-10.2.31-3.25.1 x86_64 mariadb-client-debuginfo-10.2.31-3.25.1 mariadb-tools-10.2.31-3.25.1 mariadb-tools-debuginfo-10.2.31-3.25.1 mariadb-debugsource-10.2.31-3.25.1 mariadb-10.2.31-3.25.1 mariadb-debuginfo-10.2.31-3.25.1 mariadb-client-10.2.31-3.25.1
SuSE SLES 12 SP5 noarch mariadb-errormessages-10.2.31-3.25.1 x86_64 mariadb-client-debuginfo-10.2.31-3.25.1 mariadb-tools-10.2.31-3.25.1 mariadb-tools-debuginfo-10.2.31-3.25.1 mariadb-debugsource-10.2.31-3.25.1 mariadb-10.2.31-3.25.1 mariadb-debuginfo-10.2.31-3.25.1 mariadb-client-10.2.31-3.25.1
148796 - SuSE SLES 12 SP4, SLED 12 SP4 SUSE-SU-2020:0584-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-15213, CVE-2019-16994, CVE-2019-18808, CVE-2019- 19036, CVE-2019-19045, CVE-2019-19051, CVE-2019-19054, CVE-2019-19066, CVE-2019-19318, CVE-2019-19319, CVE-2019- 19332, CVE-2019-19338, CVE-2019-19447, CVE-2019-19523, CVE-2019-19524, CVE-2019-19525, CVE-2019-19526, CVE-2019- 19527, CVE-2019-19528, CVE-2019-19529, CVE-2019-19530, CVE-2019-19531, CVE-2019-19532, CVE-2019-19533, CVE-2019- 19534, CVE-2019-19535, CVE-2019-19536, CVE-2019-19537, CVE-2019-19543, CVE-2019-19767, CVE-2019-19965, CVE-2019- 19966, CVE-2019-20054, CVE-2019-20095, CVE-2019-20096, CVE-2020-2732, CVE-2020-7053, CVE-2020-8428, CVE-2020- 8648, CVE-2020-8992
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0584-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006575.html
SuSE SLED 12 SP4 x86_64 kernel-default-extra-debuginfo-4.12.14-95.48.1 kernel-default-extra-4.12.14-95.48.1 kernel-default-debuginfo-4.12.14-95.48.1 kernel-default-debugsource-4.12.14-95.48.1
SuSE SLES 12 SP4 noarch kernel-devel-4.12.14-95.48.1 kernel-source-4.12.14-95.48.1 kernel-macros-4.12.14-95.48.1 x86_64 kernel-default-base-4.12.14-95.48.1 kernel-default-4.12.14-95.48.1 kernel-default-debuginfo-4.12.14-95.48.1 kernel-default-debugsource-4.12.14-95.48.1 kernel-default-devel-debuginfo-4.12.14-95.48.1 kernel-default-devel-4.12.14-95.48.1 kernel-default-base-debuginfo-4.12.14-95.48.1 kernel-syms-4.12.14-95.48.1
148797 - SuSE SLES 12 SP4, 12 SP5 SUSE-SU-2020:0528-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-4732, CVE-2020-2583, CVE-2020-2593, CVE-2020-2604, CVE-2020-2659
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0528-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-February/006551.html
SuSE SLES 12 SP4 x86_64 java-1_8_0-ibm-alsa-1.8.0_sr6.5-30.63.1 java-1_8_0-ibm-plugin-1.8.0_sr6.5-30.63.1 java-1_8_0-ibm-1.8.0_sr6.5-30.63.1
SuSE SLES 12 SP5 x86_64 java-1_8_0-ibm-alsa-1.8.0_sr6.5-30.63.1 java-1_8_0-ibm-plugin-1.8.0_sr6.5-30.63.1 java-1_8_0-ibm-1.8.0_sr6.5-30.63.1
148798 - SuSE Linux 15.1 openSUSE-SU-2020:0250-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0250-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00099.html
SuSE Linux 15.1 x86_64 enigmail-2.1.5-lp151.2.9.1
148799 - SuSE Linux 15.1 openSUSE-SU-2020:0264-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-20030, CVE-2019-9278
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0264-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00004.html
SuSE Linux 15.1 x86_64 libexif-debugsource-0.6.21-lp151.4.3.1 libexif-devel-0.6.21-lp151.4.3.1 libexif-devel-32bit-0.6.21-lp151.4.3.1 libexif12-0.6.21-lp151.4.3.1 libexif12-debuginfo-0.6.21-lp151.4.3.1 libexif12-32bit-0.6.21-lp151.4.3.1 libexif12-32bit-debuginfo-0.6.21-lp151.4.3.1 i586 libexif-debugsource-0.6.21-lp151.4.3.1 libexif12-0.6.21-lp151.4.3.1 libexif12-debuginfo-0.6.21-lp151.4.3.1 libexif-devel-0.6.21-lp151.4.3.1
148800 - SuSE SLES 12 SP5 SUSE-SU-2020:0558-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-16994, CVE-2019-19036, CVE-2019-19045, CVE-2019- 19054, CVE-2019-19318, CVE-2019-19927, CVE-2019-19965, CVE-2020-2732, CVE-2020-7053, CVE-2020-8428, CVE-2020- 8648, CVE-2020-8992
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0558-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006562.html
SuSE SLES 12 SP5 x86_64 kernel-azure-4.12.14-16.10.1 kernel-azure-debugsource-4.12.14-16.10.1 kernel-syms-azure-4.12.14-16.10.1 kernel-azure-base-4.12.14-16.10.1 kernel-azure-devel-4.12.14-16.10.1 kernel-azure-debuginfo-4.12.14-16.10.1 kernel-azure-base-debuginfo-4.12.14-16.10.1 noarch kernel-source-azure-4.12.14-16.10.1 kernel-devel-azure-4.12.14-16.10.1
148801 - SuSE Linux 15.1 openSUSE-SU-2020:0253-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-20105
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0253-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00101.html
SuSE Linux 15.1 noarch yast2-rmt-1.2.2-lp151.2.3.1
148802 - SuSE Linux 15.1 openSUSE-SU-2020:0247-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-5208
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0247-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00093.html
SuSE Linux 15.1 x86_64 ipmitool-1.8.18-lp151.4.3.1 ipmitool-debugsource-1.8.18-lp151.4.3.1 ipmitool-debuginfo-1.8.18-lp151.4.3.1 noarch ipmitool-bmc-snmp-proxy-1.8.18-lp151.4.3.1
148803 - SuSE SLES 12 SP4 SUSE-SU-2020:0559-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-16994, CVE-2019-18808, CVE-2019-19036, CVE-2019- 19045, CVE-2019-19054, CVE-2019-19066, CVE-2019-19318, CVE-2019-19319, CVE-2019-19447, CVE-2019-19767, CVE-2019- 19965, CVE-2019-19966, CVE-2019-20054, CVE-2019-20095, CVE-2019-20096, CVE-2020-2732, CVE-2020-7053, CVE-2020- 8428, CVE-2020-8648, CVE-2020-8992
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0559-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006564.html
SuSE SLES 12 SP4 x86_64 kernel-syms-azure-4.12.14-6.37.1 kernel-azure-debuginfo-4.12.14-6.37.1 kernel-azure-debugsource-4.12.14-6.37.1 kernel-azure-devel-4.12.14-6.37.1 kernel-azure-base-debuginfo-4.12.14-6.37.1 kernel-azure-4.12.14-6.37.1 kernel-azure-base-4.12.14-6.37.1 noarch kernel-devel-azure-4.12.14-6.37.1 kernel-source-azure-4.12.14-6.37.1
148804 - SuSE Linux 15.1 openSUSE-SU-2020:0302-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-3687, CVE-2020-8013
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0302-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00040.html
SuSE Linux 15.1 i586 permissions-20181116-lp151.4.12.1 permissions-debuginfo-20181116-lp151.4.12.1 permissions-debugsource-20181116-lp151.4.12.1 noarch permissions-zypp-plugin-20181116-lp151.4.12.1 x86_64 permissions-20181116-lp151.4.12.1 permissions-debuginfo-20181116-lp151.4.12.1 permissions-debugsource-20181116-lp151.4.12.1
148805 - SuSE SLED 15 SP1 SUSE-SU-2020:0560-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-15213, CVE-2019-16746, CVE-2019-16994, CVE-2019- 18808, CVE-2019-19036, CVE-2019-19045, CVE-2019-19051, CVE-2019-19054, CVE-2019-19066, CVE-2019-19318, CVE-2019- 19319, CVE-2019-19332, CVE-2019-19338, CVE-2019-19447, CVE-2019-19523, CVE-2019-19526, CVE-2019-19527, CVE-2019- 19532, CVE-2019-19533, CVE-2019-19535, CVE-2019-19537, CVE-2019-19767, CVE-2019-19927, CVE-2019-19965, CVE-2019- 19966, CVE-2019-20054, CVE-2019-20095, CVE-2019-20096, CVE-2020-2732, CVE-2020-7053, CVE-2020-8428, CVE-2020- 8648, CVE-2020-8992
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0560-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006566.html
SuSE SLED 15 SP1 x86_64 kernel-default-debuginfo-4.12.14-197.34.1 kernel-default-extra-debuginfo-4.12.14-197.34.1 kernel-default-extra-4.12.14-197.34.1 kernel-default-debugsource-4.12.14-197.34.1
148806 - SuSE Linux 15.1 openSUSE-SU-2020:0278-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0278-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-03/msg00016.html
SuSE Linux 15.1 i586 typelib-1_0-JavaScriptCore-4_0-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-debuginfo-2.26.4-lp151.2.12.1 webkit2gtk-4_0-injected-bundles-debuginfo-2.26.4-lp151.2.12.1 typelib-1_0-WebKit2-4_0-2.26.4-lp151.2.12.1 webkit2gtk3-devel-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-2.26.4-lp151.2.12.1 webkit-jsc-4-debuginfo-2.26.4-lp151.2.12.1 webkit2gtk-4_0-injected-bundles-2.26.4-lp151.2.12.1 webkit-jsc-4-2.26.4-lp151.2.12.1 typelib-1_0-WebKit2WebExtension-4_0-2.26.4-lp151.2.12.1 webkit2gtk3-debugsource-2.26.4-lp151.2.12.1 webkit2gtk3-minibrowser-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-2.26.4-lp151.2.12.1 webkit2gtk3-minibrowser-debuginfo-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-debuginfo-2.26.4-lp151.2.12.1 noarch libwebkit2gtk3-lang-2.26.4-lp151.2.12.1 x86_64 typelib-1_0-JavaScriptCore-4_0-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-debuginfo-2.26.4-lp151.2.12.1 webkit2gtk-4_0-injected-bundles-debuginfo-2.26.4-lp151.2.12.1 typelib-1_0-WebKit2-4_0-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-32bit-2.26.4-lp151.2.12.1 webkit2gtk3-devel-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-2.26.4-lp151.2.12.1 webkit-jsc-4-debuginfo-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-32bit-debuginfo-2.26.4-lp151.2.12.1 libwebkit2gtk-4_0-37-32bit-2.26.4-lp151.2.12.1 webkit2gtk-4_0-injected-bundles-2.26.4-lp151.2.12.1 webkit-jsc-4-2.26.4-lp151.2.12.1 typelib-1_0-WebKit2WebExtension-4_0-2.26.4-lp151.2.12.1 webkit2gtk3-debugsource-2.26.4-lp151.2.12.1 webkit2gtk3-minibrowser-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-2.26.4-lp151.2.12.1 webkit2gtk3-minibrowser-debuginfo-2.26.4-lp151.2.12.1 libjavascriptcoregtk-4_0-18-debuginfo-2.26.4-lp151.2.12.1
148807 - SuSE Linux 15.1 openSUSE-SU-2020:0255-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-18900
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0255-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00106.html
SuSE Linux 15.1 i586 libzypp-17.19.0-lp151.2.10.1 zypper-1.14.33-lp151.2.10.1 perl-solv-debuginfo-0.7.10-lp151.2.10.1 libsolv-tools-debuginfo-0.7.10-lp151.2.10.1 libsolv-debugsource-0.7.10-lp151.2.10.1 ruby-solv-0.7.10-lp151.2.10.1 python3-solv-0.7.10-lp151.2.10.1 python-solv-0.7.10-lp151.2.10.1 zypper-debuginfo-1.14.33-lp151.2.10.1 libzypp-debuginfo-17.19.0-lp151.2.10.1 libsolv-devel-0.7.10-lp151.2.10.1 libzypp-devel-17.19.0-lp151.2.10.1 libsolv-devel-debuginfo-0.7.10-lp151.2.10.1 libsolv-demo-debuginfo-0.7.10-lp151.2.10.1 libsolv-tools-0.7.10-lp151.2.10.1 ruby-solv-debuginfo-0.7.10-lp151.2.10.1 libzypp-debugsource-17.19.0-lp151.2.10.1 zypper-debugsource-1.14.33-lp151.2.10.1 python3-solv-debuginfo-0.7.10-lp151.2.10.1 python-solv-debuginfo-0.7.10-lp151.2.10.1 perl-solv-0.7.10-lp151.2.10.1 libzypp-devel-doc-17.19.0-lp151.2.10.1 libsolv-demo-0.7.10-lp151.2.10.1 libsolv-debuginfo-0.7.10-lp151.2.10.1 noarch zypper-needs-restarting-1.14.33-lp151.2.10.1 zypper-aptitude-1.14.33-lp151.2.10.1 zypper-log-1.14.33-lp151.2.10.1 x86_64 libzypp-17.19.0-lp151.2.10.1 zypper-1.14.33-lp151.2.10.1 perl-solv-debuginfo-0.7.10-lp151.2.10.1 libsolv-tools-debuginfo-0.7.10-lp151.2.10.1 libsolv-debugsource-0.7.10-lp151.2.10.1 ruby-solv-0.7.10-lp151.2.10.1 python3-solv-0.7.10-lp151.2.10.1 python-solv-0.7.10-lp151.2.10.1 zypper-debuginfo-1.14.33-lp151.2.10.1 libzypp-debuginfo-17.19.0-lp151.2.10.1 libsolv-devel-0.7.10-lp151.2.10.1 libzypp-devel-17.19.0-lp151.2.10.1 libsolv-devel-debuginfo-0.7.10-lp151.2.10.1 libsolv-demo-debuginfo-0.7.10-lp151.2.10.1 libsolv-tools-0.7.10-lp151.2.10.1 ruby-solv-debuginfo-0.7.10-lp151.2.10.1 libzypp-debugsource-17.19.0-lp151.2.10.1 zypper-debugsource-1.14.33-lp151.2.10.1 python3-solv-debuginfo-0.7.10-lp151.2.10.1 python-solv-debuginfo-0.7.10-lp151.2.10.1 perl-solv-0.7.10-lp151.2.10.1 libzypp-devel-doc-17.19.0-lp151.2.10.1 libsolv-demo-0.7.10-lp151.2.10.1 libsolv-debuginfo-0.7.10-lp151.2.10.1
148808 - SuSE SLES 12 SP5, SLED 12 SP5 SUSE-SU-2020:0580-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-16994, CVE-2019-18808, CVE-2019-19036, CVE-2019- 19045, CVE-2019-19054, CVE-2019-19318, CVE-2019-19319, CVE-2019-19447, CVE-2019-19767, CVE-2019-19927, CVE-2019- 19965, CVE-2019-19966, CVE-2019-20054, CVE-2019-20095, CVE-2019-20096, CVE-2020-7053, CVE-2020-8428, CVE-2020- 8648, CVE-2020-8992
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0580-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006576.html http://lists.suse.com/pipermail/sle-security-updates/2020-March/006577.html
SuSE SLED 12 SP5 x86_64 kernel-default-extra-debuginfo-4.12.14-122.17.1 kernel-default-debugsource-4.12.14-122.17.1 kernel-default-extra-4.12.14-122.17.1 kernel-default-debuginfo-4.12.14-122.17.1
SuSE SLES 12 SP5 noarch kernel-macros-4.12.14-122.17.1 kernel-source-4.12.14-122.17.1 kernel-devel-4.12.14-122.17.1 x86_64 kernel-default-base-debuginfo-4.12.14-122.17.1 kernel-default-debugsource-4.12.14-122.17.1 kernel-syms-4.12.14-122.17.1 kernel-default-debuginfo-4.12.14-122.17.1 kernel-default-devel-debuginfo-4.12.14-122.17.1 kernel-default-4.12.14-122.17.1 kernel-default-base-4.12.14-122.17.1 kernel-default-devel-4.12.14-122.17.1
160686 - CentOS 6 CESA-2020-0631 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597
Description The scan detected that the host is missing the following update: CESA-2020-0631
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035650.html
CentOS 6 x86_64 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10 i686 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10
160687 - CentOS 7 CESA-2020-0578 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2019-16865, CVE-2020-5312
Description The scan detected that the host is missing the following update: CESA-2020-0578
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035646.html
CentOS 7 x86_64 python-pillow-qt-2.0.0-20.gitd1c6db8.el7_7 python-pillow-sane-2.0.0-20.gitd1c6db8.el7_7 python-pillow-devel-2.0.0-20.gitd1c6db8.el7_7 python-pillow-2.0.0-20.gitd1c6db8.el7_7 python-pillow-tk-2.0.0-20.gitd1c6db8.el7_7 python-pillow-doc-2.0.0-20.gitd1c6db8.el7_7 i686 python-pillow-2.0.0-20.gitd1c6db8.el7_7 python-pillow-devel-2.0.0-20.gitd1c6db8.el7_7
160688 - CentOS 7 CESA-2020-0568 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2019-14868
Description The scan detected that the host is missing the following update: CESA-2020-0568
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035647.html
CentOS 7 x86_64 ksh-20120801-140.el7_7
160689 - CentOS 7 CESA-2020-0374 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2019-14816, CVE-2019-14895, CVE-2019-14898, CVE-2019-14901, CVE-2019-17133
Description The scan detected that the host is missing the following update: CESA-2020-0374
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035645.html
CentOS 7 x86_64 kernel-debug-3.10.0-1062.12.1.el7 kernel-tools-libs-3.10.0-1062.12.1.el7 kernel-tools-libs-devel-3.10.0-1062.12.1.el7 kernel-debug-devel-3.10.0-1062.12.1.el7 kernel-devel-3.10.0-1062.12.1.el7 python-perf-3.10.0-1062.12.1.el7 kernel-headers-3.10.0-1062.12.1.el7 kernel-tools-3.10.0-1062.12.1.el7 kernel-3.10.0-1062.12.1.el7 bpftool-3.10.0-1062.12.1.el7 perf-3.10.0-1062.12.1.el7 noarch kernel-abi-whitelists-3.10.0-1062.12.1.el7 kernel-doc-3.10.0-1062.12.1.el7
160690 - CentOS 7 CESA-2020-0703 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2019-15605
Description The scan detected that the host is missing the following update: CESA-2020-0703
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-March/035655.html
CentOS 7 x86_64 http-parser-devel-2.7.1-8.el7_7.2 http-parser-2.7.1-8.el7_7.2 i686 http-parser-devel-2.7.1-8.el7_7.2 http-parser-2.7.1-8.el7_7.2
160691 - CentOS 6 CESA-2020-0702 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2018-1311
Description The scan detected that the host is missing the following update: CESA-2020-0702
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-March/035653.html
CentOS 6 i686 xerces-c-3.0.1-21.el6_10 xerces-c-devel-3.0.1-21.el6_10 noarch xerces-c-doc-3.0.1-21.el6_10 x86_64 xerces-c-3.0.1-21.el6_10 xerces-c-devel-3.0.1-21.el6_10
160692 - CentOS 6 CESA-2020-0574 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800
Description The scan detected that the host is missing the following update: CESA-2020-0574
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035649.html
CentOS 6 x86_64 thunderbird-68.5.0-1.el6.centos i686 thunderbird-68.5.0-1.el6.centos
160693 - CentOS 7 CESA-2020-0704 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2018-1311
Description The scan detected that the host is missing the following update: CESA-2020-0704
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-March/035654.html
CentOS 7 i686 xerces-c-3.1.1-10.el7_7 xerces-c-devel-3.1.1-10.el7_7 noarch xerces-c-doc-3.1.1-10.el7_7 x86_64 xerces-c-3.1.1-10.el7_7 xerces-c-devel-3.1.1-10.el7_7 160694 - CentOS 6 CESA-2020-0632 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659
Description The scan detected that the host is missing the following update: CESA-2020-0632
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035651.html
CentOS 6 i686 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10 noarch java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.el6_10 x86_64 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10
160695 - CentOS 7 CESA-2020-0576 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800
Description The scan detected that the host is missing the following update: CESA-2020-0576
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035648.html
CentOS 7 x86_64 thunderbird-68.5.0-1.el7.centos
160696 - CentOS 7 CESA-2020-0630 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597
Description The scan detected that the host is missing the following update: CESA-2020-0630
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2020-February/035652.html
CentOS 7 x86_64 ppp-devel-2.4.5-34.el7_7 ppp-2.4.5-34.el7_7 i686 ppp-devel-2.4.5-34.el7_7
164137 - Oracle Enterprise Linux ELSA-2020-0630 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597
Description The scan detected that the host is missing the following update: ELSA-2020-0630
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2020-February/009666.html
OEL7 x86_64 ppp-devel-2.4.5-34.el7_7 ppp-2.4.5-34.el7_7
164138 - Oracle Enterprise Linux ELSA-2020-0632 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659
Description The scan detected that the host is missing the following update: ELSA-2020-0632
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2020-February/009668.html
OEL6 x86_64 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.0.1.el6_10 i386 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.0.1.el6_10 java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.0.1.el6_10
164139 - Oracle Enterprise Linux ELSA-2020-0631 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597
Description The scan detected that the host is missing the following update: ELSA-2020-0631
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2020-February/009667.html
OEL6 x86_64 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10 i386 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10
164140 - Oracle Enterprise Linux ELSA-2020-0633 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597
Description The scan detected that the host is missing the following update: ELSA-2020-0633
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2020-February/009670.html
OEL8 x86_64 ppp-devel-2.4.7-26.el8_1 ppp-2.4.7-26.el8_1
183208 - FreeBSD TiMidity++ Multiple Vulnerabilities (d37407bd-5c5f-11ea-bb2a-8c164582fbac)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2017-11546, CVE-2017-11547, CVE-2017-11549
Description The scan detected that the host is missing the following update: TiMidity++ -- Multiple vulnerabilities (d37407bd-5c5f-11ea-bb2a-8c164582fbac)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/d37407bd-5c5f-11ea-bb2a-8c164582fbac.html
Affected packages: timidity++ < 2.15.0 timidity++-emacs < 2.15.0 timidity++-gtk < 2.15.0 timidity++-motif < 2.15.0 timidity++-slang < 2.15.0 timidity++-tcltk < 2.15.0 timidity++-xaw < 2.15.0 timidity++-xskin < 2.15.0
196615 - Red Hat Enterprise Linux RHSA-2020-0702 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-1311
Description The scan detected that the host is missing the following update: RHSA-2020-0702
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-March/msg00009.html
RHEL6D i386 xerces-c-devel-3.0.1-21.el6_10 xerces-c-debuginfo-3.0.1-21.el6_10 xerces-c-3.0.1-21.el6_10 noarch xerces-c-doc-3.0.1-21.el6_10 x86_64 xerces-c-devel-3.0.1-21.el6_10 xerces-c-debuginfo-3.0.1-21.el6_10 xerces-c-3.0.1-21.el6_10
RHEL6S i386 xerces-c-devel-3.0.1-21.el6_10 xerces-c-debuginfo-3.0.1-21.el6_10 xerces-c-3.0.1-21.el6_10 noarch xerces-c-doc-3.0.1-21.el6_10 x86_64 xerces-c-devel-3.0.1-21.el6_10 xerces-c-debuginfo-3.0.1-21.el6_10 xerces-c-3.0.1-21.el6_10
196616 - Red Hat Enterprise Linux RHSA-2020-0704 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-1311
Description The scan detected that the host is missing the following update: RHSA-2020-0704
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-March/msg00011.html
RHEL7D x86_64 xerces-c-devel-3.1.1-10.el7_7 xerces-c-debuginfo-3.1.1-10.el7_7 xerces-c-3.1.1-10.el7_7 noarch xerces-c-doc-3.1.1-10.el7_7
RHEL7S noarch xerces-c-doc-3.1.1-10.el7_7 x86_64 xerces-c-devel-3.1.1-10.el7_7 xerces-c-debuginfo-3.1.1-10.el7_7 xerces-c-3.1.1-10.el7_7
RHEL7WS x86_64 xerces-c-devel-3.1.1-10.el7_7 xerces-c-debuginfo-3.1.1-10.el7_7 xerces-c-3.1.1-10.el7_7 noarch xerces-c-doc-3.1.1-10.el7_7
196617 - Red Hat Enterprise Linux RHSA-2020-0632 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659
Description The scan detected that the host is missing the following update: RHSA-2020-0632
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-February/msg00082.html
RHEL6D i386 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10 noarch java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.el6_10 x86_64 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10
RHEL6S i386 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10 noarch java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.el6_10 x86_64 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10
RHEL6WS x86_64 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10 i386 java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10 java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10
196618 - Red Hat Enterprise Linux RHSA-2020-0630 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597
Description The scan detected that the host is missing the following update: RHSA-2020-0630
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-February/msg00080.html
RHEL7D x86_64 ppp-devel-2.4.5-34.el7_7 ppp-debuginfo-2.4.5-34.el7_7 ppp-2.4.5-34.el7_7
RHEL7S x86_64 ppp-devel-2.4.5-34.el7_7 ppp-debuginfo-2.4.5-34.el7_7 ppp-2.4.5-34.el7_7
RHEL7WS x86_64 ppp-devel-2.4.5-34.el7_7 ppp-debuginfo-2.4.5-34.el7_7 ppp-2.4.5-34.el7_7
196619 - Red Hat Enterprise Linux RHSA-2020-0631 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2020-8597
Description The scan detected that the host is missing the following update: RHSA-2020-0631 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-February/msg00084.html
RHEL6D x86_64 ppp-debuginfo-2.4.5-11.el6_10 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10 i386 ppp-debuginfo-2.4.5-11.el6_10 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10
RHEL6S i386 ppp-debuginfo-2.4.5-11.el6_10 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10 x86_64 ppp-debuginfo-2.4.5-11.el6_10 ppp-2.4.5-11.el6_10 ppp-devel-2.4.5-11.el6_10
RHEL6WS x86_64 ppp-2.4.5-11.el6_10 ppp-debuginfo-2.4.5-11.el6_10 i386 ppp-2.4.5-11.el6_10 ppp-debuginfo-2.4.5-11.el6_10
196620 - Red Hat Enterprise Linux RHSA-2020-0703 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2019-15605
Description The scan detected that the host is missing the following update: RHSA-2020-0703
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-March/msg00010.html
RHEL7D x86_64 http-parser-debuginfo-2.7.1-8.el7_7.2 http-parser-2.7.1-8.el7_7.2 http-parser-devel-2.7.1-8.el7_7.2
RHEL7S x86_64 http-parser-debuginfo-2.7.1-8.el7_7.2 http-parser-2.7.1-8.el7_7.2 http-parser-devel-2.7.1-8.el7_7.2
RHEL7WS x86_64 http-parser-debuginfo-2.7.1-8.el7_7.2 http-parser-2.7.1-8.el7_7.2 http-parser-devel-2.7.1-8.el7_7.2
196621 - Red Hat Enterprise Linux RHSA-2020-0726 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2019-18634
Description The scan detected that the host is missing the following update: RHSA-2020-0726
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2020-March/msg00019.html
RHEL6D x86_64 sudo-1.8.6p3-29.el6_10.3 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-devel-1.8.6p3-29.el6_10.3 i386 sudo-1.8.6p3-29.el6_10.3 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-devel-1.8.6p3-29.el6_10.3
RHEL6S i386 sudo-1.8.6p3-29.el6_10.3 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-devel-1.8.6p3-29.el6_10.3 x86_64 sudo-1.8.6p3-29.el6_10.3 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-devel-1.8.6p3-29.el6_10.3
RHEL6WS x86_64 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-1.8.6p3-29.el6_10.3 i386 sudo-debuginfo-1.8.6p3-29.el6_10.3 sudo-1.8.6p3-29.el6_10.3
26142 - Mozilla Thunderbird Vulnerabilities Prior To 68.5
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800
Description Multiple vulnerabilities are present in some versions of Mozilla Thunderbird.
Observation Mozilla Thunderbird is an open-source email, newsgroup, news feed, and chat client.
Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition or execute arbitrary code on the target system.
26143 - IBM WebSphere Application Server Vulnerability (CVE-2019-2989)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2019-2989
Description A vulnerability is present in some versions of IBM WebSphere Application Server.
Observation IBM WebSphere Application Server is a server engine for Java EE Web applications.
A vulnerability is present in some versions of IBM WebSphere Application Server. The flaw lies in the IBM Java SDK. Successful exploitation could allow an attacker to affect the integrity of the target system.
148779 - SuSE SLES 12 SP4, 12 SP5 SUSE-SU-2020:0555-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-18074
Description The scan detected that the host is missing the following update: SUSE-SU-2020:0555-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-March/006561.html
SuSE SLES 12 SP4 noarch python3-asn1crypto-0.24.0-2.5.1 python3-packaging-17.1-2.5.1 python-asn1crypto-0.24.0-2.5.1 python-packaging-17.1-2.5.1 x86_64 python-PyYAML-5.1.2-26.9.4 python-PyYAML-debugsource-5.1.2-26.9.4 python-PyYAML-debuginfo-5.1.2-26.9.4
SuSE SLES 12 SP5 noarch python3-asn1crypto-0.24.0-2.5.1 python3-packaging-17.1-2.5.1 python-requests-2.20.1-8.7.7 python-asn1crypto-0.24.0-2.5.1 python-packaging-17.1-2.5.1 x86_64 python-PyYAML-5.1.2-26.9.4 python-PyYAML-debugsource-5.1.2-26.9.4 python-PyYAML-debuginfo-5.1.2-26.9.4
171198 - Amazon Linux AMI ALAS-2020-1347 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2020-7059, CVE-2020-7060
Description The scan detected that the host is missing the following update: ALAS-2020-1347
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://alas.aws.amazon.com/ALAS-2020-1347.html
Amazon Linux AMI x86_64 php73-intl-7.3.14-1.23.amzn1 php73-pspell-7.3.14-1.23.amzn1 php73-recode-7.3.14-1.23.amzn1 php73-mysqlnd-7.3.14-1.23.amzn1 php73-gd-7.3.14-1.23.amzn1 php73-7.3.14-1.23.amzn1 php73-ldap-7.3.14-1.23.amzn1 php73-fpm-7.3.14-1.23.amzn1 php73-dbg-7.3.14-1.23.amzn1 php73-pdo-7.3.14-1.23.amzn1 php73-mbstring-7.3.14-1.23.amzn1 php73-pgsql-7.3.14-1.23.amzn1 php73-common-7.3.14-1.23.amzn1 php73-devel-7.3.14-1.23.amzn1 php73-enchant-7.3.14-1.23.amzn1 php73-pdo-dblib-7.3.14-1.23.amzn1 php73-process-7.3.14-1.23.amzn1 php73-embedded-7.3.14-1.23.amzn1 php73-soap-7.3.14-1.23.amzn1 php73-gmp-7.3.14-1.23.amzn1 php73-json-7.3.14-1.23.amzn1 php73-cli-7.3.14-1.23.amzn1 php73-bcmath-7.3.14-1.23.amzn1 php73-snmp-7.3.14-1.23.amzn1 php73-opcache-7.3.14-1.23.amzn1 php73-xmlrpc-7.3.14-1.23.amzn1 php73-tidy-7.3.14-1.23.amzn1 php73-odbc-7.3.14-1.23.amzn1 php73-dba-7.3.14-1.23.amzn1 php73-debuginfo-7.3.14-1.23.amzn1 php73-imap-7.3.14-1.23.amzn1 php73-xml-7.3.14-1.23.amzn1 i686 php73-intl-7.3.14-1.23.amzn1 php73-pspell-7.3.14-1.23.amzn1 php73-recode-7.3.14-1.23.amzn1 php73-mysqlnd-7.3.14-1.23.amzn1 php73-gd-7.3.14-1.23.amzn1 php73-7.3.14-1.23.amzn1 php73-ldap-7.3.14-1.23.amzn1 php73-fpm-7.3.14-1.23.amzn1 php73-dbg-7.3.14-1.23.amzn1 php73-pdo-7.3.14-1.23.amzn1 php73-mbstring-7.3.14-1.23.amzn1 php73-common-7.3.14-1.23.amzn1 php73-devel-7.3.14-1.23.amzn1 php73-enchant-7.3.14-1.23.amzn1 php73-pdo-dblib-7.3.14-1.23.amzn1 php73-process-7.3.14-1.23.amzn1 php73-embedded-7.3.14-1.23.amzn1 php73-pgsql-7.3.14-1.23.amzn1 php73-snmp-7.3.14-1.23.amzn1 php73-json-7.3.14-1.23.amzn1 php73-gmp-7.3.14-1.23.amzn1 php73-cli-7.3.14-1.23.amzn1 php73-bcmath-7.3.14-1.23.amzn1 php73-soap-7.3.14-1.23.amzn1 php73-opcache-7.3.14-1.23.amzn1 php73-xmlrpc-7.3.14-1.23.amzn1 php73-tidy-7.3.14-1.23.amzn1 php73-odbc-7.3.14-1.23.amzn1 php73-dba-7.3.14-1.23.amzn1 php73-debuginfo-7.3.14-1.23.amzn1 php73-imap-7.3.14-1.23.amzn1 php73-xml-7.3.14-1.23.amzn1
171199 - Amazon Linux AMI ALAS-2020-1346 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2020-7059, CVE-2020-7060
Description The scan detected that the host is missing the following update: ALAS-2020-1346 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://alas.aws.amazon.com/ALAS-2020-1346.html
Amazon Linux AMI x86_64 php72-cli-7.2.27-1.20.amzn1 php72-opcache-7.2.27-1.20.amzn1 php72-embedded-7.2.27-1.20.amzn1 php72-json-7.2.27-1.20.amzn1 php72-mysqlnd-7.2.27-1.20.amzn1 php72-xml-7.2.27-1.20.amzn1 php72-xmlrpc-7.2.27-1.20.amzn1 php72-intl-7.2.27-1.20.amzn1 php72-snmp-7.2.27-1.20.amzn1 php72-process-7.2.27-1.20.amzn1 php72-common-7.2.27-1.20.amzn1 php72-ldap-7.2.27-1.20.amzn1 php72-pdo-7.2.27-1.20.amzn1 php72-bcmath-7.2.27-1.20.amzn1 php72-gmp-7.2.27-1.20.amzn1 php72-dba-7.2.27-1.20.amzn1 php72-debuginfo-7.2.27-1.20.amzn1 php72-recode-7.2.27-1.20.amzn1 php72-enchant-7.2.27-1.20.amzn1 php72-imap-7.2.27-1.20.amzn1 php72-mbstring-7.2.27-1.20.amzn1 php72-soap-7.2.27-1.20.amzn1 php72-gd-7.2.27-1.20.amzn1 php72-odbc-7.2.27-1.20.amzn1 php72-fpm-7.2.27-1.20.amzn1 php72-pgsql-7.2.27-1.20.amzn1 php72-tidy-7.2.27-1.20.amzn1 php72-devel-7.2.27-1.20.amzn1 php72-pspell-7.2.27-1.20.amzn1 php72-pdo-dblib-7.2.27-1.20.amzn1 php72-7.2.27-1.20.amzn1 php72-dbg-7.2.27-1.20.amzn1 i686 php72-ldap-7.2.27-1.20.amzn1 php72-opcache-7.2.27-1.20.amzn1 php72-embedded-7.2.27-1.20.amzn1 php72-json-7.2.27-1.20.amzn1 php72-mysqlnd-7.2.27-1.20.amzn1 php72-xml-7.2.27-1.20.amzn1 php72-xmlrpc-7.2.27-1.20.amzn1 php72-intl-7.2.27-1.20.amzn1 php72-cli-7.2.27-1.20.amzn1 php72-dbg-7.2.27-1.20.amzn1 php72-snmp-7.2.27-1.20.amzn1 php72-process-7.2.27-1.20.amzn1 php72-common-7.2.27-1.20.amzn1 php72-pdo-7.2.27-1.20.amzn1 php72-bcmath-7.2.27-1.20.amzn1 php72-gmp-7.2.27-1.20.amzn1 php72-dba-7.2.27-1.20.amzn1 php72-debuginfo-7.2.27-1.20.amzn1 php72-recode-7.2.27-1.20.amzn1 php72-imap-7.2.27-1.20.amzn1 php72-mbstring-7.2.27-1.20.amzn1 php72-soap-7.2.27-1.20.amzn1 php72-gd-7.2.27-1.20.amzn1 php72-odbc-7.2.27-1.20.amzn1 php72-fpm-7.2.27-1.20.amzn1 php72-pgsql-7.2.27-1.20.amzn1 php72-tidy-7.2.27-1.20.amzn1 php72-devel-7.2.27-1.20.amzn1 php72-pspell-7.2.27-1.20.amzn1 php72-pdo-dblib-7.2.27-1.20.amzn1 php72-7.2.27-1.20.amzn1 php72-enchant-7.2.27-1.20.amzn1
26144 - IBM Websphere Application Server Vulnerability (CVE-2019-4670)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2019-4670
Description A vulnerability is present in some versions of IBM WebSphere Application Server.
Observation IBM WebSphere Application Server is a server engine for Java EE Web applications.
A vulnerability is present in some versions of IBM WebSphere Application Server. The flaw is due to improper data representation. Successful exploitation could allow a remote attacker to disclose sensitive information on the target.
148778 - SuSE Linux 15.1 openSUSE-SU-2020:0261-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2019-0804
Description The scan detected that the host is missing the following update: openSUSE-SU-2020:0261-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-02/msg00108.html
SuSE Linux 15.1 noarch python-azure-agent-2.2.45-lp151.2.3.1 python-azure-agent-test-2.2.45-lp151.2.3.1
26137 - IBM WebSphere Application Server Vulnerability (1127367) Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Low CVE: CVE-2019-4663
Description A vulnerability is present in some versions of IBM WebSphere Application Server Liberty.
Observation IBM WebSphere Application Server Liberty is a server engine for Java EE Web applications.
A vulnerability is present in some versions of IBM WebSphere Application Server Liberty. The flaw lies in Admin Center. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.
26145 - PostgreSQL Core Server Vulnerability (CVE-2020-1720)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Low CVE: CVE-2020-1720
Description A vulnerability is present in some versions of PostgreSQL.
Observation PostgreSQL is an open-source object-relational database management system.
A vulnerability is present in some versions of PostgreSQL. The flaw lies in the core server. Successful exploitation could allow an attacker to affect integrity of the target system.
131537 - Debian Linux 10.0 DSA-4636-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2020-6802
Description The scan detected that the host is missing the following update: DSA-4636-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2020/dsa-4636
Debian 10.0 all python-bleach_3.1.1-0+deb10u1
131538 - Debian Linux 10.0, 9.0 DSA-4634-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2020-8794
Description The scan detected that the host is missing the following update: DSA-4634-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2020/dsa-4634
Debian 9.0 all opensmtpd_6.0.2p1-2+deb9u3
Debian 10.0 all opensmtpd_6.0.3p1-5+deb10u4
131539 - Debian Linux 10.0, 9.0 DSA-4635-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2020-9273
Description The scan detected that the host is missing the following update: DSA-4635-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2020/dsa-4635
Debian 9.0 all proftpd-mod-mysql_1.3.5b-4+deb9u4 proftpd-doc_1.3.5b-4+deb9u4 proftpd-mod-ldap_1.3.5b-4+deb9u4 proftpd-mod-geoip_1.3.5b-4+deb9u4 proftpd-basic_1.3.5b-4+deb9u4 proftpd-mod-pgsql_1.3.5b-4+deb9u4 proftpd-dev_1.3.5b-4+deb9u4 proftpd-mod-sqlite_1.3.5b-4+deb9u4 proftpd-mod-odbc_1.3.5b-4+deb9u4
Debian 10.0 all proftpd-mod-ldap_1.3.6-4+deb10u4 proftpd-doc_1.3.6-4+deb10u4 proftpd-dev_1.3.6-4+deb10u4 proftpd-mod-odbc_1.3.6-4+deb10u4 proftpd-basic_1.3.6-4+deb10u4 proftpd-mod-geoip_1.3.6-4+deb10u4 proftpd-mod-sqlite_1.3.6-4+deb10u4 proftpd-mod-snmp_1.3.6-4+deb10u4 proftpd-mod-pgsql_1.3.6-4+deb10u4 proftpd-mod-mysql_1.3.6-4+deb10u4
183206 - FreeBSD ntp Multiple Vulnerabilities (591a706b-5cdc-11ea-9a0a-206a8a720317)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: ntp -- Multiple vulnerabilities (591a706b-5cdc-11ea-9a0a-206a8a720317)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/591a706b-5cdc-11ea-9a0a-206a8a720317.html
Affected packages: 11.3 <= FreeBSD < 11.3_7 12.0 <= FreeBSD < 12.0_14 12.1 <= FreeBSD < 12.1_3 ntp < 4.2.8p14 ntp-devel <= 4.3.99_6
183207 - FreeBSD librsvg2 Multiple Vulnabilities (b66583ae-5aee-4cd5-bb31-b2d397f8b6b3)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2019-20446
Description The scan detected that the host is missing the following update: librsvg2 -- multiple vulnabilities (b66583ae-5aee-4cd5-bb31-b2d397f8b6b3)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/b66583ae-5aee-4cd5-bb31-b2d397f8b6b3.html
Affected packages: librsvg2 < 2.40.21 2.41.0 <= librsvg2-rust < 2.46.3
183209 - FreeBSD Solr Multiple Vulnerabilities (e59cb761-5ad8-11ea-abb7-001b217b3468)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2019-17558 Description The scan detected that the host is missing the following update: Solr -- multiple vulnerabilities (e59cb761-5ad8-11ea-abb7-001b217b3468)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/e59cb761-5ad8-11ea-abb7-001b217b3468.html
Affected packages: apache-solr < 8.3.1
ENHANCED CHECKS
The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 183202 - FreeBSD LPE And RCE In OpenSMTPD's Default Install (f0683976-5779-11ea-8a77-1c872ccb1e42)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2020-8793, CVE-2020-8794
Update Details FASLScript is updated
HOW TO UPDATE
FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.
FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.
MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.
MCAFEE TECHNICAL SUPPORT
ServicePortal: https://mysupport.mcafee.com Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.
Copyright 2020 McAfee, Inc. McAfee is a registered trademark of McAfee, Inc. and/or its affiliates