2016-OCT-13 FSL version 7.5.857

MCAFEE FOUNDSTONE FSL UPDATE

To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.

NEW CHECKS

191256 - Fedora Linux 25 FEDORA-2016-81e5a36d8c Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-7116, CVE-2016-7161, CVE-2016-7777

Description The scan detected that the host is missing the following update: FEDORA-2016-81e5a36d8c

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 25 xen-4.7.0-6.fc25

130604 - Linux 8.0 DSA-3688-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2015-4000, CVE-2015-7181, CVE-2015-7182, CVE-2015-7575, CVE-2016-1938, CVE-2016-1950, CVE-2016-1978, CVE- 2016-1979, CVE-2016-2834

Description The scan detected that the host is missing the following update: DSA-3688-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3688

Debian 8.0 all libnss3-tools_2:3.26-1+debu8u1 libnss3-1d_2:3.26-1+debu8u1 libnss3_2:3.26-1+debu8u1 libnss3-dbg_2:3.26-1+debu8u1 libnss3-dev_2:3.26-1+debu8u1 144916 - SuSE Linux 13.2 openSUSE-SU-2016:2496-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1669, CVE-2016-2178, CVE-2016-2183, CVE-2016-5325, CVE-2016-6304, CVE-2016-6306, CVE-2016-7052, CVE- 2016-7099

Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2496-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-10/msg00032.html

SuSE Linux 13.2 i586 nodejs-devel-4.6.0-24.2 nodejs-debugsource-4.6.0-24.2 nodejs-debuginfo-4.6.0-24.2 nodejs-4.6.0-24.2 noarch nodejs-doc-4.6.0-24.2 x86_64 nodejs-devel-4.6.0-24.2 nodejs-debugsource-4.6.0-24.2 nodejs-debuginfo-4.6.0-24.2 nodejs-4.6.0-24.2

178220 - GLSA-201610-05 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2014-0032, CVE-2014-3504, CVE-2014-3522, CVE-2014-3528, CVE-2015-0202, CVE-2015-0248, CVE-2015-0251, CVE- 2015-3184, CVE-2015-3187, CVE-2015-5259, CVE-2016-2167, CVE-2016-2168

Description The scan detected that the host is missing the following update: GLSA-201610-05

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-05

Affected packages: dev-vcs/subversion < 1.9.4 net-libs/serf < 1.3.7 20473 - Navis WebAccess SQL Injection Vulnerability

Category: General Vulnerability Assessment -> NonIntrusive -> SCADA Risk Level: High CVE: CVE-2016-5817

Description A SQL injection vulnerability is present in some versions of Navis WebAccess.

Observation Navis WebAccess is a web-based application that provides the operator and its constituents with real-time, online access to operational logistics information.

A SQL injection vulnerability is present in some versions of Navis WebAccess. The flaw lies in showNotice.do. Successful exploitation could allow an attacker to execute arbitrary code.

20615 - Mozilla Firefox Multiple Vulnerabilities Prior To 49

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-2827, CVE-2016-5256, CVE-2016-5257, CVE-2016-5270, CVE-2016-5271, CVE-2016-5272, CVE-2016-5273, CVE- 2016-5274, CVE-2016-5275, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278, CVE-2016-5279, CVE-2016-5280, CVE-2016-5281, CVE-2016-5282, CVE-2016-5283, CVE-2016-5284

Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.

Observation Mozilla Firefox is a popular web browser.

Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition, conduct spoofing attacks, retrieve sensitive data, remotely execute arbitrary code or have other unspecified impact on the target system.

20616 - Mozilla Firefox Multiple Vulnerabilities Prior To 49

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2016-2827, CVE-2016-5256, CVE-2016-5257, CVE-2016-5270, CVE-2016-5271, CVE-2016-5272, CVE-2016-5273, CVE- 2016-5274, CVE-2016-5275, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278, CVE-2016-5279, CVE-2016-5280, CVE-2016-5281, CVE-2016-5282, CVE-2016-5283, CVE-2016-5284

Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.

Observation Mozilla Firefox is a popular web browser.

Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition, conduct spoofing attacks, retrieve sensitive data, remotely execute arbitrary code or have other unspecified impact on the target system. 20694 - Moxa Active OPC Server Unquoted Service Path Escalation Vulnerability

Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-5793

Description A vulnerability is present in some versions of Moxa Active OPC Server.

Observation Moxa Active OPC Server is a software interface that interacts with SCADA or HMI systems.

A vulnerability is present in some versions of Moxa Active OPC Server. The flaw lies in how the product handles the user-provided input in search path fields. Successful exploitation could allow an attacker to escalate privileges. Exploitation requires local access to the vulnerable system.

130603 - Debian Linux 8.0 DSA-3689-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE- 2016-7131, CVE-2016-7132, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418

Description The scan detected that the host is missing the following update: DSA-3689-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3689

Debian 8.0 all php5_5.6.26+dfsg-0+deb8u1

130605 - Debian Linux 8.0 DSA-3687-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2016-1951

Description The scan detected that the host is missing the following update: DSA-3687-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3687 Debian 8.0 all libnspr4-dev_2:4.12-1+debu8u1 libnspr4_2:4.12-1+debu8u1 libnspr4-dbg_2:4.12-1+debu8u1 libnspr4-0d_2:4.12-1+debu8u1

130606 - Debian Linux 8.0 DSA-3690-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2016-5257

Description The scan detected that the host is missing the following update: DSA-3690-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3690

Debian 8.0 all icedove_1:45.4.0-1~deb8u1

132284 - Oracle VM OVMSA-2016-0139 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829

Description The scan detected that the host is missing the following update: OVMSA-2016-0139

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/oraclevm-errata/2016-October/000557.html

OVM3.3 x86_64 kernel-uek-firmware-3.8.13-118.13.2.el6uek kernel-uek-3.8.13-118.13.2.el6uek

132285 - Oracle VM OVMSA-2016-0138 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829 Description The scan detected that the host is missing the following update: OVMSA-2016-0138

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/oraclevm-errata/2016-October/000556.html

OVM3.4 x86_64 kernel-uek-firmware-4.1.12-61.1.13.el6uek kernel-uek-4.1.12-61.1.13.el6uek

141298 - Red Hat Enterprise Linux RHSA-2016-2047 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-7039

Description The scan detected that the host is missing the following update: RHSA-2016-2047

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://rhn.redhat.com/errata/RHSA-2016-2047.html

RHEL7D x86_64 kernel-debug-devel-3.10.0-327.36.2.el7 perf-debuginfo-3.10.0-327.36.2.el7 python-perf-debuginfo-3.10.0-327.36.2.el7 kernel-tools-debuginfo-3.10.0-327.36.2.el7 kernel-debug-3.10.0-327.36.2.el7 kernel-tools-3.10.0-327.36.2.el7 kernel-tools-libs-3.10.0-327.36.2.el7 kernel-3.10.0-327.36.2.el7 kernel-debug-debuginfo-3.10.0-327.36.2.el7 kernel-headers-3.10.0-327.36.2.el7 kernel-tools-libs-devel-3.10.0-327.36.2.el7 kernel-debuginfo-common-x86_64-3.10.0-327.36.2.el7 perf-3.10.0-327.36.2.el7 kernel-debuginfo-3.10.0-327.36.2.el7 kernel-devel-3.10.0-327.36.2.el7 python-perf-3.10.0-327.36.2.el7 noarch kernel-doc-3.10.0-327.36.2.el7 kernel-abi-whitelists-3.10.0-327.36.2.el7

RHEL7S noarch kernel-doc-3.10.0-327.36.2.el7 kernel-abi-whitelists-3.10.0-327.36.2.el7

RHEL7WS x86_64 kernel-debug-devel-3.10.0-327.36.2.el7 perf-debuginfo-3.10.0-327.36.2.el7 python-perf-debuginfo-3.10.0-327.36.2.el7 kernel-tools-debuginfo-3.10.0-327.36.2.el7 kernel-debug-3.10.0-327.36.2.el7 kernel-tools-3.10.0-327.36.2.el7 kernel-tools-libs-3.10.0-327.36.2.el7 kernel-3.10.0-327.36.2.el7 kernel-debug-debuginfo-3.10.0-327.36.2.el7 kernel-headers-3.10.0-327.36.2.el7 kernel-tools-libs-devel-3.10.0-327.36.2.el7 kernel-debuginfo-common-x86_64-3.10.0-327.36.2.el7 perf-3.10.0-327.36.2.el7 kernel-debuginfo-3.10.0-327.36.2.el7 kernel-devel-3.10.0-327.36.2.el7 python-perf-3.10.0-327.36.2.el7 noarch kernel-doc-3.10.0-327.36.2.el7 kernel-abi-whitelists-3.10.0-327.36.2.el7

144907 - SuSE SLES 12 SP1, SLED 12 SP1 SUSE-SU-2016:2473-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-6258, CVE-2016-6259, CVE-2016-6833, CVE-2016-6834, CVE-2016-6835, CVE-2016-6836, CVE-2016-6888, CVE- 2016-7092, CVE-2016-7093, CVE-2016-7094

Description The scan detected that the host is missing the following update: SUSE-SU-2016:2473-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002317.html

SuSE SLES 12 SP1 x86_64 xen-doc-html-4.5.3_10-20.1 xen-tools-domU-debuginfo-4.5.3_10-20.1 xen-tools-debuginfo-4.5.3_10-20.1 xen-tools-domU-4.5.3_10-20.1 xen-kmp-default-4.5.3_10_k3.12.62_60.62-20.1 xen-libs-32bit-4.5.3_10-20.1 xen-libs-debuginfo-32bit-4.5.3_10-20.1 xen-tools-4.5.3_10-20.1 xen-4.5.3_10-20.1 xen-libs-4.5.3_10-20.1 xen-kmp-default-debuginfo-4.5.3_10_k3.12.62_60.62-20.1 xen-debugsource-4.5.3_10-20.1 xen-libs-debuginfo-4.5.3_10-20.1 SuSE SLED 12 SP1 x86_64 xen-libs-debuginfo-32bit-4.5.3_10-20.1 xen-kmp-default-debuginfo-4.5.3_10_k3.12.62_60.62-20.1 xen-debugsource-4.5.3_10-20.1 xen-kmp-default-4.5.3_10_k3.12.62_60.62-20.1 xen-4.5.3_10-20.1 xen-libs-debuginfo-4.5.3_10-20.1 xen-libs-32bit-4.5.3_10-20.1 xen-libs-4.5.3_10-20.1

144908 - SuSE SLED 12 SP1 SUSE-SU-2016:2468-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE- 2016-6303, CVE-2016-6304, CVE-2016-6306

Description The scan detected that the host is missing the following update: SUSE-SU-2016:2468-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002313.html

SuSE SLED 12 SP1 x86_64 libopenssl0_9_8-0.9.8j-102.1 libopenssl0_9_8-32bit-0.9.8j-102.1 libopenssl0_9_8-debuginfo-0.9.8j-102.1 libopenssl0_9_8-debuginfo-32bit-0.9.8j-102.1 compat-openssl098-debugsource-0.9.8j-102.1

144909 - SuSE SLES 11 SP4 SUSE-SU-2016:2459-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE- 2016-7131, CVE-2016-7132, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418

Description The scan detected that the host is missing the following update: SUSE-SU-2016:2459-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002310.html

SuSE SLES 11 SP4 i586 php53-bz2-5.3.17-84.1 apache2-mod_php53-5.3.17-84.1 php53-zip-5.3.17-84.1 php53-pspell-5.3.17-84.1 php53-mbstring-5.3.17-84.1 php53-snmp-5.3.17-84.1 php53-dom-5.3.17-84.1 php53-sysvshm-5.3.17-84.1 php53-json-5.3.17-84.1 php53-exif-5.3.17-84.1 php53-curl-5.3.17-84.1 php53-xmlwriter-5.3.17-84.1 php53-dba-5.3.17-84.1 php53-gd-5.3.17-84.1 php53-soap-5.3.17-84.1 php53-sysvsem-5.3.17-84.1 php53-xsl-5.3.17-84.1 php53-fileinfo-5.3.17-84.1 php53-openssl-5.3.17-84.1 php53-5.3.17-84.1 php53-gmp-5.3.17-84.1 php53-xmlreader-5.3.17-84.1 php53-mcrypt-5.3.17-84.1 php53-wddx-5.3.17-84.1 php53-bcmath-5.3.17-84.1 php53-xmlrpc-5.3.17-84.1 php53-suhosin-5.3.17-84.1 php53-pcntl-5.3.17-84.1 php53-tokenizer-5.3.17-84.1 php53-mysql-5.3.17-84.1 php53-iconv-5.3.17-84.1 php53-ctype-5.3.17-84.1 php53-sysvmsg-5.3.17-84.1 php53-pdo-5.3.17-84.1 php53-calendar-5.3.17-84.1 php53-intl-5.3.17-84.1 php53-gettext-5.3.17-84.1 php53-odbc-5.3.17-84.1 php53-ldap-5.3.17-84.1 php53-shmop-5.3.17-84.1 php53-pgsql-5.3.17-84.1 php53-ftp-5.3.17-84.1 php53-fastcgi-5.3.17-84.1 php53-zlib-5.3.17-84.1 php53-pear-5.3.17-84.1 x86_64 php53-bz2-5.3.17-84.1 apache2-mod_php53-5.3.17-84.1 php53-zip-5.3.17-84.1 php53-pspell-5.3.17-84.1 php53-mbstring-5.3.17-84.1 php53-snmp-5.3.17-84.1 php53-dom-5.3.17-84.1 php53-sysvshm-5.3.17-84.1 php53-json-5.3.17-84.1 php53-exif-5.3.17-84.1 php53-curl-5.3.17-84.1 php53-xmlwriter-5.3.17-84.1 php53-dba-5.3.17-84.1 php53-gd-5.3.17-84.1 php53-soap-5.3.17-84.1 php53-sysvsem-5.3.17-84.1 php53-xsl-5.3.17-84.1 php53-fileinfo-5.3.17-84.1 php53-openssl-5.3.17-84.1 php53-5.3.17-84.1 php53-gmp-5.3.17-84.1 php53-xmlreader-5.3.17-84.1 php53-mcrypt-5.3.17-84.1 php53-wddx-5.3.17-84.1 php53-bcmath-5.3.17-84.1 php53-xmlrpc-5.3.17-84.1 php53-suhosin-5.3.17-84.1 php53-pcntl-5.3.17-84.1 php53-tokenizer-5.3.17-84.1 php53-mysql-5.3.17-84.1 php53-iconv-5.3.17-84.1 php53-ctype-5.3.17-84.1 php53-sysvmsg-5.3.17-84.1 php53-pdo-5.3.17-84.1 php53-calendar-5.3.17-84.1 php53-intl-5.3.17-84.1 php53-gettext-5.3.17-84.1 php53-odbc-5.3.17-84.1 php53-ldap-5.3.17-84.1 php53-shmop-5.3.17-84.1 php53-pgsql-5.3.17-84.1 php53-ftp-5.3.17-84.1 php53-fastcgi-5.3.17-84.1 php53-zlib-5.3.17-84.1 php53-pear-5.3.17-84.1

144911 - SuSE SLES 11 SP4 SUSE-SU-2016:2458-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE- 2016-6303, CVE-2016-6304, CVE-2016-6306

Description The scan detected that the host is missing the following update: SUSE-SU-2016:2458-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002309.html

SuSE SLES 11 SP4 i586 openssl-doc-0.9.8j-0.102.2 libopenssl0_9_8-hmac-0.9.8j-0.102.2 openssl-0.9.8j-0.102.2 libopenssl0_9_8-0.9.8j-0.102.2 x86_64 openssl-doc-0.9.8j-0.102.2 libopenssl0_9_8-hmac-32bit-0.9.8j-0.102.2 libopenssl0_9_8-32bit-0.9.8j-0.102.2 libopenssl0_9_8-0.9.8j-0.102.2 openssl-0.9.8j-0.102.2 libopenssl0_9_8-hmac-0.9.8j-0.102.2

144912 - SuSE SLES 12 SP1, SLED 12 SP1 SUSE-SU-2016:2492-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2013-5653, CVE-2016-7978, CVE-2016-7979

Description The scan detected that the host is missing the following update: SUSE-SU-2016:2492-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002321.html

SuSE SLES 12 SP1 x86_64 ghostscript-debuginfo-9.15-11.1 ghostscript-debugsource-9.15-11.1 ghostscript-9.15-11.1 ghostscript-x11-9.15-11.1 ghostscript-x11-debuginfo-9.15-11.1

SuSE SLED 12 SP1 x86_64 ghostscript-debuginfo-9.15-11.1 ghostscript-debugsource-9.15-11.1 ghostscript-9.15-11.1 ghostscript-x11-9.15-11.1 ghostscript-x11-debuginfo-9.15-11.1

144914 - SuSE Linux 13.2 openSUSE-SU-2016:2497-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2014-3615, CVE-2014-3672, CVE-2016-3158, CVE-2016-3159, CVE-2016-3710, CVE-2016-3712, CVE-2016-3960, CVE- 2016-4001, CVE-2016-4002, CVE-2016-4020, CVE-2016-4037, CVE-2016-4439, CVE-2016-4441, CVE-2016-4453, CVE-2016-4454, CVE-2016-4480, CVE-2016-4952, CVE-2016-4962, CVE-2016-4963, CVE-2016-5105, CVE-2016-5106, CVE-2016-5107, CVE-2016- 5126, CVE-2016-5238, CVE-2016-5337, CVE-2016-5338, CVE-2016-5403, CVE-2016-6258, CVE-2016-6351, CVE-2016-6833, CVE- 2016-6834, CVE-2016-6835, CVE-2016-6836, CVE-2016-6888, CVE-2016-7092, CVE-2016-7093, CVE-2016-7094, CVE-2016-7154

Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2497-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-10/msg00033.html

SuSE Linux 13.2 x86_64 xen-kmp-default-debuginfo-4.4.4_05_k3.16.7_42-49.1 xen-4.4.4_05-49.1 xen-libs-32bit-4.4.4_05-49.1 xen-libs-debuginfo-4.4.4_05-49.1 xen-devel-4.4.4_05-49.1 xen-tools-domU-debuginfo-4.4.4_05-49.1 xen-libs-4.4.4_05-49.1 xen-kmp-default-4.4.4_05_k3.16.7_42-49.1 xen-kmp-desktop-debuginfo-4.4.4_05_k3.16.7_42-49.1 xen-debugsource-4.4.4_05-49.1 xen-tools-debuginfo-4.4.4_05-49.1 xen-kmp-desktop-4.4.4_05_k3.16.7_42-49.1 xen-tools-4.4.4_05-49.1 xen-tools-domU-4.4.4_05-49.1 xen-doc-html-4.4.4_05-49.1 xen-libs-debuginfo-32bit-4.4.4_05-49.1 i586 xen-tools-domU-4.4.4_05-49.1 xen-tools-domU-debuginfo-4.4.4_05-49.1 xen-libs-debuginfo-4.4.4_05-49.1 xen-debugsource-4.4.4_05-49.1 xen-libs-4.4.4_05-49.1 xen-devel-4.4.4_05-49.1

144915 - SuSE SLES 12 SP1, SLED 12 SP1 SUSE-SU-2016:2476-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-7796

Description The scan detected that the host is missing the following update: SUSE-SU-2016:2476-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002319.html

SuSE SLES 12 SP1 noarch systemd-bash-completion-210-114.1 x86_64 libgudev-1_0-0-32bit-210-114.1 systemd-debuginfo-32bit-210-114.1 systemd-32bit-210-114.1 systemd-sysvinit-210-114.1 systemd-210-114.1 libudev1-32bit-210-114.1 udev-210-114.1 libudev1-210-114.1 libudev1-debuginfo-32bit-210-114.1 libudev1-debuginfo-210-114.1 libgudev-1_0-0-debuginfo-210-114.1 udev-debuginfo-210-114.1 libgudev-1_0-0-210-114.1 systemd-debuginfo-210-114.1 systemd-debugsource-210-114.1 libgudev-1_0-0-debuginfo-32bit-210-114.1

SuSE SLED 12 SP1 x86_64 libudev1-debuginfo-210-114.1 libgudev-1_0-0-32bit-210-114.1 systemd-32bit-210-114.1 systemd-sysvinit-210-114.1 systemd-210-114.1 libudev1-32bit-210-114.1 udev-210-114.1 libudev1-210-114.1 libudev1-debuginfo-32bit-210-114.1 systemd-debuginfo-32bit-210-114.1 libgudev-1_0-0-debuginfo-210-114.1 udev-debuginfo-210-114.1 libgudev-1_0-0-210-114.1 systemd-debuginfo-210-114.1 systemd-debugsource-210-114.1 libgudev-1_0-0-debuginfo-32bit-210-114.1 noarch systemd-bash-completion-210-114.1

144917 - SuSE Linux 13.2 openSUSE-SU-2016:2484-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2484-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-10/msg00026.html

SuSE Linux 13.2 x86_64 MozillaThunderbird-translations-common-45.4.0-49.1 MozillaThunderbird-debuginfo-45.4.0-49.1 MozillaThunderbird-45.4.0-49.1 MozillaThunderbird-translations-other-45.4.0-49.1 MozillaThunderbird-debugsource-45.4.0-49.1 MozillaThunderbird-devel-45.4.0-49.1 MozillaThunderbird-buildsymbols-45.4.0-49.1 i586 MozillaThunderbird-translations-common-45.4.0-49.1 MozillaThunderbird-debuginfo-45.4.0-49.1 MozillaThunderbird-45.4.0-49.1 MozillaThunderbird-translations-other-45.4.0-49.1 MozillaThunderbird-debugsource-45.4.0-49.1 MozillaThunderbird-devel-45.4.0-49.1 MozillaThunderbird-buildsymbols-45.4.0-49.1

144918 - SuSE Linux 13.2 openSUSE-SU-2016:2498-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-7787

Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2498-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-10/msg00034.html

SuSE Linux 13.2 i586 kde-cli-tools5-5.3.2-27.1 kde-cli-tools5-debuginfo-5.3.2-27.1 kde-cli-tools5-debugsource-5.3.2-27.1 noarch kde-cli-tools5-lang-5.3.2-27.1 x86_64 kde-cli-tools5-5.3.2-27.1 kde-cli-tools5-debuginfo-5.3.2-27.1 kde-cli-tools5-debugsource-5.3.2-27.1

160153 - CentOS 6 CESA-2016-2006 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2016-4470, CVE-2016-5829

Description The scan detected that the host is missing the following update: CESA-2016-2006

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2016-October/022117.html

CentOS 6 i686 kernel-devel-2.6.32-642.6.1.el6 kernel-2.6.32-642.6.1.el6 kernel-headers-2.6.32-642.6.1.el6 python-perf-2.6.32-642.6.1.el6 kernel-debug-2.6.32-642.6.1.el6 perf-2.6.32-642.6.1.el6 kernel-debug-devel-2.6.32-642.6.1.el6 noarch kernel-firmware-2.6.32-642.6.1.el6 kernel-abi-whitelists-2.6.32-642.6.1.el6 kernel-doc-2.6.32-642.6.1.el6 x86_64 kernel-devel-2.6.32-642.6.1.el6 kernel-2.6.32-642.6.1.el6 kernel-headers-2.6.32-642.6.1.el6 python-perf-2.6.32-642.6.1.el6 kernel-debug-2.6.32-642.6.1.el6 perf-2.6.32-642.6.1.el6 kernel-debug-devel-2.6.32-642.6.1.el6

163165 - Oracle Enterprise Linux ELSA-2016-3625 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829

Description The scan detected that the host is missing the following update: ELSA-2016-3625

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006396.html http://oss.oracle.com/pipermail/el-errata/2016-October/006395.html

OEL7 x86_64 kernel-uek-firmware-4.1.12-61.1.13.el7uek kernel-uek-debug-4.1.12-61.1.13.el7uek kernel-uek-devel-4.1.12-61.1.13.el7uek kernel-uek-debug-devel-4.1.12-61.1.13.el7uek kernel-uek-4.1.12-61.1.13.el7uek dtrace-modules-4.1.12-61.1.13.el7uek-0.5.3-2.el7 kernel-uek-doc-4.1.12-61.1.13.el7uek

OEL6 x86_64 kernel-uek-debug-4.1.12-61.1.13.el6uek kernel-uek-4.1.12-61.1.13.el6uek kernel-uek-devel-4.1.12-61.1.13.el6uek kernel-uek-firmware-4.1.12-61.1.13.el6uek dtrace-modules-4.1.12-61.1.13.el6uek-0.5.3-2.el6 kernel-uek-doc-4.1.12-61.1.13.el6uek kernel-uek-debug-devel-4.1.12-61.1.13.el6uek

163166 - Oracle Enterprise Linux ELSA-2016-3623 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829

Description The scan detected that the host is missing the following update: ELSA-2016-3623

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006398.html http://oss.oracle.com/pipermail/el-errata/2016-October/006397.html

OEL7 x86_64 kernel-uek-3.8.13-118.13.2.el7uek kernel-uek-firmware-3.8.13-118.13.2.el7uek dtrace-modules-3.8.13-118.13.2.el7uek-0.4.5-3.el7 kernel-uek-debug-3.8.13-118.13.2.el7uek kernel-uek-devel-3.8.13-118.13.2.el7uek kernel-uek-debug-devel-3.8.13-118.13.2.el7uek kernel-uek-doc-3.8.13-118.13.2.el7uek

OEL6 x86_64 dtrace-modules-3.8.13-118.13.2.el6uek-0.4.5-3.el6 kernel-uek-devel-3.8.13-118.13.2.el6uek kernel-uek-3.8.13-118.13.2.el6uek kernel-uek-firmware-3.8.13-118.13.2.el6uek kernel-uek-doc-3.8.13-118.13.2.el6uek kernel-uek-debug-devel-3.8.13-118.13.2.el6uek kernel-uek-debug-3.8.13-118.13.2.el6uek

163167 - Oracle Enterprise Linux ELSA-2016-2047 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-7039

Description The scan detected that the host is missing the following update: ELSA-2016-2047

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006409.html

OEL7 x86_64 kernel-tools-3.10.0-327.36.2.el7 kernel-devel-3.10.0-327.36.2.el7 kernel-doc-3.10.0-327.36.2.el7 kernel-3.10.0-327.36.2.el7 perf-3.10.0-327.36.2.el7 kernel-abi-whitelists-3.10.0-327.36.2.el7 kernel-tools-libs-devel-3.10.0-327.36.2.el7 kernel-debug-devel-3.10.0-327.36.2.el7 kernel-debug-3.10.0-327.36.2.el7 kernel-headers-3.10.0-327.36.2.el7 kernel-tools-libs-3.10.0-327.36.2.el7 python-perf-3.10.0-327.36.2.el7

163169 - Oracle Enterprise Linux ELSA-2016-3624 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829

Description The scan detected that the host is missing the following update: ELSA-2016-3624

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006399.html http://oss.oracle.com/pipermail/el-errata/2016-October/006400.html

OEL5 x86_64 kernel-uek-debug-devel-2.6.39-400.286.2.el5uek kernel-uek-doc-2.6.39-400.286.2.el5uek kernel-uek-firmware-2.6.39-400.286.2.el5uek kernel-uek-debug-2.6.39-400.286.2.el5uek kernel-uek-devel-2.6.39-400.286.2.el5uek kernel-uek-2.6.39-400.286.2.el5uek i386 kernel-uek-debug-devel-2.6.39-400.286.2.el5uek kernel-uek-doc-2.6.39-400.286.2.el5uek kernel-uek-firmware-2.6.39-400.286.2.el5uek kernel-uek-debug-2.6.39-400.286.2.el5uek kernel-uek-devel-2.6.39-400.286.2.el5uek kernel-uek-2.6.39-400.286.2.el5uek

OEL6 x86_64 kernel-uek-firmware-2.6.39-400.286.2.el6uek kernel-uek-devel-2.6.39-400.286.2.el6uek kernel-uek-debug-2.6.39-400.286.2.el6uek kernel-uek-debug-devel-2.6.39-400.286.2.el6uek kernel-uek-2.6.39-400.286.2.el6uek kernel-uek-doc-2.6.39-400.286.2.el6uek i386 kernel-uek-firmware-2.6.39-400.286.2.el6uek kernel-uek-devel-2.6.39-400.286.2.el6uek kernel-uek-debug-devel-2.6.39-400.286.2.el6uek kernel-uek-2.6.39-400.286.2.el6uek kernel-uek-debug-2.6.39-400.286.2.el6uek kernel-uek-doc-2.6.39-400.286.2.el6uek

175020 - Scientific Linux Security ERRATA Important: kernel on SL7.x x86_64 (1610-2126)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2016-7039

Description The scan detected that the host is missing the following update: Security ERRATA Important: kernel on SL7.x x86_64 (1610-2126)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1610&L=scientific-linux-errata&F=&S=&P=2126

SL7 x86_64 kernel-debug-devel-3.10.0-327.36.2.el7 perf-debuginfo-3.10.0-327.36.2.el7 python-perf-debuginfo-3.10.0-327.36.2.el7 kernel-tools-debuginfo-3.10.0-327.36.2.el7 kernel-debug-3.10.0-327.36.2.el7 kernel-tools-3.10.0-327.36.2.el7 kernel-tools-libs-3.10.0-327.36.2.el7 kernel-3.10.0-327.36.2.el7 kernel-debug-debuginfo-3.10.0-327.36.2.el7 kernel-headers-3.10.0-327.36.2.el7 kernel-tools-libs-devel-3.10.0-327.36.2.el7 kernel-debuginfo-common-x86_64-3.10.0-327.36.2.el7 perf-3.10.0-327.36.2.el7 kernel-debuginfo-3.10.0-327.36.2.el7 kernel-devel-3.10.0-327.36.2.el7 python-perf-3.10.0-327.36.2.el7 noarch kernel-doc-3.10.0-327.36.2.el7 kernel-abi-whitelists-3.10.0-327.36.2.el7

175021 - Scientific Linux Security ERRATA Important: kernel on SL6.x i386/x86_64 (1610-959)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2016-4470, CVE-2016-5829

Description The scan detected that the host is missing the following update: Security ERRATA Important: kernel on SL6.x i386/x86_64 (1610-959) Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1610&L=scientific-linux-errata&F=&S=&P=959

SL6 i386 kernel-debuginfo-2.6.32-642.6.1.el6 kernel-devel-2.6.32-642.6.1.el6 kernel-2.6.32-642.6.1.el6 kernel-headers-2.6.32-642.6.1.el6 perf-debuginfo-2.6.32-642.6.1.el6 python-perf-2.6.32-642.6.1.el6 kernel-debug-2.6.32-642.6.1.el6 perf-2.6.32-642.6.1.el6 kernel-debuginfo-common-i686-2.6.32-642.6.1.el6 kernel-debug-debuginfo-2.6.32-642.6.1.el6 kernel-debug-devel-2.6.32-642.6.1.el6 python-perf-debuginfo-2.6.32-642.6.1.el6 noarch kernel-firmware-2.6.32-642.6.1.el6 kernel-abi-whitelists-2.6.32-642.6.1.el6 kernel-doc-2.6.32-642.6.1.el6 x86_64 kernel-debug-debuginfo-2.6.32-642.6.1.el6 kernel-devel-2.6.32-642.6.1.el6 kernel-debug-devel-2.6.32-642.6.1.el6 kernel-debug-2.6.32-642.6.1.el6 python-perf-debuginfo-2.6.32-642.6.1.el6 perf-debuginfo-2.6.32-642.6.1.el6 kernel-debuginfo-2.6.32-642.6.1.el6 kernel-2.6.32-642.6.1.el6 kernel-debuginfo-common-i686-2.6.32-642.6.1.el6 kernel-debuginfo-common-x86_64-2.6.32-642.6.1.el6 python-perf-2.6.32-642.6.1.el6 kernel-headers-2.6.32-642.6.1.el6 perf-2.6.32-642.6.1.el6

178223 - Gentoo Linux GLSA-201610-07 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2015-8704, CVE-2015-8705, CVE-2016-1285, CVE-2016-1286, CVE-2016-2088, CVE-2016-2775, CVE-2016-2776, CVE- 2016-6170

Description The scan detected that the host is missing the following update: GLSA-201610-07

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-07 Affected packages: net-dns/bind < 9.10.4_p3

178224 - Gentoo Linux GLSA-201610-01 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2015-3253

Description The scan detected that the host is missing the following update: GLSA-201610-01

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-01

Affected packages: dev-java/groovy < 2.4.5

178225 - Gentoo Linux GLSA-201610-03 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2016-2342

Description The scan detected that the host is missing the following update: GLSA-201610-03

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-03

Affected packages: net-misc/quagga < 1.0.20160315

191223 - Fedora Linux 25 FEDORA-2016-76bd94ca9e Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-2776

Description The scan detected that the host is missing the following update: FEDORA-2016-76bd94ca9e

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4

Fedora Core 25 bind-9.10.4-2.P3.fc25

191224 - Fedora Linux 25 FEDORA-2016-e523c37b4d Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180

Description The scan detected that the host is missing the following update: FEDORA-2016-e523c37b4d

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5

Fedora Core 25 -ares-1.12.0-1.fc25

191227 - Fedora Linux 24 FEDORA-2016-1cc00cde2d Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180

Description The scan detected that the host is missing the following update: FEDORA-2016-1cc00cde2d

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5

Fedora Core 24 c-ares-1.12.0-1.fc24

191230 - Fedora Linux 23 FEDORA-2016-7aa3c89e7b Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180 Description The scan detected that the host is missing the following update: FEDORA-2016-7aa3c89e7b

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 23 c-ares-1.12.0-1.fc23

191238 - Fedora Linux 25 FEDORA-2016-64e0743e16 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-6302, CVE- 2016-6304, CVE-2016-6306, CVE-2016-7052

Description The scan detected that the host is missing the following update: FEDORA-2016-64e0743e16

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4

Fedora Core 25 openssl-1.0.2j-1.fc25

191240 - Fedora Linux 23 FEDORA-2016-66d9389548 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180

Description The scan detected that the host is missing the following update: FEDORA-2016-66d9389548

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 23 mingw-c-ares-1.12.0-1.fc23 191245 - Fedora Linux 25 FEDORA-2016-4f34f26649 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180

Description The scan detected that the host is missing the following update: FEDORA-2016-4f34f26649

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 mingw-c-ares-1.12.0-1.fc25

191261 - Fedora Linux 24 FEDORA-2016-a7f9e86df7 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180

Description The scan detected that the host is missing the following update: FEDORA-2016-a7f9e86df7

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 24 mingw-c-ares-1.12.0-1.fc24

191262 - Fedora Linux 25 FEDORA-2016-f6e4e66202 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-2776

Description The scan detected that the host is missing the following update: FEDORA-2016-f6e4e66202

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4

Fedora Core 25 bind99-9.9.9-2.P3.fc25

20622 - WordPress Multiple Vulnerabilities Prior To 4.6

Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-2016-6896, CVE-2016-6897

Description Multiple vulnerabilities are present in some versions of WordPress.

Observation WordPress is a popular blog application.

Multiple vulnerabilities are present in some versions of WordPress. The flaws lie in the ajax-actions. file, specifically in the wp_ajax_update_plugin() method. Successful exploitation could allow an attacker to cause a denial of service condition or retrieve sensitive data.

20623 - (HPSBGN03650) HPE Network Automation Software Local Arbitrary File Modification Vulnerability

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2016-4386

Description A vulnerability is present in some versions of HP Network Automation.

Observation HP Network Automation is a network configuration management automation software.

A vulnerability is present in some versions of HP Network Automation. The flaw lies in the HP Network Automation installer files permissions once extracted on disc. Successful exploitation could allow a local attacker to modify arbitrary files.

141296 - Red Hat Enterprise Linux RHSA-2016-2046 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-7810, CVE-2015-5346, CVE-2016-5388, CVE-2016-5425, CVE-2016-6325

Description The scan detected that the host is missing the following update: RHSA-2016-2046

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://rhn.redhat.com/errata/RHSA-2016-2046.html RHEL7D noarch tomcat-admin-webapps-7.0.54-8.el7_2 tomcat-el-2.2-api-7.0.54-8.el7_2 tomcat-webapps-7.0.54-8.el7_2 tomcat-jsvc-7.0.54-8.el7_2 tomcat-javadoc-7.0.54-8.el7_2 tomcat-lib-7.0.54-8.el7_2 tomcat-jsp-2.2-api-7.0.54-8.el7_2 tomcat-7.0.54-8.el7_2 tomcat-docs-webapp-7.0.54-8.el7_2 tomcat-servlet-3.0-api-7.0.54-8.el7_2

RHEL7S noarch tomcat-el-2.2-api-7.0.54-8.el7_2 tomcat-javadoc-7.0.54-8.el7_2 tomcat-jsvc-7.0.54-8.el7_2 tomcat-webapps-7.0.54-8.el7_2 tomcat-jsp-2.2-api-7.0.54-8.el7_2 tomcat-lib-7.0.54-8.el7_2 tomcat-docs-webapp-7.0.54-8.el7_2 tomcat-7.0.54-8.el7_2 tomcat-admin-webapps-7.0.54-8.el7_2 tomcat-servlet-3.0-api-7.0.54-8.el7_2

RHEL7WS noarch tomcat-el-2.2-api-7.0.54-8.el7_2 tomcat-javadoc-7.0.54-8.el7_2 tomcat-jsvc-7.0.54-8.el7_2 tomcat-webapps-7.0.54-8.el7_2 tomcat-jsp-2.2-api-7.0.54-8.el7_2 tomcat-lib-7.0.54-8.el7_2 tomcat-docs-webapp-7.0.54-8.el7_2 tomcat-7.0.54-8.el7_2 tomcat-admin-webapps-7.0.54-8.el7_2 tomcat-servlet-3.0-api-7.0.54-8.el7_2

141297 - Red Hat Enterprise Linux RHSA-2016-2045 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, CVE-2016-0714, CVE-2016-5388, CVE-2016-6325

Description The scan detected that the host is missing the following update: RHSA-2016-2045

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://rhn.redhat.com/errata/RHSA-2016-2045.html

RHEL6D noarch tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8

RHEL6S noarch tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8

RHEL6WS noarch tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8

144906 - SuSE SLED 12 SP1 SUSE-SU-2016:2472-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-4324

Description The scan detected that the host is missing the following update: SUSE-SU-2016:2472-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002316.html

SuSE SLED 12 SP1 x86_64 libreoffice-math-debuginfo-5.1.5.2-29.4 libreoffice-base-debuginfo-5.1.5.2-29.4 libreoffice-calc-extensions-5.1.5.2-29.4 libreoffice-calc-5.1.5.2-29.4 libreoffice-math-5.1.5.2-29.4 libreoffice-5.1.5.2-29.4 libreoffice-base-drivers-postgresql-debuginfo-5.1.5.2-29.4 libreoffice-draw-debuginfo-5.1.5.2-29.4 libreoffice-debugsource-5.1.5.2-29.4 libreoffice-officebean-debuginfo-5.1.5.2-29.4 libreoffice-base-drivers-postgresql-5.1.5.2-29.4 libreoffice-filters-optional-5.1.5.2-29.4 libreoffice-writer-extensions-5.1.5.2-29.4 libreoffice-draw-5.1.5.2-29.4 libreoffice-officebean-5.1.5.2-29.4 libreoffice-pyuno-5.1.5.2-29.4 libreoffice-calc-debuginfo-5.1.5.2-29.4 libreoffice-debuginfo-5.1.5.2-29.4 libreoffice-base-drivers-mysql-5.1.5.2-29.4 libreoffice-mailmerge-5.1.5.2-29.4 libreoffice-impress-5.1.5.2-29.4 libreoffice-writer-debuginfo-5.1.5.2-29.4 libreoffice-gnome-5.1.5.2-29.4 libreoffice-pyuno-debuginfo-5.1.5.2-29.4 libreoffice-gnome-debuginfo-5.1.5.2-29.4 libreoffice-base-drivers-mysql-debuginfo-5.1.5.2-29.4 libreoffice-impress-debuginfo-5.1.5.2-29.4 libreoffice-writer-5.1.5.2-29.4 libreoffice-base-5.1.5.2-29.4 noarch libreoffice-l10n-af-5.1.5.2-29.4 libreoffice-l10n-sk-5.1.5.2-29.4 libreoffice-l10n-sv-5.1.5.2-29.4 libreoffice-l10n-zu-5.1.5.2-29.4 libreoffice-l10n-nb-5.1.5.2-29.4 libreoffice-l10n-zh-Hans-5.1.5.2-29.4 libreoffice-l10n-fi-5.1.5.2-29.4 libreoffice-l10n-fr-5.1.5.2-29.4 libreoffice-l10n-ko-5.1.5.2-29.4 libreoffice-l10n-hi-5.1.5.2-29.4 libreoffice-l10n-gu-5.1.5.2-29.4 libreoffice-l10n-cs-5.1.5.2-29.4 libreoffice-l10n-hu-5.1.5.2-29.4 libreoffice-l10n-en-5.1.5.2-29.4 libreoffice-l10n-es-5.1.5.2-29.4 libreoffice-l10n-zh-Hant-5.1.5.2-29.4 libreoffice-l10n-ca-5.1.5.2-29.4 libreoffice-l10n-pt-PT-5.1.5.2-29.4 libreoffice-l10n-de-5.1.5.2-29.4 libreoffice-icon-theme-tango-5.1.5.2-29.4 libreoffice-l10n-it-5.1.5.2-29.4 libreoffice-l10n-ar-5.1.5.2-29.4 libreoffice-l10n-nn-5.1.5.2-29.4 libreoffice-l10n-xh-5.1.5.2-29.4 libreoffice-l10n-nl-5.1.5.2-29.4 libreoffice-l10n-pt-BR-5.1.5.2-29.4 libreoffice-l10n-da-5.1.5.2-29.4 libreoffice-l10n-ru-5.1.5.2-29.4 libreoffice-l10n-ja-5.1.5.2-29.4 libreoffice-icon-theme-galaxy-5.1.5.2-29.4 libreoffice-l10n-pl-5.1.5.2-29.4

144913 - SuSE SLES 11 SP4 SUSE-SU-2016:2493-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2013-5653, CVE-2015-3228, CVE-2016-7977, CVE-2016-7979

Description The scan detected that the host is missing the following update: SUSE-SU-2016:2493-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002322.html

SuSE SLES 11 SP4 i586 ghostscript-x11-8.62-32.38.1 ghostscript-fonts-rus-8.62-32.38.1 ghostscript-omni-8.62-32.38.1 ghostscript-library-8.62-32.38.1 ghostscript-fonts-std-8.62-32.38.1 libgimpprint-4.2.7-32.38.1 ghostscript-fonts-other-8.62-32.38.1 x86_64 ghostscript-x11-8.62-32.38.1 ghostscript-fonts-rus-8.62-32.38.1 ghostscript-omni-8.62-32.38.1 ghostscript-library-8.62-32.38.1 ghostscript-fonts-std-8.62-32.38.1 libgimpprint-4.2.7-32.38.1 ghostscript-fonts-other-8.62-32.38.1

163168 - Oracle Enterprise Linux ELSA-2016-2046 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-7810, CVE-2015-5346, CVE-2016-5388, CVE-2016-5425, CVE-2016-6325

Description The scan detected that the host is missing the following update: ELSA-2016-2046

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006407.html

OEL7 x86_64 tomcat-el-2.2-api-7.0.54-8.el7_2 tomcat-webapps-7.0.54-8.el7_2 tomcat-jsvc-7.0.54-8.el7_2 tomcat-javadoc-7.0.54-8.el7_2 tomcat-lib-7.0.54-8.el7_2 tomcat-servlet-3.0-api-7.0.54-8.el7_2 tomcat-jsp-2.2-api-7.0.54-8.el7_2 tomcat-7.0.54-8.el7_2 tomcat-admin-webapps-7.0.54-8.el7_2 tomcat-docs-webapp-7.0.54-8.el7_2

163170 - Oracle Enterprise Linux ELSA-2016-2045 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, CVE-2016-0714, CVE-2016-5388, CVE-2016-6325

Description The scan detected that the host is missing the following update: ELSA-2016-2045

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006408.html

OEL6 x86_64 tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8 i386 tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8

175019 - Scientific Linux Security ERRATA Important: tomcat on SL7.x (noarch) (1610-1735)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2014-7810, CVE-2015-5346, CVE-2016-5388, CVE-2016-5425, CVE-2016-6325

Description The scan detected that the host is missing the following update: Security ERRATA Important: tomcat on SL7.x (noarch) (1610-1735)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1610&L=scientific-linux-errata&F=&S=&P=1735

SL7 noarch tomcat-admin-webapps-7.0.54-8.el7_2 tomcat-el-2.2-api-7.0.54-8.el7_2 tomcat-webapps-7.0.54-8.el7_2 tomcat-jsvc-7.0.54-8.el7_2 tomcat-javadoc-7.0.54-8.el7_2 tomcat-lib-7.0.54-8.el7_2 tomcat-jsp-2.2-api-7.0.54-8.el7_2 tomcat-7.0.54-8.el7_2 tomcat-docs-webapp-7.0.54-8.el7_2 tomcat-servlet-3.0-api-7.0.54-8.el7_2

175022 - Scientific Linux Security ERRATA Important: tomcat6 on SL6.x (noarch) (1610-1313)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, CVE-2016-0714, CVE-2016-5388, CVE-2016-6325

Description The scan detected that the host is missing the following update: Security ERRATA Important: tomcat6 on SL6.x (noarch) (1610-1313)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1610&L=scientific-linux-errata&F=&S=&P=1313

SL6 noarch tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8

178221 - Gentoo Linux GLSA-201610-06 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2015-2582, CVE-2015-2611, CVE-2015-2617, CVE-2015-2620, CVE-2015-2639, CVE-2015-2641, CVE-2015-2643, CVE- 2015-2648, CVE-2015-2661, CVE-2015-4737, CVE-2015-4752, CVE-2015-4756, CVE-2015-4757, CVE-2015-4767, CVE-2015-4769, CVE-2015-4771, CVE-2015-4772

Description The scan detected that the host is missing the following update: GLSA-201610-06

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-06

Affected packages: dev-db/mysql < 5.6.31 dev-db/mariadb < 10.0.27

182133 - FreeBSD openjpeg Multiple Vulnerabilities (b7d56d0b-7a11-11e6-af78-589cfc0654e1)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-5157, CVE-2016-7163

Description The scan detected that the host is missing the following update: openjpeg -- multiple vulnerabilities (b7d56d0b-7a11-11e6-af78-589cfc0654e1)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/b7d56d0b-7a11-11e6-af78-589cfc0654e1.html

Affected packages: openjpeg < 2.1.1_1

185439 - Ubuntu Linux 14.04, 16.04 USN-3091-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-5170, CVE-2016-5171, CVE-2016-5172, CVE-2016-5175, CVE-2016-5177, CVE-2016-5178, CVE-2016-7549

Description The scan detected that the host is missing the following update: USN-3091-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003580.html

Ubuntu 14.04 liboxideqtcore0_1.17.9-0ubuntu0.14.04.1

Ubuntu 16.04 liboxideqtcore0_1.17.9-0ubuntu0.16.04.1

20613 - (SYM16-015) Symantec Mail Security for Domino Decomposer Engine Multiple Vulnerabilities

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2016-5309, CVE-2016-5310

Description Multiple vulnerabilities are present in some versions of Symantec Mail Security for Domino.

Observation Symantec Mail Security for Domino is a mail server protection application.

Multiple vulnerabilities are present in some versions of Symantec Mail Security for Domino. The flaws lie in the RAR file parser included in the antivirus decomposer engine. Successful exploitation could allow an attacker to cause a denial of service condition.

178226 - Gentoo Linux GLSA-201610-02 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2014-3581, CVE-2015-3183, CVE-2016-1546, CVE-2016-4979

Description The scan detected that the host is missing the following update: GLSA-201610-02

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-02

Affected packages: www-servers/apache < 2.4.23

185435 - Ubuntu Linux 12.04, 14.04, 16.04 USN-3096-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE- 2015-8138, CVE-2015-8158, CVE-2016-0727, CVE-2016-1547, CVE-2016-1548, CVE-2016-1550, CVE-2016-2516, CVE-2016-2518, CVE-2016-4954, CVE-2016-4955, CVE-2016-4956

Description The scan detected that the host is missing the following update: USN-3096-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003579.html

Ubuntu 12.04 ntp_4.2.6.p3+dfsg-1ubuntu3.11 Ubuntu 16.04 ntp_4.2.8p4+dfsg-3ubuntu5.3

Ubuntu 14.04 ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.10

191208 - Fedora Linux 25 FEDORA-2016-9273c6809c Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-1246

Description The scan detected that the host is missing the following update: FEDORA-2016-9273c6809c

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 perl-DBD-MySQL-4.037-1.fc25

191212 - Fedora Linux 25 FEDORA-2016-704e85cac2 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7401

Description The scan detected that the host is missing the following update: FEDORA-2016-704e85cac2

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 25 python-django-1.9.10-1.fc25

191213 - Fedora Linux 23 FEDORA-2016-0551065fe0 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7044, CVE-2016-7045, CVE-2016-7553 Description The scan detected that the host is missing the following update: FEDORA-2016-0551065fe0

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 23 irssi-0.8.20-2.fc23

191214 - Fedora Linux 24 FEDORA-2016-5706eeb875 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7401

Description The scan detected that the host is missing the following update: FEDORA-2016-5706eeb875

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 24 python-django-1.9.10-1.fc24

191216 - Fedora Linux 23 FEDORA-2016-fe55f449e0 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7445

Description The scan detected that the host is missing the following update: FEDORA-2016-fe55f449e0

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 23 mingw-openjpeg2-2.1.2-1.fc23 191217 - Fedora Linux 25 FEDORA-2016-0bf602e920 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7445

Description The scan detected that the host is missing the following update: FEDORA-2016-0bf602e920

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4

Fedora Core 25 openjpeg2-2.1.2-1.fc25

191218 - Fedora Linux 24 FEDORA-2016-a64716084e Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7044, CVE-2016-7045, CVE-2016-7553

Description The scan detected that the host is missing the following update: FEDORA-2016-a64716084e

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 24 irssi-0.8.20-2.fc24

191221 - Fedora Linux 24 FEDORA-2016-c23a8ce9e5 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7445

Description The scan detected that the host is missing the following update: FEDORA-2016-c23a8ce9e5

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 24 mingw-openjpeg2-2.1.2-1.fc24

191226 - Fedora Linux 25 FEDORA-2016-f99c0a8b69 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-8948, CVE-2016-6261, CVE-2016-6262, CVE-2016-6263

Description The scan detected that the host is missing the following update: FEDORA-2016-f99c0a8b69

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 mingw-libidn-1.33-1.fc25

191234 - Fedora Linux 23 FEDORA-2016-ad1871cf02 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7445

Description The scan detected that the host is missing the following update: FEDORA-2016-ad1871cf02

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 23 openjpeg2-2.1.2-1.fc23

191246 - Fedora Linux 23 FEDORA-2016-3795497354 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7401

Description The scan detected that the host is missing the following update: FEDORA-2016-3795497354

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 23 python-django-1.8.15-1.fc23

191255 - Fedora Linux 25 FEDORA-2016-f8235d2ef9 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7445

Description The scan detected that the host is missing the following update: FEDORA-2016-f8235d2ef9

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4

Fedora Core 25 mingw-openjpeg2-2.1.2-1.fc25

20646 - (SYM16-015) Symantec Protection Engine Decomposer Engine Multiple Vulnerabilities

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2016-5309, CVE-2016-5310

Description Multiple vulnerabilities are present in some versions of Symantec Protection Engine.

Observation Symantec Protection Engine is a network based security solution for virus analysis in files.

Multiple vulnerabilities are present in some versions of Symantec Protection Engine. The flaw lies in the Symantec Decomposer Engine. This vulnerabilities could allow an attacker to cause an application-level denial of service. Successful exploitation requires an attacker to send a maliciously crafted RAR file for analysis.

20691 - (SYM16-015) Symantec Protection Engine Decomposer Engine Multiple Vulnerabilities

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2016-5309, CVE-2016-5310 Description Multiple vulnerabilities are present in some versions of Symantec Protection Engine.

Observation Symantec Protection Engine is a network based security solution for virus analysis in files.

Multiple vulnerabilities are present in some versions of Symantec Protection Engine. The flaw lies in the Symantec Decomposer Engine. This vulnerabilities could allow an attacker to cause an application-level denial of service. Successful exploitation requires an attacker to send a maliciously crafted RAR file for analysis.

144910 - SuSE Linux 13.2 openSUSE-SU-2016:2465-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-0012

Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2465-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-10/msg00021.html

SuSE Linux 13.2 noarch python-Jinja2-2.8-3.3.1 python-Jinja2-emacs-2.8-3.3.1 python-Jinja2-vim-2.8-3.3.1

185433 - Ubuntu Linux 12.04 USN-3098-2 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6136, CVE-2016-6480, CVE-2016-6828, CVE-2016-7039

Description The scan detected that the host is missing the following update: USN-3098-2

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003583.html

Ubuntu 12.04 linux-image-3.13.0-98-generic-lpae_3.13.0-98.145~precise1 linux-image-3.13.0-98-generic_3.13.0-98.145~precise1 185434 - Ubuntu Linux 16.04 USN-3099-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6130, CVE-2016-6480, CVE-2016-6828, CVE-2016-7039

Description The scan detected that the host is missing the following update: USN-3099-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003584.html

Ubuntu 16.04 linux-image-4.4.0-42-lowlatency_4.4.0-42.62 linux-image-4.4.0-42-generic_4.4.0-42.62 linux-image-4.4.0-42-powerpc64-emb_4.4.0-42.62 linux-image-4.4.0-42-powerpc64-smp_4.4.0-42.62 linux-image-4.4.0-42-powerpc-e500mc_4.4.0-42.62 linux-image-4.4.0-42-powerpc-smp_4.4.0-42.62 linux-image-4.4.0-42-generic-lpae_4.4.0-42.62

185436 - Ubuntu Linux 14.04 USN-3098-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6136, CVE-2016-6480, CVE-2016-6828, CVE-2016-7039

Description The scan detected that the host is missing the following update: USN-3098-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003582.html

Ubuntu 14.04 linux-image-3.13.0-98-powerpc-smp_3.13.0-98.145 linux-image-3.13.0-98-powerpc-e500mc_3.13.0-98.145 linux-image-3.13.0-98-powerpc64-emb_3.13.0-98.145 linux-image-3.13.0-98-powerpc-e500_3.13.0-98.145 linux-image-3.13.0-98-lowlatency_3.13.0-98.145 linux-image-3.13.0-98-generic_3.13.0-98.145 linux-image-3.13.0-98-generic-lpae_3.13.0-98.145 linux-image-3.13.0-98-powerpc64-smp_3.13.0-98.145

185437 - Ubuntu Linux 16.04 USN-3099-4 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6480, CVE-2016-6828, CVE-2016-7039

Description The scan detected that the host is missing the following update: USN-3099-4

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003587.html

Ubuntu 16.04 linux-image-4.4.0-1030-snapdragon_4.4.0-1030.33

185438 - Ubuntu Linux 16.04 USN-3099-3 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6480, CVE-2016-6828, CVE-2016-7039

Description The scan detected that the host is missing the following update: USN-3099-3

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003586.html

Ubuntu 16.04 linux-image-4.4.0-1027-raspi2_4.4.0-1027.33

185440 - Ubuntu Linux 12.04 USN-3097-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6136, CVE-2016-6480, CVE-2016-6828

Description The scan detected that the host is missing the following update: USN-3097-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003581.html

Ubuntu 12.04 linux-image-3.2.0-111-omap_3.2.0-111.153 linux-image-3.2.0-111-virtual_3.2.0-111.153 linux-image-3.2.0-111-powerpc-smp_3.2.0-111.153 linux-image-3.2.0-111-generic_3.2.0-111.153 linux-image-3.2.0-111-highbank_3.2.0-111.153 linux-image-3.2.0-111-generic-pae_3.2.0-111.153 linux-image-3.2.0-111-powerpc64-smp_3.2.0-111.153

185441 - Ubuntu Linux 14.04 USN-3099-2 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6480, CVE-2016-6828, CVE-2016-7039

Description The scan detected that the host is missing the following update: USN-3099-2

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003585.html

Ubuntu 14.04 linux-image-4.4.0-42-powerpc-e500mc_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-generic-lpae_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-lowlatency_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-powerpc64-smp_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-powerpc64-emb_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-powerpc-smp_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-generic_4.4.0-42.62~14.04.1

191207 - Fedora Linux 25 FEDORA-2016-d6c87eb4af Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2013-5855

Description The scan detected that the host is missing the following update: FEDORA-2016-d6c87eb4af

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5

Fedora Core 25 mojarra-2.2.13-1.fc25

182128 - FreeBSD FreeBSD Multiple Portsnap Vulnerabilities (e7dcd69d-8ee6-11e6-a590-14dae9d210b8) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FreeBSD -- Multiple portsnap vulnerabilities (e7dcd69d-8ee6-11e6-a590-14dae9d210b8)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/e7dcd69d-8ee6-11e6-a590-14dae9d210b8.html

Affected packages: 11.0 <= FreeBSD < 11.0_1 10.3 <= FreeBSD < 10.3_10 10.2 <= FreeBSD < 10.2_23 10.1 <= FreeBSD < 10.1_40 9.3 <= FreeBSD < 9.3_48

182129 - FreeBSD X.org libraries Multiple Vulnerabilities (1cf65085-a760-41d2-9251-943e1af62eb8)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5407

Description The scan detected that the host is missing the following update: X.org libraries -- multiple vulnerabilities (1cf65085-a760-41d2-9251-943e1af62eb8)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/1cf65085-a760-41d2-9251-943e1af62eb8.html

Affected packages: libX11 < 1.6.4,1 libXfixes < 5.0.3 libXi < 1.7.7,1 libXrandr < 1.5.1 libXrender < 0.9.10 libXtst < 1.2.3 libXv < 1.0.11,1 libXvMC < 1.0.10

182130 - FreeBSD FreeBSD Multiple Libarchive Vulnerabilities (1a71a972-8ee7-11e6-a590-14dae9d210b8)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FreeBSD -- Multiple libarchive vulnerabilities (1a71a972-8ee7-11e6-a590-14dae9d210b8)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/1a71a972-8ee7-11e6-a590-14dae9d210b8.html

Affected packages: 11.0 <= FreeBSD < 11.0_1 10.3 <= FreeBSD < 10.3_10 10.2 <= FreeBSD < 10.2_23 10.1 <= FreeBSD < 10.1_40

182132 - FreeBSD FreeBSD Heap Overflow Vulnerability In Bspatch (ce808022-8ee6-11e6-a590-14dae9d210b8)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FreeBSD -- Heap overflow vulnerability in bspatch (ce808022-8ee6-11e6-a590-14dae9d210b8)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/ce808022-8ee6-11e6-a590-14dae9d210b8.html

Affected packages: 11.0 <= FreeBSD < 11.0_1 10.3 <= FreeBSD < 10.3_10 10.2 <= FreeBSD < 10.2_23 10.1 <= FreeBSD < 10.1_40 9.3 <= FreeBSD < 9.3_48

182134 - FreeBSD mkvtoolnix Code Execution Via Specially Crafted Files (aeb7874e-8df1-11e6-a082-5404a68ad561)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: mkvtoolnix -- code execution via specially crafted files (aeb7874e-8df1-11e6-a082-5404a68ad561)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/aeb7874e-8df1-11e6-a082-5404a68ad561.html

Affected packages: mkvtoolnix < 9.4.1

191203 - Fedora Linux 25 FEDORA-2016-b25fe4c362 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2016-b25fe4c362

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 perl-Image-Info-1.38-6.fc25

191204 - Fedora Linux 25 FEDORA-2016-894abe29d2 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7795

Description The scan detected that the host is missing the following update: FEDORA-2016-894abe29d2

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5

Fedora Core 25 systemd-231-6.fc25

191205 - Fedora Linux 25 FEDORA-2016-ade20198ff Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7949, CVE-2016-7950

Description The scan detected that the host is missing the following update: FEDORA-2016-ade20198ff

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 libXrender-0.9.10-1.fc25

191206 - Fedora Linux 25 FEDORA-2016-2c4b5ad64e Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7543

Description The scan detected that the host is missing the following update: FEDORA-2016-2c4b5ad64e

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5

Fedora Core 25 bash-4.3.43-4.fc25

191209 - Fedora Linux 24 FEDORA-2016-7f193a0c59 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-4861, CVE-2016-6233

Description The scan detected that the host is missing the following update: FEDORA-2016-7f193a0c59

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 24 php-ZendFramework-1.12.20-1.fc24

191210 - Fedora Linux 25 FEDORA-2016-9960d370f7 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6173 Description The scan detected that the host is missing the following update: FEDORA-2016-9960d370f7

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 nsd-4.1.13-1.fc25

191211 - Fedora Linux 25 FEDORA-2016-a06c8cc941 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7947, CVE-2016-7948

Description The scan detected that the host is missing the following update: FEDORA-2016-a06c8cc941

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 libXrandr-1.5.1-1.fc25

191215 - Fedora Linux 25 FEDORA-2016-8d73759936 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7563, CVE-2016-7564

Description The scan detected that the host is missing the following update: FEDORA-2016-8d73759936

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 mujs-0-5.20160921git5c337af.fc25 zathura-pdf-mupdf-0.3.0-2.fc25 191219 - Fedora Linux 25 FEDORA-2016-541495b486 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2016-541495b486

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 25 ca-certificates-2016.2.10-1.0.fc25

191220 - Fedora Linux 24 FEDORA-2016-e1d4972701 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6173

Description The scan detected that the host is missing the following update: FEDORA-2016-e1d4972701

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 24 nsd-4.1.13-1.fc24

191222 - Fedora Linux 25 FEDORA-2016-37b9932690 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7953

Description The scan detected that the host is missing the following update: FEDORA-2016-37b9932690

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 libXvMC-1.0.10-1.fc25

191225 - Fedora Linux 24 FEDORA-2016-ae6d4b4c33 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2016-ae6d4b4c33

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 24 ca-certificates-2016.2.10-1.0.fc24

191228 - Fedora Linux 23 FEDORA-2016-1b9d24c2b6 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7563, CVE-2016-7564

Description The scan detected that the host is missing the following update: FEDORA-2016-1b9d24c2b6

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 23 mujs-0-5.20160921git5c337af.fc23 zathura-pdf-mupdf-0.3.0-2.fc23

191229 - Fedora Linux 24 FEDORA-2016-a236cb3315 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7953

Description The scan detected that the host is missing the following update: FEDORA-2016-a236cb3315

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 24 libXvMC-1.0.10-1.fc24

191231 - Fedora Linux 25 FEDORA-2016-a90040934d Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5177, CVE-2016-5178

Description The scan detected that the host is missing the following update: FEDORA-2016-a90040934d

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5

Fedora Core 25 chromium-53.0.2785.143-1.fc25

191232 - Fedora Linux 25 FEDORA-2016-f71cc44cf8 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5407

Description The scan detected that the host is missing the following update: FEDORA-2016-f71cc44cf8

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 libXv-1.0.11-1.fc25

191233 - Fedora Linux 25 FEDORA-2016-94293f91e8 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2016-94293f91e8

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5

Fedora Core 25 openssh-7.3p1-4.fc25

191235 - Fedora Linux 25 FEDORA-2016-b7e8e980ef Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7545

Description The scan detected that the host is missing the following update: FEDORA-2016-b7e8e980ef

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 policycoreutils-2.5-17.fc25 libsepol-2.5-10.fc25 checkpolicy-2.5-8.fc25 secilc-2.5-6.fc25 libsemanage-2.5-8.fc25 libselinux-2.5-12.fc25

191236 - Fedora Linux 24 FEDORA-2016-83040426d6 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7947, CVE-2016-7948

Description The scan detected that the host is missing the following update: FEDORA-2016-83040426d6

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 24 libXrandr-1.5.1-1.fc24

191237 - Fedora Linux 25 FEDORA-2016-39de4eb5e7 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7553

Description The scan detected that the host is missing the following update: FEDORA-2016-39de4eb5e7

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 25 irssi-0.8.20-2.fc25

191239 - Fedora Linux 25 FEDORA-2016-666d95d1d5 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-4861, CVE-2016-6233

Description The scan detected that the host is missing the following update: FEDORA-2016-666d95d1d5

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4

Fedora Core 25 php-ZendFramework-1.12.20-1.fc25

191241 - Fedora Linux 24 FEDORA-2016-cabb6d7ef7 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7945, CVE-2016-7946 Description The scan detected that the host is missing the following update: FEDORA-2016-cabb6d7ef7

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 24 libXi-1.7.7-1.fc24

191242 - Fedora Linux 24 FEDORA-2016-861b8c46b7 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7099

Description The scan detected that the host is missing the following update: FEDORA-2016-861b8c46b7

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 24 nodejs-4.6.0-5.fc24

191243 - Fedora Linux 25 FEDORA-2016-e6ba110670 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7951, CVE-2016-7952

Description The scan detected that the host is missing the following update: FEDORA-2016-e6ba110670

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 libXtst-1.2.3-1.fc25 191244 - Fedora Linux 24 FEDORA-2016-8877cf648b Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7949, CVE-2016-7950

Description The scan detected that the host is missing the following update: FEDORA-2016-8877cf648b

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 24 libXrender-0.9.10-1.fc24

191247 - Fedora Linux 24 FEDORA-2016-c1d4b1df79 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7951, CVE-2016-7952

Description The scan detected that the host is missing the following update: FEDORA-2016-c1d4b1df79

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 24 libXtst-1.2.3-1.fc24

191248 - Fedora Linux 25 FEDORA-2016-8b122b0997 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7945, CVE-2016-7946

Description The scan detected that the host is missing the following update: FEDORA-2016-8b122b0997

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 libXi-1.7.7-1.fc25

191249 - Fedora Linux 25 FEDORA-2016-0df69ab477 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7942, CVE-2016-7943

Description The scan detected that the host is missing the following update: FEDORA-2016-0df69ab477

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5

Fedora Core 25 libX11-1.6.4-1.fc25

191250 - Fedora Linux 24 FEDORA-2016-294e0ed595 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2016-294e0ed595

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 24 python-pillow-3.2.0-3.fc24

191251 - Fedora Linux 25 FEDORA-2016-9b8717537a Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7410, CVE-2016-7510

Description The scan detected that the host is missing the following update: FEDORA-2016-9b8717537a

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4

Fedora Core 25 libdwarf-20161001-1.fc25

191252 - Fedora Linux 25 FEDORA-2016-43ff70c6b1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7099

Description The scan detected that the host is missing the following update: FEDORA-2016-43ff70c6b1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4

Fedora Core 25 nodejs-6.7.0-107.fc25

191253 - Fedora Linux 24 FEDORA-2016-ff5a2f4839 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7944

Description The scan detected that the host is missing the following update: FEDORA-2016-ff5a2f4839

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 24 libXfixes-5.0.3-1.fc24

191254 - Fedora Linux 24 FEDORA-2016-5aa206bd16 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5407

Description The scan detected that the host is missing the following update: FEDORA-2016-5aa206bd16

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 24 libXv-1.0.11-1.fc24

191257 - Fedora Linux 24 FEDORA-2016-c75bdc394a Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7563, CVE-2016-7564

Description The scan detected that the host is missing the following update: FEDORA-2016-c75bdc394a

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1

Fedora Core 24 zathura-pdf-mupdf-0.3.0-2.fc24 mujs-0-5.20160921git5c337af.fc24

191258 - Fedora Linux 23 FEDORA-2016-77e5105570 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-4861, CVE-2016-6233

Description The scan detected that the host is missing the following update: FEDORA-2016-77e5105570

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3 Fedora Core 23 php-ZendFramework-1.12.20-1.fc23

191259 - Fedora Linux 25 FEDORA-2016-72d7f05b90 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7944

Description The scan detected that the host is missing the following update: FEDORA-2016-72d7f05b90

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2

Fedora Core 25 libXfixes-5.0.3-1.fc25

191260 - Fedora Linux 24 FEDORA-2016-328754be1c Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7410, CVE-2016-7510

Description The scan detected that the host is missing the following update: FEDORA-2016-328754be1c

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3

Fedora Core 24 libdwarf-20160929-1.fc24

182131 - FreeBSD redis Sensitive Information Leak Through Command History File (fa175f30-8c75-11e6-924a- 60a44ce6887b)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2013-7458

Description The scan detected that the host is missing the following update: redis -- sensitive information leak through command history file (fa175f30-8c75-11e6-924a-60a44ce6887b) Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/fa175f30-8c75-11e6-924a-60a44ce6887b.html

Affected packages: redis < 3.2.3 redis-devel < 3.2.3

191202 - Fedora Linux 24 FEDORA-2016-89060100d7 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6494

Description The scan detected that the host is missing the following update: FEDORA-2016-89060100d7

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5

Fedora Core 24 mongodb-3.2.8-2.fc24

178222 - Gentoo Linux GLSA-201610-04 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Low CVE: CVE-2014-3591, CVE-2015-0837, CVE-2015-7511, CVE-2016-6313

Description The scan detected that the host is missing the following update: GLSA-201610-04

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-04

Affected packages: dev-libs/libgcrypt < 1.7.3

ENHANCED CHECKS

The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 182124 - FreeBSD OpenSSL Multiple Vulnerabilities (91a337d8-83ed-11e6-bf52-b499baebfeaf)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2016-6309, CVE-2016-7052

Update Details FASLScript is updated

182125 - FreeBSD OpenSSL Multiple Vulnerabilities (43eaa656-80bc-11e6-bf52-b499baebfeaf)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE- 2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308

Update Details FASLScript is updated

182126 - FreeBSD BIND Remote Denial Of Service Vulnerability (c8d902b1-8550-11e6-81e7-d050996490d0)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2016-2776

Update Details FASLScript is updated

HOW TO UPDATE

FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.

FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.

MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.

MCAFEE TECHNICAL SUPPORT

ServicePortal: https://mysupport.mcafee.com Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.

This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies. Copyright 2016 McAfee, Inc. McAfee is a registered trademark of McAfee, Inc. and/or its affiliates