2016-OCT-13 FSL version 7.5.857
MCAFEE FOUNDSTONE FSL UPDATE
To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.
NEW CHECKS
191256 - Fedora Linux 25 FEDORA-2016-81e5a36d8c Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-7116, CVE-2016-7161, CVE-2016-7777
Description The scan detected that the host is missing the following update: FEDORA-2016-81e5a36d8c
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 25 xen-4.7.0-6.fc25
130604 - Debian Linux 8.0 DSA-3688-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2015-4000, CVE-2015-7181, CVE-2015-7182, CVE-2015-7575, CVE-2016-1938, CVE-2016-1950, CVE-2016-1978, CVE- 2016-1979, CVE-2016-2834
Description The scan detected that the host is missing the following update: DSA-3688-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3688
Debian 8.0 all libnss3-tools_2:3.26-1+debu8u1 libnss3-1d_2:3.26-1+debu8u1 libnss3_2:3.26-1+debu8u1 libnss3-dbg_2:3.26-1+debu8u1 libnss3-dev_2:3.26-1+debu8u1 144916 - SuSE Linux 13.2 openSUSE-SU-2016:2496-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1669, CVE-2016-2178, CVE-2016-2183, CVE-2016-5325, CVE-2016-6304, CVE-2016-6306, CVE-2016-7052, CVE- 2016-7099
Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2496-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-10/msg00032.html
SuSE Linux 13.2 i586 nodejs-devel-4.6.0-24.2 nodejs-debugsource-4.6.0-24.2 nodejs-debuginfo-4.6.0-24.2 nodejs-4.6.0-24.2 noarch nodejs-doc-4.6.0-24.2 x86_64 nodejs-devel-4.6.0-24.2 nodejs-debugsource-4.6.0-24.2 nodejs-debuginfo-4.6.0-24.2 nodejs-4.6.0-24.2
178220 - Gentoo Linux GLSA-201610-05 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2014-0032, CVE-2014-3504, CVE-2014-3522, CVE-2014-3528, CVE-2015-0202, CVE-2015-0248, CVE-2015-0251, CVE- 2015-3184, CVE-2015-3187, CVE-2015-5259, CVE-2016-2167, CVE-2016-2168
Description The scan detected that the host is missing the following update: GLSA-201610-05
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-05
Affected packages: dev-vcs/subversion < 1.9.4 net-libs/serf < 1.3.7 20473 - Navis WebAccess SQL Injection Vulnerability
Category: General Vulnerability Assessment -> NonIntrusive -> SCADA Risk Level: High CVE: CVE-2016-5817
Description A SQL injection vulnerability is present in some versions of Navis WebAccess.
Observation Navis WebAccess is a web-based application that provides the operator and its constituents with real-time, online access to operational logistics information.
A SQL injection vulnerability is present in some versions of Navis WebAccess. The flaw lies in showNotice.do. Successful exploitation could allow an attacker to execute arbitrary code.
20615 - Mozilla Firefox Multiple Vulnerabilities Prior To 49
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-2827, CVE-2016-5256, CVE-2016-5257, CVE-2016-5270, CVE-2016-5271, CVE-2016-5272, CVE-2016-5273, CVE- 2016-5274, CVE-2016-5275, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278, CVE-2016-5279, CVE-2016-5280, CVE-2016-5281, CVE-2016-5282, CVE-2016-5283, CVE-2016-5284
Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.
Observation Mozilla Firefox is a popular web browser.
Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition, conduct spoofing attacks, retrieve sensitive data, remotely execute arbitrary code or have other unspecified impact on the target system.
20616 - Mozilla Firefox Multiple Vulnerabilities Prior To 49
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2016-2827, CVE-2016-5256, CVE-2016-5257, CVE-2016-5270, CVE-2016-5271, CVE-2016-5272, CVE-2016-5273, CVE- 2016-5274, CVE-2016-5275, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278, CVE-2016-5279, CVE-2016-5280, CVE-2016-5281, CVE-2016-5282, CVE-2016-5283, CVE-2016-5284
Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.
Observation Mozilla Firefox is a popular web browser.
Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition, conduct spoofing attacks, retrieve sensitive data, remotely execute arbitrary code or have other unspecified impact on the target system. 20694 - Moxa Active OPC Server Unquoted Service Path Escalation Vulnerability
Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-5793
Description A vulnerability is present in some versions of Moxa Active OPC Server.
Observation Moxa Active OPC Server is a software interface that interacts with SCADA or HMI systems.
A vulnerability is present in some versions of Moxa Active OPC Server. The flaw lies in how the product handles the user-provided input in search path fields. Successful exploitation could allow an attacker to escalate privileges. Exploitation requires local access to the vulnerable system.
130603 - Debian Linux 8.0 DSA-3689-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE- 2016-7131, CVE-2016-7132, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418
Description The scan detected that the host is missing the following update: DSA-3689-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3689
Debian 8.0 all php5_5.6.26+dfsg-0+deb8u1
130605 - Debian Linux 8.0 DSA-3687-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2016-1951
Description The scan detected that the host is missing the following update: DSA-3687-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3687 Debian 8.0 all libnspr4-dev_2:4.12-1+debu8u1 libnspr4_2:4.12-1+debu8u1 libnspr4-dbg_2:4.12-1+debu8u1 libnspr4-0d_2:4.12-1+debu8u1
130606 - Debian Linux 8.0 DSA-3690-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2016-5257
Description The scan detected that the host is missing the following update: DSA-3690-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3690
Debian 8.0 all icedove_1:45.4.0-1~deb8u1
132284 - Oracle VM OVMSA-2016-0139 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829
Description The scan detected that the host is missing the following update: OVMSA-2016-0139
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/oraclevm-errata/2016-October/000557.html
OVM3.3 x86_64 kernel-uek-firmware-3.8.13-118.13.2.el6uek kernel-uek-3.8.13-118.13.2.el6uek
132285 - Oracle VM OVMSA-2016-0138 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829 Description The scan detected that the host is missing the following update: OVMSA-2016-0138
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/oraclevm-errata/2016-October/000556.html
OVM3.4 x86_64 kernel-uek-firmware-4.1.12-61.1.13.el6uek kernel-uek-4.1.12-61.1.13.el6uek
141298 - Red Hat Enterprise Linux RHSA-2016-2047 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-7039
Description The scan detected that the host is missing the following update: RHSA-2016-2047
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://rhn.redhat.com/errata/RHSA-2016-2047.html
RHEL7D x86_64 kernel-debug-devel-3.10.0-327.36.2.el7 perf-debuginfo-3.10.0-327.36.2.el7 python-perf-debuginfo-3.10.0-327.36.2.el7 kernel-tools-debuginfo-3.10.0-327.36.2.el7 kernel-debug-3.10.0-327.36.2.el7 kernel-tools-3.10.0-327.36.2.el7 kernel-tools-libs-3.10.0-327.36.2.el7 kernel-3.10.0-327.36.2.el7 kernel-debug-debuginfo-3.10.0-327.36.2.el7 kernel-headers-3.10.0-327.36.2.el7 kernel-tools-libs-devel-3.10.0-327.36.2.el7 kernel-debuginfo-common-x86_64-3.10.0-327.36.2.el7 perf-3.10.0-327.36.2.el7 kernel-debuginfo-3.10.0-327.36.2.el7 kernel-devel-3.10.0-327.36.2.el7 python-perf-3.10.0-327.36.2.el7 noarch kernel-doc-3.10.0-327.36.2.el7 kernel-abi-whitelists-3.10.0-327.36.2.el7
RHEL7S noarch kernel-doc-3.10.0-327.36.2.el7 kernel-abi-whitelists-3.10.0-327.36.2.el7
RHEL7WS x86_64 kernel-debug-devel-3.10.0-327.36.2.el7 perf-debuginfo-3.10.0-327.36.2.el7 python-perf-debuginfo-3.10.0-327.36.2.el7 kernel-tools-debuginfo-3.10.0-327.36.2.el7 kernel-debug-3.10.0-327.36.2.el7 kernel-tools-3.10.0-327.36.2.el7 kernel-tools-libs-3.10.0-327.36.2.el7 kernel-3.10.0-327.36.2.el7 kernel-debug-debuginfo-3.10.0-327.36.2.el7 kernel-headers-3.10.0-327.36.2.el7 kernel-tools-libs-devel-3.10.0-327.36.2.el7 kernel-debuginfo-common-x86_64-3.10.0-327.36.2.el7 perf-3.10.0-327.36.2.el7 kernel-debuginfo-3.10.0-327.36.2.el7 kernel-devel-3.10.0-327.36.2.el7 python-perf-3.10.0-327.36.2.el7 noarch kernel-doc-3.10.0-327.36.2.el7 kernel-abi-whitelists-3.10.0-327.36.2.el7
144907 - SuSE SLES 12 SP1, SLED 12 SP1 SUSE-SU-2016:2473-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-6258, CVE-2016-6259, CVE-2016-6833, CVE-2016-6834, CVE-2016-6835, CVE-2016-6836, CVE-2016-6888, CVE- 2016-7092, CVE-2016-7093, CVE-2016-7094
Description The scan detected that the host is missing the following update: SUSE-SU-2016:2473-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002317.html
SuSE SLES 12 SP1 x86_64 xen-doc-html-4.5.3_10-20.1 xen-tools-domU-debuginfo-4.5.3_10-20.1 xen-tools-debuginfo-4.5.3_10-20.1 xen-tools-domU-4.5.3_10-20.1 xen-kmp-default-4.5.3_10_k3.12.62_60.62-20.1 xen-libs-32bit-4.5.3_10-20.1 xen-libs-debuginfo-32bit-4.5.3_10-20.1 xen-tools-4.5.3_10-20.1 xen-4.5.3_10-20.1 xen-libs-4.5.3_10-20.1 xen-kmp-default-debuginfo-4.5.3_10_k3.12.62_60.62-20.1 xen-debugsource-4.5.3_10-20.1 xen-libs-debuginfo-4.5.3_10-20.1 SuSE SLED 12 SP1 x86_64 xen-libs-debuginfo-32bit-4.5.3_10-20.1 xen-kmp-default-debuginfo-4.5.3_10_k3.12.62_60.62-20.1 xen-debugsource-4.5.3_10-20.1 xen-kmp-default-4.5.3_10_k3.12.62_60.62-20.1 xen-4.5.3_10-20.1 xen-libs-debuginfo-4.5.3_10-20.1 xen-libs-32bit-4.5.3_10-20.1 xen-libs-4.5.3_10-20.1
144908 - SuSE SLED 12 SP1 SUSE-SU-2016:2468-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE- 2016-6303, CVE-2016-6304, CVE-2016-6306
Description The scan detected that the host is missing the following update: SUSE-SU-2016:2468-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002313.html
SuSE SLED 12 SP1 x86_64 libopenssl0_9_8-0.9.8j-102.1 libopenssl0_9_8-32bit-0.9.8j-102.1 libopenssl0_9_8-debuginfo-0.9.8j-102.1 libopenssl0_9_8-debuginfo-32bit-0.9.8j-102.1 compat-openssl098-debugsource-0.9.8j-102.1
144909 - SuSE SLES 11 SP4 SUSE-SU-2016:2459-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE- 2016-7131, CVE-2016-7132, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418
Description The scan detected that the host is missing the following update: SUSE-SU-2016:2459-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002310.html
SuSE SLES 11 SP4 i586 php53-bz2-5.3.17-84.1 apache2-mod_php53-5.3.17-84.1 php53-zip-5.3.17-84.1 php53-pspell-5.3.17-84.1 php53-mbstring-5.3.17-84.1 php53-snmp-5.3.17-84.1 php53-dom-5.3.17-84.1 php53-sysvshm-5.3.17-84.1 php53-json-5.3.17-84.1 php53-exif-5.3.17-84.1 php53-curl-5.3.17-84.1 php53-xmlwriter-5.3.17-84.1 php53-dba-5.3.17-84.1 php53-gd-5.3.17-84.1 php53-soap-5.3.17-84.1 php53-sysvsem-5.3.17-84.1 php53-xsl-5.3.17-84.1 php53-fileinfo-5.3.17-84.1 php53-openssl-5.3.17-84.1 php53-5.3.17-84.1 php53-gmp-5.3.17-84.1 php53-xmlreader-5.3.17-84.1 php53-mcrypt-5.3.17-84.1 php53-wddx-5.3.17-84.1 php53-bcmath-5.3.17-84.1 php53-xmlrpc-5.3.17-84.1 php53-suhosin-5.3.17-84.1 php53-pcntl-5.3.17-84.1 php53-tokenizer-5.3.17-84.1 php53-mysql-5.3.17-84.1 php53-iconv-5.3.17-84.1 php53-ctype-5.3.17-84.1 php53-sysvmsg-5.3.17-84.1 php53-pdo-5.3.17-84.1 php53-calendar-5.3.17-84.1 php53-intl-5.3.17-84.1 php53-gettext-5.3.17-84.1 php53-odbc-5.3.17-84.1 php53-ldap-5.3.17-84.1 php53-shmop-5.3.17-84.1 php53-pgsql-5.3.17-84.1 php53-ftp-5.3.17-84.1 php53-fastcgi-5.3.17-84.1 php53-zlib-5.3.17-84.1 php53-pear-5.3.17-84.1 x86_64 php53-bz2-5.3.17-84.1 apache2-mod_php53-5.3.17-84.1 php53-zip-5.3.17-84.1 php53-pspell-5.3.17-84.1 php53-mbstring-5.3.17-84.1 php53-snmp-5.3.17-84.1 php53-dom-5.3.17-84.1 php53-sysvshm-5.3.17-84.1 php53-json-5.3.17-84.1 php53-exif-5.3.17-84.1 php53-curl-5.3.17-84.1 php53-xmlwriter-5.3.17-84.1 php53-dba-5.3.17-84.1 php53-gd-5.3.17-84.1 php53-soap-5.3.17-84.1 php53-sysvsem-5.3.17-84.1 php53-xsl-5.3.17-84.1 php53-fileinfo-5.3.17-84.1 php53-openssl-5.3.17-84.1 php53-5.3.17-84.1 php53-gmp-5.3.17-84.1 php53-xmlreader-5.3.17-84.1 php53-mcrypt-5.3.17-84.1 php53-wddx-5.3.17-84.1 php53-bcmath-5.3.17-84.1 php53-xmlrpc-5.3.17-84.1 php53-suhosin-5.3.17-84.1 php53-pcntl-5.3.17-84.1 php53-tokenizer-5.3.17-84.1 php53-mysql-5.3.17-84.1 php53-iconv-5.3.17-84.1 php53-ctype-5.3.17-84.1 php53-sysvmsg-5.3.17-84.1 php53-pdo-5.3.17-84.1 php53-calendar-5.3.17-84.1 php53-intl-5.3.17-84.1 php53-gettext-5.3.17-84.1 php53-odbc-5.3.17-84.1 php53-ldap-5.3.17-84.1 php53-shmop-5.3.17-84.1 php53-pgsql-5.3.17-84.1 php53-ftp-5.3.17-84.1 php53-fastcgi-5.3.17-84.1 php53-zlib-5.3.17-84.1 php53-pear-5.3.17-84.1
144911 - SuSE SLES 11 SP4 SUSE-SU-2016:2458-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE- 2016-6303, CVE-2016-6304, CVE-2016-6306
Description The scan detected that the host is missing the following update: SUSE-SU-2016:2458-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002309.html
SuSE SLES 11 SP4 i586 openssl-doc-0.9.8j-0.102.2 libopenssl0_9_8-hmac-0.9.8j-0.102.2 openssl-0.9.8j-0.102.2 libopenssl0_9_8-0.9.8j-0.102.2 x86_64 openssl-doc-0.9.8j-0.102.2 libopenssl0_9_8-hmac-32bit-0.9.8j-0.102.2 libopenssl0_9_8-32bit-0.9.8j-0.102.2 libopenssl0_9_8-0.9.8j-0.102.2 openssl-0.9.8j-0.102.2 libopenssl0_9_8-hmac-0.9.8j-0.102.2
144912 - SuSE SLES 12 SP1, SLED 12 SP1 SUSE-SU-2016:2492-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2013-5653, CVE-2016-7978, CVE-2016-7979
Description The scan detected that the host is missing the following update: SUSE-SU-2016:2492-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002321.html
SuSE SLES 12 SP1 x86_64 ghostscript-debuginfo-9.15-11.1 ghostscript-debugsource-9.15-11.1 ghostscript-9.15-11.1 ghostscript-x11-9.15-11.1 ghostscript-x11-debuginfo-9.15-11.1
SuSE SLED 12 SP1 x86_64 ghostscript-debuginfo-9.15-11.1 ghostscript-debugsource-9.15-11.1 ghostscript-9.15-11.1 ghostscript-x11-9.15-11.1 ghostscript-x11-debuginfo-9.15-11.1
144914 - SuSE Linux 13.2 openSUSE-SU-2016:2497-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2014-3615, CVE-2014-3672, CVE-2016-3158, CVE-2016-3159, CVE-2016-3710, CVE-2016-3712, CVE-2016-3960, CVE- 2016-4001, CVE-2016-4002, CVE-2016-4020, CVE-2016-4037, CVE-2016-4439, CVE-2016-4441, CVE-2016-4453, CVE-2016-4454, CVE-2016-4480, CVE-2016-4952, CVE-2016-4962, CVE-2016-4963, CVE-2016-5105, CVE-2016-5106, CVE-2016-5107, CVE-2016- 5126, CVE-2016-5238, CVE-2016-5337, CVE-2016-5338, CVE-2016-5403, CVE-2016-6258, CVE-2016-6351, CVE-2016-6833, CVE- 2016-6834, CVE-2016-6835, CVE-2016-6836, CVE-2016-6888, CVE-2016-7092, CVE-2016-7093, CVE-2016-7094, CVE-2016-7154
Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2497-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-10/msg00033.html
SuSE Linux 13.2 x86_64 xen-kmp-default-debuginfo-4.4.4_05_k3.16.7_42-49.1 xen-4.4.4_05-49.1 xen-libs-32bit-4.4.4_05-49.1 xen-libs-debuginfo-4.4.4_05-49.1 xen-devel-4.4.4_05-49.1 xen-tools-domU-debuginfo-4.4.4_05-49.1 xen-libs-4.4.4_05-49.1 xen-kmp-default-4.4.4_05_k3.16.7_42-49.1 xen-kmp-desktop-debuginfo-4.4.4_05_k3.16.7_42-49.1 xen-debugsource-4.4.4_05-49.1 xen-tools-debuginfo-4.4.4_05-49.1 xen-kmp-desktop-4.4.4_05_k3.16.7_42-49.1 xen-tools-4.4.4_05-49.1 xen-tools-domU-4.4.4_05-49.1 xen-doc-html-4.4.4_05-49.1 xen-libs-debuginfo-32bit-4.4.4_05-49.1 i586 xen-tools-domU-4.4.4_05-49.1 xen-tools-domU-debuginfo-4.4.4_05-49.1 xen-libs-debuginfo-4.4.4_05-49.1 xen-debugsource-4.4.4_05-49.1 xen-libs-4.4.4_05-49.1 xen-devel-4.4.4_05-49.1
144915 - SuSE SLES 12 SP1, SLED 12 SP1 SUSE-SU-2016:2476-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-7796
Description The scan detected that the host is missing the following update: SUSE-SU-2016:2476-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002319.html
SuSE SLES 12 SP1 noarch systemd-bash-completion-210-114.1 x86_64 libgudev-1_0-0-32bit-210-114.1 systemd-debuginfo-32bit-210-114.1 systemd-32bit-210-114.1 systemd-sysvinit-210-114.1 systemd-210-114.1 libudev1-32bit-210-114.1 udev-210-114.1 libudev1-210-114.1 libudev1-debuginfo-32bit-210-114.1 libudev1-debuginfo-210-114.1 libgudev-1_0-0-debuginfo-210-114.1 udev-debuginfo-210-114.1 libgudev-1_0-0-210-114.1 systemd-debuginfo-210-114.1 systemd-debugsource-210-114.1 libgudev-1_0-0-debuginfo-32bit-210-114.1
SuSE SLED 12 SP1 x86_64 libudev1-debuginfo-210-114.1 libgudev-1_0-0-32bit-210-114.1 systemd-32bit-210-114.1 systemd-sysvinit-210-114.1 systemd-210-114.1 libudev1-32bit-210-114.1 udev-210-114.1 libudev1-210-114.1 libudev1-debuginfo-32bit-210-114.1 systemd-debuginfo-32bit-210-114.1 libgudev-1_0-0-debuginfo-210-114.1 udev-debuginfo-210-114.1 libgudev-1_0-0-210-114.1 systemd-debuginfo-210-114.1 systemd-debugsource-210-114.1 libgudev-1_0-0-debuginfo-32bit-210-114.1 noarch systemd-bash-completion-210-114.1
144917 - SuSE Linux 13.2 openSUSE-SU-2016:2484-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2484-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-10/msg00026.html
SuSE Linux 13.2 x86_64 MozillaThunderbird-translations-common-45.4.0-49.1 MozillaThunderbird-debuginfo-45.4.0-49.1 MozillaThunderbird-45.4.0-49.1 MozillaThunderbird-translations-other-45.4.0-49.1 MozillaThunderbird-debugsource-45.4.0-49.1 MozillaThunderbird-devel-45.4.0-49.1 MozillaThunderbird-buildsymbols-45.4.0-49.1 i586 MozillaThunderbird-translations-common-45.4.0-49.1 MozillaThunderbird-debuginfo-45.4.0-49.1 MozillaThunderbird-45.4.0-49.1 MozillaThunderbird-translations-other-45.4.0-49.1 MozillaThunderbird-debugsource-45.4.0-49.1 MozillaThunderbird-devel-45.4.0-49.1 MozillaThunderbird-buildsymbols-45.4.0-49.1
144918 - SuSE Linux 13.2 openSUSE-SU-2016:2498-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-7787
Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2498-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-10/msg00034.html
SuSE Linux 13.2 i586 kde-cli-tools5-5.3.2-27.1 kde-cli-tools5-debuginfo-5.3.2-27.1 kde-cli-tools5-debugsource-5.3.2-27.1 noarch kde-cli-tools5-lang-5.3.2-27.1 x86_64 kde-cli-tools5-5.3.2-27.1 kde-cli-tools5-debuginfo-5.3.2-27.1 kde-cli-tools5-debugsource-5.3.2-27.1
160153 - CentOS 6 CESA-2016-2006 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2016-4470, CVE-2016-5829
Description The scan detected that the host is missing the following update: CESA-2016-2006
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2016-October/022117.html
CentOS 6 i686 kernel-devel-2.6.32-642.6.1.el6 kernel-2.6.32-642.6.1.el6 kernel-headers-2.6.32-642.6.1.el6 python-perf-2.6.32-642.6.1.el6 kernel-debug-2.6.32-642.6.1.el6 perf-2.6.32-642.6.1.el6 kernel-debug-devel-2.6.32-642.6.1.el6 noarch kernel-firmware-2.6.32-642.6.1.el6 kernel-abi-whitelists-2.6.32-642.6.1.el6 kernel-doc-2.6.32-642.6.1.el6 x86_64 kernel-devel-2.6.32-642.6.1.el6 kernel-2.6.32-642.6.1.el6 kernel-headers-2.6.32-642.6.1.el6 python-perf-2.6.32-642.6.1.el6 kernel-debug-2.6.32-642.6.1.el6 perf-2.6.32-642.6.1.el6 kernel-debug-devel-2.6.32-642.6.1.el6
163165 - Oracle Enterprise Linux ELSA-2016-3625 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829
Description The scan detected that the host is missing the following update: ELSA-2016-3625
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006396.html http://oss.oracle.com/pipermail/el-errata/2016-October/006395.html
OEL7 x86_64 kernel-uek-firmware-4.1.12-61.1.13.el7uek kernel-uek-debug-4.1.12-61.1.13.el7uek kernel-uek-devel-4.1.12-61.1.13.el7uek kernel-uek-debug-devel-4.1.12-61.1.13.el7uek kernel-uek-4.1.12-61.1.13.el7uek dtrace-modules-4.1.12-61.1.13.el7uek-0.5.3-2.el7 kernel-uek-doc-4.1.12-61.1.13.el7uek
OEL6 x86_64 kernel-uek-debug-4.1.12-61.1.13.el6uek kernel-uek-4.1.12-61.1.13.el6uek kernel-uek-devel-4.1.12-61.1.13.el6uek kernel-uek-firmware-4.1.12-61.1.13.el6uek dtrace-modules-4.1.12-61.1.13.el6uek-0.5.3-2.el6 kernel-uek-doc-4.1.12-61.1.13.el6uek kernel-uek-debug-devel-4.1.12-61.1.13.el6uek
163166 - Oracle Enterprise Linux ELSA-2016-3623 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829
Description The scan detected that the host is missing the following update: ELSA-2016-3623
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006398.html http://oss.oracle.com/pipermail/el-errata/2016-October/006397.html
OEL7 x86_64 kernel-uek-3.8.13-118.13.2.el7uek kernel-uek-firmware-3.8.13-118.13.2.el7uek dtrace-modules-3.8.13-118.13.2.el7uek-0.4.5-3.el7 kernel-uek-debug-3.8.13-118.13.2.el7uek kernel-uek-devel-3.8.13-118.13.2.el7uek kernel-uek-debug-devel-3.8.13-118.13.2.el7uek kernel-uek-doc-3.8.13-118.13.2.el7uek
OEL6 x86_64 dtrace-modules-3.8.13-118.13.2.el6uek-0.4.5-3.el6 kernel-uek-devel-3.8.13-118.13.2.el6uek kernel-uek-3.8.13-118.13.2.el6uek kernel-uek-firmware-3.8.13-118.13.2.el6uek kernel-uek-doc-3.8.13-118.13.2.el6uek kernel-uek-debug-devel-3.8.13-118.13.2.el6uek kernel-uek-debug-3.8.13-118.13.2.el6uek
163167 - Oracle Enterprise Linux ELSA-2016-2047 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-7039
Description The scan detected that the host is missing the following update: ELSA-2016-2047
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006409.html
OEL7 x86_64 kernel-tools-3.10.0-327.36.2.el7 kernel-devel-3.10.0-327.36.2.el7 kernel-doc-3.10.0-327.36.2.el7 kernel-3.10.0-327.36.2.el7 perf-3.10.0-327.36.2.el7 kernel-abi-whitelists-3.10.0-327.36.2.el7 kernel-tools-libs-devel-3.10.0-327.36.2.el7 kernel-debug-devel-3.10.0-327.36.2.el7 kernel-debug-3.10.0-327.36.2.el7 kernel-headers-3.10.0-327.36.2.el7 kernel-tools-libs-3.10.0-327.36.2.el7 python-perf-3.10.0-327.36.2.el7
163169 - Oracle Enterprise Linux ELSA-2016-3624 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829
Description The scan detected that the host is missing the following update: ELSA-2016-3624
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006399.html http://oss.oracle.com/pipermail/el-errata/2016-October/006400.html
OEL5 x86_64 kernel-uek-debug-devel-2.6.39-400.286.2.el5uek kernel-uek-doc-2.6.39-400.286.2.el5uek kernel-uek-firmware-2.6.39-400.286.2.el5uek kernel-uek-debug-2.6.39-400.286.2.el5uek kernel-uek-devel-2.6.39-400.286.2.el5uek kernel-uek-2.6.39-400.286.2.el5uek i386 kernel-uek-debug-devel-2.6.39-400.286.2.el5uek kernel-uek-doc-2.6.39-400.286.2.el5uek kernel-uek-firmware-2.6.39-400.286.2.el5uek kernel-uek-debug-2.6.39-400.286.2.el5uek kernel-uek-devel-2.6.39-400.286.2.el5uek kernel-uek-2.6.39-400.286.2.el5uek
OEL6 x86_64 kernel-uek-firmware-2.6.39-400.286.2.el6uek kernel-uek-devel-2.6.39-400.286.2.el6uek kernel-uek-debug-2.6.39-400.286.2.el6uek kernel-uek-debug-devel-2.6.39-400.286.2.el6uek kernel-uek-2.6.39-400.286.2.el6uek kernel-uek-doc-2.6.39-400.286.2.el6uek i386 kernel-uek-firmware-2.6.39-400.286.2.el6uek kernel-uek-devel-2.6.39-400.286.2.el6uek kernel-uek-debug-devel-2.6.39-400.286.2.el6uek kernel-uek-2.6.39-400.286.2.el6uek kernel-uek-debug-2.6.39-400.286.2.el6uek kernel-uek-doc-2.6.39-400.286.2.el6uek
175020 - Scientific Linux Security ERRATA Important: kernel on SL7.x x86_64 (1610-2126)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2016-7039
Description The scan detected that the host is missing the following update: Security ERRATA Important: kernel on SL7.x x86_64 (1610-2126)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1610&L=scientific-linux-errata&F=&S=&P=2126
SL7 x86_64 kernel-debug-devel-3.10.0-327.36.2.el7 perf-debuginfo-3.10.0-327.36.2.el7 python-perf-debuginfo-3.10.0-327.36.2.el7 kernel-tools-debuginfo-3.10.0-327.36.2.el7 kernel-debug-3.10.0-327.36.2.el7 kernel-tools-3.10.0-327.36.2.el7 kernel-tools-libs-3.10.0-327.36.2.el7 kernel-3.10.0-327.36.2.el7 kernel-debug-debuginfo-3.10.0-327.36.2.el7 kernel-headers-3.10.0-327.36.2.el7 kernel-tools-libs-devel-3.10.0-327.36.2.el7 kernel-debuginfo-common-x86_64-3.10.0-327.36.2.el7 perf-3.10.0-327.36.2.el7 kernel-debuginfo-3.10.0-327.36.2.el7 kernel-devel-3.10.0-327.36.2.el7 python-perf-3.10.0-327.36.2.el7 noarch kernel-doc-3.10.0-327.36.2.el7 kernel-abi-whitelists-3.10.0-327.36.2.el7
175021 - Scientific Linux Security ERRATA Important: kernel on SL6.x i386/x86_64 (1610-959)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2016-4470, CVE-2016-5829
Description The scan detected that the host is missing the following update: Security ERRATA Important: kernel on SL6.x i386/x86_64 (1610-959) Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1610&L=scientific-linux-errata&F=&S=&P=959
SL6 i386 kernel-debuginfo-2.6.32-642.6.1.el6 kernel-devel-2.6.32-642.6.1.el6 kernel-2.6.32-642.6.1.el6 kernel-headers-2.6.32-642.6.1.el6 perf-debuginfo-2.6.32-642.6.1.el6 python-perf-2.6.32-642.6.1.el6 kernel-debug-2.6.32-642.6.1.el6 perf-2.6.32-642.6.1.el6 kernel-debuginfo-common-i686-2.6.32-642.6.1.el6 kernel-debug-debuginfo-2.6.32-642.6.1.el6 kernel-debug-devel-2.6.32-642.6.1.el6 python-perf-debuginfo-2.6.32-642.6.1.el6 noarch kernel-firmware-2.6.32-642.6.1.el6 kernel-abi-whitelists-2.6.32-642.6.1.el6 kernel-doc-2.6.32-642.6.1.el6 x86_64 kernel-debug-debuginfo-2.6.32-642.6.1.el6 kernel-devel-2.6.32-642.6.1.el6 kernel-debug-devel-2.6.32-642.6.1.el6 kernel-debug-2.6.32-642.6.1.el6 python-perf-debuginfo-2.6.32-642.6.1.el6 perf-debuginfo-2.6.32-642.6.1.el6 kernel-debuginfo-2.6.32-642.6.1.el6 kernel-2.6.32-642.6.1.el6 kernel-debuginfo-common-i686-2.6.32-642.6.1.el6 kernel-debuginfo-common-x86_64-2.6.32-642.6.1.el6 python-perf-2.6.32-642.6.1.el6 kernel-headers-2.6.32-642.6.1.el6 perf-2.6.32-642.6.1.el6
178223 - Gentoo Linux GLSA-201610-07 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2015-8704, CVE-2015-8705, CVE-2016-1285, CVE-2016-1286, CVE-2016-2088, CVE-2016-2775, CVE-2016-2776, CVE- 2016-6170
Description The scan detected that the host is missing the following update: GLSA-201610-07
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-07 Affected packages: net-dns/bind < 9.10.4_p3
178224 - Gentoo Linux GLSA-201610-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2015-3253
Description The scan detected that the host is missing the following update: GLSA-201610-01
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-01
Affected packages: dev-java/groovy < 2.4.5
178225 - Gentoo Linux GLSA-201610-03 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2016-2342
Description The scan detected that the host is missing the following update: GLSA-201610-03
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-03
Affected packages: net-misc/quagga < 1.0.20160315
191223 - Fedora Linux 25 FEDORA-2016-76bd94ca9e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-2776
Description The scan detected that the host is missing the following update: FEDORA-2016-76bd94ca9e
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4
Fedora Core 25 bind-9.10.4-2.P3.fc25
191224 - Fedora Linux 25 FEDORA-2016-e523c37b4d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180
Description The scan detected that the host is missing the following update: FEDORA-2016-e523c37b4d
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5
Fedora Core 25 c-ares-1.12.0-1.fc25
191227 - Fedora Linux 24 FEDORA-2016-1cc00cde2d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180
Description The scan detected that the host is missing the following update: FEDORA-2016-1cc00cde2d
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5
Fedora Core 24 c-ares-1.12.0-1.fc24
191230 - Fedora Linux 23 FEDORA-2016-7aa3c89e7b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180 Description The scan detected that the host is missing the following update: FEDORA-2016-7aa3c89e7b
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 23 c-ares-1.12.0-1.fc23
191238 - Fedora Linux 25 FEDORA-2016-64e0743e16 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-6302, CVE- 2016-6304, CVE-2016-6306, CVE-2016-7052
Description The scan detected that the host is missing the following update: FEDORA-2016-64e0743e16
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4
Fedora Core 25 openssl-1.0.2j-1.fc25
191240 - Fedora Linux 23 FEDORA-2016-66d9389548 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180
Description The scan detected that the host is missing the following update: FEDORA-2016-66d9389548
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 23 mingw-c-ares-1.12.0-1.fc23 191245 - Fedora Linux 25 FEDORA-2016-4f34f26649 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180
Description The scan detected that the host is missing the following update: FEDORA-2016-4f34f26649
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 mingw-c-ares-1.12.0-1.fc25
191261 - Fedora Linux 24 FEDORA-2016-a7f9e86df7 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-5180
Description The scan detected that the host is missing the following update: FEDORA-2016-a7f9e86df7
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 24 mingw-c-ares-1.12.0-1.fc24
191262 - Fedora Linux 25 FEDORA-2016-f6e4e66202 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-2776
Description The scan detected that the host is missing the following update: FEDORA-2016-f6e4e66202
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4
Fedora Core 25 bind99-9.9.9-2.P3.fc25
20622 - WordPress Multiple Vulnerabilities Prior To 4.6
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-2016-6896, CVE-2016-6897
Description Multiple vulnerabilities are present in some versions of WordPress.
Observation WordPress is a popular blog application.
Multiple vulnerabilities are present in some versions of WordPress. The flaws lie in the ajax-actions.php file, specifically in the wp_ajax_update_plugin() method. Successful exploitation could allow an attacker to cause a denial of service condition or retrieve sensitive data.
20623 - (HPSBGN03650) HPE Network Automation Software Local Arbitrary File Modification Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2016-4386
Description A vulnerability is present in some versions of HP Network Automation.
Observation HP Network Automation is a network configuration management automation software.
A vulnerability is present in some versions of HP Network Automation. The flaw lies in the HP Network Automation installer files permissions once extracted on disc. Successful exploitation could allow a local attacker to modify arbitrary files.
141296 - Red Hat Enterprise Linux RHSA-2016-2046 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-7810, CVE-2015-5346, CVE-2016-5388, CVE-2016-5425, CVE-2016-6325
Description The scan detected that the host is missing the following update: RHSA-2016-2046
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://rhn.redhat.com/errata/RHSA-2016-2046.html RHEL7D noarch tomcat-admin-webapps-7.0.54-8.el7_2 tomcat-el-2.2-api-7.0.54-8.el7_2 tomcat-webapps-7.0.54-8.el7_2 tomcat-jsvc-7.0.54-8.el7_2 tomcat-javadoc-7.0.54-8.el7_2 tomcat-lib-7.0.54-8.el7_2 tomcat-jsp-2.2-api-7.0.54-8.el7_2 tomcat-7.0.54-8.el7_2 tomcat-docs-webapp-7.0.54-8.el7_2 tomcat-servlet-3.0-api-7.0.54-8.el7_2
RHEL7S noarch tomcat-el-2.2-api-7.0.54-8.el7_2 tomcat-javadoc-7.0.54-8.el7_2 tomcat-jsvc-7.0.54-8.el7_2 tomcat-webapps-7.0.54-8.el7_2 tomcat-jsp-2.2-api-7.0.54-8.el7_2 tomcat-lib-7.0.54-8.el7_2 tomcat-docs-webapp-7.0.54-8.el7_2 tomcat-7.0.54-8.el7_2 tomcat-admin-webapps-7.0.54-8.el7_2 tomcat-servlet-3.0-api-7.0.54-8.el7_2
RHEL7WS noarch tomcat-el-2.2-api-7.0.54-8.el7_2 tomcat-javadoc-7.0.54-8.el7_2 tomcat-jsvc-7.0.54-8.el7_2 tomcat-webapps-7.0.54-8.el7_2 tomcat-jsp-2.2-api-7.0.54-8.el7_2 tomcat-lib-7.0.54-8.el7_2 tomcat-docs-webapp-7.0.54-8.el7_2 tomcat-7.0.54-8.el7_2 tomcat-admin-webapps-7.0.54-8.el7_2 tomcat-servlet-3.0-api-7.0.54-8.el7_2
141297 - Red Hat Enterprise Linux RHSA-2016-2045 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, CVE-2016-0714, CVE-2016-5388, CVE-2016-6325
Description The scan detected that the host is missing the following update: RHSA-2016-2045
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://rhn.redhat.com/errata/RHSA-2016-2045.html
RHEL6D noarch tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8
RHEL6S noarch tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8
RHEL6WS noarch tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8
144906 - SuSE SLED 12 SP1 SUSE-SU-2016:2472-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-4324
Description The scan detected that the host is missing the following update: SUSE-SU-2016:2472-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002316.html
SuSE SLED 12 SP1 x86_64 libreoffice-math-debuginfo-5.1.5.2-29.4 libreoffice-base-debuginfo-5.1.5.2-29.4 libreoffice-calc-extensions-5.1.5.2-29.4 libreoffice-calc-5.1.5.2-29.4 libreoffice-math-5.1.5.2-29.4 libreoffice-5.1.5.2-29.4 libreoffice-base-drivers-postgresql-debuginfo-5.1.5.2-29.4 libreoffice-draw-debuginfo-5.1.5.2-29.4 libreoffice-debugsource-5.1.5.2-29.4 libreoffice-officebean-debuginfo-5.1.5.2-29.4 libreoffice-base-drivers-postgresql-5.1.5.2-29.4 libreoffice-filters-optional-5.1.5.2-29.4 libreoffice-writer-extensions-5.1.5.2-29.4 libreoffice-draw-5.1.5.2-29.4 libreoffice-officebean-5.1.5.2-29.4 libreoffice-pyuno-5.1.5.2-29.4 libreoffice-calc-debuginfo-5.1.5.2-29.4 libreoffice-debuginfo-5.1.5.2-29.4 libreoffice-base-drivers-mysql-5.1.5.2-29.4 libreoffice-mailmerge-5.1.5.2-29.4 libreoffice-impress-5.1.5.2-29.4 libreoffice-writer-debuginfo-5.1.5.2-29.4 libreoffice-gnome-5.1.5.2-29.4 libreoffice-pyuno-debuginfo-5.1.5.2-29.4 libreoffice-gnome-debuginfo-5.1.5.2-29.4 libreoffice-base-drivers-mysql-debuginfo-5.1.5.2-29.4 libreoffice-impress-debuginfo-5.1.5.2-29.4 libreoffice-writer-5.1.5.2-29.4 libreoffice-base-5.1.5.2-29.4 noarch libreoffice-l10n-af-5.1.5.2-29.4 libreoffice-l10n-sk-5.1.5.2-29.4 libreoffice-l10n-sv-5.1.5.2-29.4 libreoffice-l10n-zu-5.1.5.2-29.4 libreoffice-l10n-nb-5.1.5.2-29.4 libreoffice-l10n-zh-Hans-5.1.5.2-29.4 libreoffice-l10n-fi-5.1.5.2-29.4 libreoffice-l10n-fr-5.1.5.2-29.4 libreoffice-l10n-ko-5.1.5.2-29.4 libreoffice-l10n-hi-5.1.5.2-29.4 libreoffice-l10n-gu-5.1.5.2-29.4 libreoffice-l10n-cs-5.1.5.2-29.4 libreoffice-l10n-hu-5.1.5.2-29.4 libreoffice-l10n-en-5.1.5.2-29.4 libreoffice-l10n-es-5.1.5.2-29.4 libreoffice-l10n-zh-Hant-5.1.5.2-29.4 libreoffice-l10n-ca-5.1.5.2-29.4 libreoffice-l10n-pt-PT-5.1.5.2-29.4 libreoffice-l10n-de-5.1.5.2-29.4 libreoffice-icon-theme-tango-5.1.5.2-29.4 libreoffice-l10n-it-5.1.5.2-29.4 libreoffice-l10n-ar-5.1.5.2-29.4 libreoffice-l10n-nn-5.1.5.2-29.4 libreoffice-l10n-xh-5.1.5.2-29.4 libreoffice-l10n-nl-5.1.5.2-29.4 libreoffice-l10n-pt-BR-5.1.5.2-29.4 libreoffice-l10n-da-5.1.5.2-29.4 libreoffice-l10n-ru-5.1.5.2-29.4 libreoffice-l10n-ja-5.1.5.2-29.4 libreoffice-icon-theme-galaxy-5.1.5.2-29.4 libreoffice-l10n-pl-5.1.5.2-29.4
144913 - SuSE SLES 11 SP4 SUSE-SU-2016:2493-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2013-5653, CVE-2015-3228, CVE-2016-7977, CVE-2016-7979
Description The scan detected that the host is missing the following update: SUSE-SU-2016:2493-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-October/002322.html
SuSE SLES 11 SP4 i586 ghostscript-x11-8.62-32.38.1 ghostscript-fonts-rus-8.62-32.38.1 ghostscript-omni-8.62-32.38.1 ghostscript-library-8.62-32.38.1 ghostscript-fonts-std-8.62-32.38.1 libgimpprint-4.2.7-32.38.1 ghostscript-fonts-other-8.62-32.38.1 x86_64 ghostscript-x11-8.62-32.38.1 ghostscript-fonts-rus-8.62-32.38.1 ghostscript-omni-8.62-32.38.1 ghostscript-library-8.62-32.38.1 ghostscript-fonts-std-8.62-32.38.1 libgimpprint-4.2.7-32.38.1 ghostscript-fonts-other-8.62-32.38.1
163168 - Oracle Enterprise Linux ELSA-2016-2046 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-7810, CVE-2015-5346, CVE-2016-5388, CVE-2016-5425, CVE-2016-6325
Description The scan detected that the host is missing the following update: ELSA-2016-2046
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006407.html
OEL7 x86_64 tomcat-el-2.2-api-7.0.54-8.el7_2 tomcat-webapps-7.0.54-8.el7_2 tomcat-jsvc-7.0.54-8.el7_2 tomcat-javadoc-7.0.54-8.el7_2 tomcat-lib-7.0.54-8.el7_2 tomcat-servlet-3.0-api-7.0.54-8.el7_2 tomcat-jsp-2.2-api-7.0.54-8.el7_2 tomcat-7.0.54-8.el7_2 tomcat-admin-webapps-7.0.54-8.el7_2 tomcat-docs-webapp-7.0.54-8.el7_2
163170 - Oracle Enterprise Linux ELSA-2016-2045 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, CVE-2016-0714, CVE-2016-5388, CVE-2016-6325
Description The scan detected that the host is missing the following update: ELSA-2016-2045
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2016-October/006408.html
OEL6 x86_64 tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8 i386 tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8
175019 - Scientific Linux Security ERRATA Important: tomcat on SL7.x (noarch) (1610-1735)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2014-7810, CVE-2015-5346, CVE-2016-5388, CVE-2016-5425, CVE-2016-6325
Description The scan detected that the host is missing the following update: Security ERRATA Important: tomcat on SL7.x (noarch) (1610-1735)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1610&L=scientific-linux-errata&F=&S=&P=1735
SL7 noarch tomcat-admin-webapps-7.0.54-8.el7_2 tomcat-el-2.2-api-7.0.54-8.el7_2 tomcat-webapps-7.0.54-8.el7_2 tomcat-jsvc-7.0.54-8.el7_2 tomcat-javadoc-7.0.54-8.el7_2 tomcat-lib-7.0.54-8.el7_2 tomcat-jsp-2.2-api-7.0.54-8.el7_2 tomcat-7.0.54-8.el7_2 tomcat-docs-webapp-7.0.54-8.el7_2 tomcat-servlet-3.0-api-7.0.54-8.el7_2
175022 - Scientific Linux Security ERRATA Important: tomcat6 on SL6.x (noarch) (1610-1313)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, CVE-2016-0714, CVE-2016-5388, CVE-2016-6325
Description The scan detected that the host is missing the following update: Security ERRATA Important: tomcat6 on SL6.x (noarch) (1610-1313)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1610&L=scientific-linux-errata&F=&S=&P=1313
SL6 noarch tomcat6-webapps-6.0.24-98.el6_8 tomcat6-servlet-2.5-api-6.0.24-98.el6_8 tomcat6-javadoc-6.0.24-98.el6_8 tomcat6-jsp-2.1-api-6.0.24-98.el6_8 tomcat6-el-2.1-api-6.0.24-98.el6_8 tomcat6-admin-webapps-6.0.24-98.el6_8 tomcat6-lib-6.0.24-98.el6_8 tomcat6-6.0.24-98.el6_8 tomcat6-docs-webapp-6.0.24-98.el6_8
178221 - Gentoo Linux GLSA-201610-06 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2015-2582, CVE-2015-2611, CVE-2015-2617, CVE-2015-2620, CVE-2015-2639, CVE-2015-2641, CVE-2015-2643, CVE- 2015-2648, CVE-2015-2661, CVE-2015-4737, CVE-2015-4752, CVE-2015-4756, CVE-2015-4757, CVE-2015-4767, CVE-2015-4769, CVE-2015-4771, CVE-2015-4772
Description The scan detected that the host is missing the following update: GLSA-201610-06
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-06
Affected packages: dev-db/mysql < 5.6.31 dev-db/mariadb < 10.0.27
182133 - FreeBSD openjpeg Multiple Vulnerabilities (b7d56d0b-7a11-11e6-af78-589cfc0654e1)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-5157, CVE-2016-7163
Description The scan detected that the host is missing the following update: openjpeg -- multiple vulnerabilities (b7d56d0b-7a11-11e6-af78-589cfc0654e1)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/b7d56d0b-7a11-11e6-af78-589cfc0654e1.html
Affected packages: openjpeg < 2.1.1_1
185439 - Ubuntu Linux 14.04, 16.04 USN-3091-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-5170, CVE-2016-5171, CVE-2016-5172, CVE-2016-5175, CVE-2016-5177, CVE-2016-5178, CVE-2016-7549
Description The scan detected that the host is missing the following update: USN-3091-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003580.html
Ubuntu 14.04 liboxideqtcore0_1.17.9-0ubuntu0.14.04.1
Ubuntu 16.04 liboxideqtcore0_1.17.9-0ubuntu0.16.04.1
20613 - (SYM16-015) Symantec Mail Security for Domino Decomposer Engine Multiple Vulnerabilities
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2016-5309, CVE-2016-5310
Description Multiple vulnerabilities are present in some versions of Symantec Mail Security for Domino.
Observation Symantec Mail Security for Domino is a mail server protection application.
Multiple vulnerabilities are present in some versions of Symantec Mail Security for Domino. The flaws lie in the RAR file parser included in the antivirus decomposer engine. Successful exploitation could allow an attacker to cause a denial of service condition.
178226 - Gentoo Linux GLSA-201610-02 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2014-3581, CVE-2015-3183, CVE-2016-1546, CVE-2016-4979
Description The scan detected that the host is missing the following update: GLSA-201610-02
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-02
Affected packages: www-servers/apache < 2.4.23
185435 - Ubuntu Linux 12.04, 14.04, 16.04 USN-3096-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE- 2015-8138, CVE-2015-8158, CVE-2016-0727, CVE-2016-1547, CVE-2016-1548, CVE-2016-1550, CVE-2016-2516, CVE-2016-2518, CVE-2016-4954, CVE-2016-4955, CVE-2016-4956
Description The scan detected that the host is missing the following update: USN-3096-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003579.html
Ubuntu 12.04 ntp_4.2.6.p3+dfsg-1ubuntu3.11 Ubuntu 16.04 ntp_4.2.8p4+dfsg-3ubuntu5.3
Ubuntu 14.04 ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.10
191208 - Fedora Linux 25 FEDORA-2016-9273c6809c Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-1246
Description The scan detected that the host is missing the following update: FEDORA-2016-9273c6809c
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 perl-DBD-MySQL-4.037-1.fc25
191212 - Fedora Linux 25 FEDORA-2016-704e85cac2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7401
Description The scan detected that the host is missing the following update: FEDORA-2016-704e85cac2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 25 python-django-1.9.10-1.fc25
191213 - Fedora Linux 23 FEDORA-2016-0551065fe0 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7044, CVE-2016-7045, CVE-2016-7553 Description The scan detected that the host is missing the following update: FEDORA-2016-0551065fe0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 23 irssi-0.8.20-2.fc23
191214 - Fedora Linux 24 FEDORA-2016-5706eeb875 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7401
Description The scan detected that the host is missing the following update: FEDORA-2016-5706eeb875
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 24 python-django-1.9.10-1.fc24
191216 - Fedora Linux 23 FEDORA-2016-fe55f449e0 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7445
Description The scan detected that the host is missing the following update: FEDORA-2016-fe55f449e0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 23 mingw-openjpeg2-2.1.2-1.fc23 191217 - Fedora Linux 25 FEDORA-2016-0bf602e920 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7445
Description The scan detected that the host is missing the following update: FEDORA-2016-0bf602e920
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4
Fedora Core 25 openjpeg2-2.1.2-1.fc25
191218 - Fedora Linux 24 FEDORA-2016-a64716084e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7044, CVE-2016-7045, CVE-2016-7553
Description The scan detected that the host is missing the following update: FEDORA-2016-a64716084e
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 24 irssi-0.8.20-2.fc24
191221 - Fedora Linux 24 FEDORA-2016-c23a8ce9e5 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7445
Description The scan detected that the host is missing the following update: FEDORA-2016-c23a8ce9e5
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 24 mingw-openjpeg2-2.1.2-1.fc24
191226 - Fedora Linux 25 FEDORA-2016-f99c0a8b69 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-8948, CVE-2016-6261, CVE-2016-6262, CVE-2016-6263
Description The scan detected that the host is missing the following update: FEDORA-2016-f99c0a8b69
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 mingw-libidn-1.33-1.fc25
191234 - Fedora Linux 23 FEDORA-2016-ad1871cf02 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7445
Description The scan detected that the host is missing the following update: FEDORA-2016-ad1871cf02
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 23 openjpeg2-2.1.2-1.fc23
191246 - Fedora Linux 23 FEDORA-2016-3795497354 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7401
Description The scan detected that the host is missing the following update: FEDORA-2016-3795497354
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 23 python-django-1.8.15-1.fc23
191255 - Fedora Linux 25 FEDORA-2016-f8235d2ef9 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-7445
Description The scan detected that the host is missing the following update: FEDORA-2016-f8235d2ef9
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4
Fedora Core 25 mingw-openjpeg2-2.1.2-1.fc25
20646 - (SYM16-015) Symantec Protection Engine Decomposer Engine Multiple Vulnerabilities
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2016-5309, CVE-2016-5310
Description Multiple vulnerabilities are present in some versions of Symantec Protection Engine.
Observation Symantec Protection Engine is a network based security solution for virus analysis in files.
Multiple vulnerabilities are present in some versions of Symantec Protection Engine. The flaw lies in the Symantec Decomposer Engine. This vulnerabilities could allow an attacker to cause an application-level denial of service. Successful exploitation requires an attacker to send a maliciously crafted RAR file for analysis.
20691 - (SYM16-015) Symantec Protection Engine Decomposer Engine Multiple Vulnerabilities
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2016-5309, CVE-2016-5310 Description Multiple vulnerabilities are present in some versions of Symantec Protection Engine.
Observation Symantec Protection Engine is a network based security solution for virus analysis in files.
Multiple vulnerabilities are present in some versions of Symantec Protection Engine. The flaw lies in the Symantec Decomposer Engine. This vulnerabilities could allow an attacker to cause an application-level denial of service. Successful exploitation requires an attacker to send a maliciously crafted RAR file for analysis.
144910 - SuSE Linux 13.2 openSUSE-SU-2016:2465-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-0012
Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2465-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-10/msg00021.html
SuSE Linux 13.2 noarch python-Jinja2-2.8-3.3.1 python-Jinja2-emacs-2.8-3.3.1 python-Jinja2-vim-2.8-3.3.1
185433 - Ubuntu Linux 12.04 USN-3098-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6136, CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
Description The scan detected that the host is missing the following update: USN-3098-2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003583.html
Ubuntu 12.04 linux-image-3.13.0-98-generic-lpae_3.13.0-98.145~precise1 linux-image-3.13.0-98-generic_3.13.0-98.145~precise1 185434 - Ubuntu Linux 16.04 USN-3099-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6130, CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
Description The scan detected that the host is missing the following update: USN-3099-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003584.html
Ubuntu 16.04 linux-image-4.4.0-42-lowlatency_4.4.0-42.62 linux-image-4.4.0-42-generic_4.4.0-42.62 linux-image-4.4.0-42-powerpc64-emb_4.4.0-42.62 linux-image-4.4.0-42-powerpc64-smp_4.4.0-42.62 linux-image-4.4.0-42-powerpc-e500mc_4.4.0-42.62 linux-image-4.4.0-42-powerpc-smp_4.4.0-42.62 linux-image-4.4.0-42-generic-lpae_4.4.0-42.62
185436 - Ubuntu Linux 14.04 USN-3098-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6136, CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
Description The scan detected that the host is missing the following update: USN-3098-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003582.html
Ubuntu 14.04 linux-image-3.13.0-98-powerpc-smp_3.13.0-98.145 linux-image-3.13.0-98-powerpc-e500mc_3.13.0-98.145 linux-image-3.13.0-98-powerpc64-emb_3.13.0-98.145 linux-image-3.13.0-98-powerpc-e500_3.13.0-98.145 linux-image-3.13.0-98-lowlatency_3.13.0-98.145 linux-image-3.13.0-98-generic_3.13.0-98.145 linux-image-3.13.0-98-generic-lpae_3.13.0-98.145 linux-image-3.13.0-98-powerpc64-smp_3.13.0-98.145
185437 - Ubuntu Linux 16.04 USN-3099-4 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
Description The scan detected that the host is missing the following update: USN-3099-4
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003587.html
Ubuntu 16.04 linux-image-4.4.0-1030-snapdragon_4.4.0-1030.33
185438 - Ubuntu Linux 16.04 USN-3099-3 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
Description The scan detected that the host is missing the following update: USN-3099-3
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003586.html
Ubuntu 16.04 linux-image-4.4.0-1027-raspi2_4.4.0-1027.33
185440 - Ubuntu Linux 12.04 USN-3097-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6136, CVE-2016-6480, CVE-2016-6828
Description The scan detected that the host is missing the following update: USN-3097-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003581.html
Ubuntu 12.04 linux-image-3.2.0-111-omap_3.2.0-111.153 linux-image-3.2.0-111-virtual_3.2.0-111.153 linux-image-3.2.0-111-powerpc-smp_3.2.0-111.153 linux-image-3.2.0-111-generic_3.2.0-111.153 linux-image-3.2.0-111-highbank_3.2.0-111.153 linux-image-3.2.0-111-generic-pae_3.2.0-111.153 linux-image-3.2.0-111-powerpc64-smp_3.2.0-111.153
185441 - Ubuntu Linux 14.04 USN-3099-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
Description The scan detected that the host is missing the following update: USN-3099-2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-October/003585.html
Ubuntu 14.04 linux-image-4.4.0-42-powerpc-e500mc_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-generic-lpae_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-lowlatency_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-powerpc64-smp_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-powerpc64-emb_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-powerpc-smp_4.4.0-42.62~14.04.1 linux-image-4.4.0-42-generic_4.4.0-42.62~14.04.1
191207 - Fedora Linux 25 FEDORA-2016-d6c87eb4af Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2013-5855
Description The scan detected that the host is missing the following update: FEDORA-2016-d6c87eb4af
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5
Fedora Core 25 mojarra-2.2.13-1.fc25
182128 - FreeBSD FreeBSD Multiple Portsnap Vulnerabilities (e7dcd69d-8ee6-11e6-a590-14dae9d210b8) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FreeBSD -- Multiple portsnap vulnerabilities (e7dcd69d-8ee6-11e6-a590-14dae9d210b8)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/e7dcd69d-8ee6-11e6-a590-14dae9d210b8.html
Affected packages: 11.0 <= FreeBSD < 11.0_1 10.3 <= FreeBSD < 10.3_10 10.2 <= FreeBSD < 10.2_23 10.1 <= FreeBSD < 10.1_40 9.3 <= FreeBSD < 9.3_48
182129 - FreeBSD X.org libraries Multiple Vulnerabilities (1cf65085-a760-41d2-9251-943e1af62eb8)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5407
Description The scan detected that the host is missing the following update: X.org libraries -- multiple vulnerabilities (1cf65085-a760-41d2-9251-943e1af62eb8)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/1cf65085-a760-41d2-9251-943e1af62eb8.html
Affected packages: libX11 < 1.6.4,1 libXfixes < 5.0.3 libXi < 1.7.7,1 libXrandr < 1.5.1 libXrender < 0.9.10 libXtst < 1.2.3 libXv < 1.0.11,1 libXvMC < 1.0.10
182130 - FreeBSD FreeBSD Multiple Libarchive Vulnerabilities (1a71a972-8ee7-11e6-a590-14dae9d210b8)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FreeBSD -- Multiple libarchive vulnerabilities (1a71a972-8ee7-11e6-a590-14dae9d210b8)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/1a71a972-8ee7-11e6-a590-14dae9d210b8.html
Affected packages: 11.0 <= FreeBSD < 11.0_1 10.3 <= FreeBSD < 10.3_10 10.2 <= FreeBSD < 10.2_23 10.1 <= FreeBSD < 10.1_40
182132 - FreeBSD FreeBSD Heap Overflow Vulnerability In Bspatch (ce808022-8ee6-11e6-a590-14dae9d210b8)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FreeBSD -- Heap overflow vulnerability in bspatch (ce808022-8ee6-11e6-a590-14dae9d210b8)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/ce808022-8ee6-11e6-a590-14dae9d210b8.html
Affected packages: 11.0 <= FreeBSD < 11.0_1 10.3 <= FreeBSD < 10.3_10 10.2 <= FreeBSD < 10.2_23 10.1 <= FreeBSD < 10.1_40 9.3 <= FreeBSD < 9.3_48
182134 - FreeBSD mkvtoolnix Code Execution Via Specially Crafted Files (aeb7874e-8df1-11e6-a082-5404a68ad561)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: mkvtoolnix -- code execution via specially crafted files (aeb7874e-8df1-11e6-a082-5404a68ad561)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/aeb7874e-8df1-11e6-a082-5404a68ad561.html
Affected packages: mkvtoolnix < 9.4.1
191203 - Fedora Linux 25 FEDORA-2016-b25fe4c362 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2016-b25fe4c362
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 perl-Image-Info-1.38-6.fc25
191204 - Fedora Linux 25 FEDORA-2016-894abe29d2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7795
Description The scan detected that the host is missing the following update: FEDORA-2016-894abe29d2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5
Fedora Core 25 systemd-231-6.fc25
191205 - Fedora Linux 25 FEDORA-2016-ade20198ff Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7949, CVE-2016-7950
Description The scan detected that the host is missing the following update: FEDORA-2016-ade20198ff
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 libXrender-0.9.10-1.fc25
191206 - Fedora Linux 25 FEDORA-2016-2c4b5ad64e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7543
Description The scan detected that the host is missing the following update: FEDORA-2016-2c4b5ad64e
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5
Fedora Core 25 bash-4.3.43-4.fc25
191209 - Fedora Linux 24 FEDORA-2016-7f193a0c59 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-4861, CVE-2016-6233
Description The scan detected that the host is missing the following update: FEDORA-2016-7f193a0c59
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 24 php-ZendFramework-1.12.20-1.fc24
191210 - Fedora Linux 25 FEDORA-2016-9960d370f7 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6173 Description The scan detected that the host is missing the following update: FEDORA-2016-9960d370f7
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 nsd-4.1.13-1.fc25
191211 - Fedora Linux 25 FEDORA-2016-a06c8cc941 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7947, CVE-2016-7948
Description The scan detected that the host is missing the following update: FEDORA-2016-a06c8cc941
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 libXrandr-1.5.1-1.fc25
191215 - Fedora Linux 25 FEDORA-2016-8d73759936 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7563, CVE-2016-7564
Description The scan detected that the host is missing the following update: FEDORA-2016-8d73759936
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 mujs-0-5.20160921git5c337af.fc25 zathura-pdf-mupdf-0.3.0-2.fc25 191219 - Fedora Linux 25 FEDORA-2016-541495b486 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2016-541495b486
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 25 ca-certificates-2016.2.10-1.0.fc25
191220 - Fedora Linux 24 FEDORA-2016-e1d4972701 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6173
Description The scan detected that the host is missing the following update: FEDORA-2016-e1d4972701
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 24 nsd-4.1.13-1.fc24
191222 - Fedora Linux 25 FEDORA-2016-37b9932690 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7953
Description The scan detected that the host is missing the following update: FEDORA-2016-37b9932690
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 libXvMC-1.0.10-1.fc25
191225 - Fedora Linux 24 FEDORA-2016-ae6d4b4c33 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2016-ae6d4b4c33
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 24 ca-certificates-2016.2.10-1.0.fc24
191228 - Fedora Linux 23 FEDORA-2016-1b9d24c2b6 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7563, CVE-2016-7564
Description The scan detected that the host is missing the following update: FEDORA-2016-1b9d24c2b6
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 23 mujs-0-5.20160921git5c337af.fc23 zathura-pdf-mupdf-0.3.0-2.fc23
191229 - Fedora Linux 24 FEDORA-2016-a236cb3315 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7953
Description The scan detected that the host is missing the following update: FEDORA-2016-a236cb3315
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 24 libXvMC-1.0.10-1.fc24
191231 - Fedora Linux 25 FEDORA-2016-a90040934d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5177, CVE-2016-5178
Description The scan detected that the host is missing the following update: FEDORA-2016-a90040934d
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5
Fedora Core 25 chromium-53.0.2785.143-1.fc25
191232 - Fedora Linux 25 FEDORA-2016-f71cc44cf8 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5407
Description The scan detected that the host is missing the following update: FEDORA-2016-f71cc44cf8
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 libXv-1.0.11-1.fc25
191233 - Fedora Linux 25 FEDORA-2016-94293f91e8 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2016-94293f91e8
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5
Fedora Core 25 openssh-7.3p1-4.fc25
191235 - Fedora Linux 25 FEDORA-2016-b7e8e980ef Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7545
Description The scan detected that the host is missing the following update: FEDORA-2016-b7e8e980ef
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 policycoreutils-2.5-17.fc25 libsepol-2.5-10.fc25 checkpolicy-2.5-8.fc25 secilc-2.5-6.fc25 libsemanage-2.5-8.fc25 libselinux-2.5-12.fc25
191236 - Fedora Linux 24 FEDORA-2016-83040426d6 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7947, CVE-2016-7948
Description The scan detected that the host is missing the following update: FEDORA-2016-83040426d6
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 24 libXrandr-1.5.1-1.fc24
191237 - Fedora Linux 25 FEDORA-2016-39de4eb5e7 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7553
Description The scan detected that the host is missing the following update: FEDORA-2016-39de4eb5e7
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 25 irssi-0.8.20-2.fc25
191239 - Fedora Linux 25 FEDORA-2016-666d95d1d5 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-4861, CVE-2016-6233
Description The scan detected that the host is missing the following update: FEDORA-2016-666d95d1d5
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4
Fedora Core 25 php-ZendFramework-1.12.20-1.fc25
191241 - Fedora Linux 24 FEDORA-2016-cabb6d7ef7 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7945, CVE-2016-7946 Description The scan detected that the host is missing the following update: FEDORA-2016-cabb6d7ef7
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 24 libXi-1.7.7-1.fc24
191242 - Fedora Linux 24 FEDORA-2016-861b8c46b7 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7099
Description The scan detected that the host is missing the following update: FEDORA-2016-861b8c46b7
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 24 nodejs-4.6.0-5.fc24
191243 - Fedora Linux 25 FEDORA-2016-e6ba110670 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7951, CVE-2016-7952
Description The scan detected that the host is missing the following update: FEDORA-2016-e6ba110670
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 libXtst-1.2.3-1.fc25 191244 - Fedora Linux 24 FEDORA-2016-8877cf648b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7949, CVE-2016-7950
Description The scan detected that the host is missing the following update: FEDORA-2016-8877cf648b
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 24 libXrender-0.9.10-1.fc24
191247 - Fedora Linux 24 FEDORA-2016-c1d4b1df79 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7951, CVE-2016-7952
Description The scan detected that the host is missing the following update: FEDORA-2016-c1d4b1df79
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 24 libXtst-1.2.3-1.fc24
191248 - Fedora Linux 25 FEDORA-2016-8b122b0997 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7945, CVE-2016-7946
Description The scan detected that the host is missing the following update: FEDORA-2016-8b122b0997
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 libXi-1.7.7-1.fc25
191249 - Fedora Linux 25 FEDORA-2016-0df69ab477 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7942, CVE-2016-7943
Description The scan detected that the host is missing the following update: FEDORA-2016-0df69ab477
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5
Fedora Core 25 libX11-1.6.4-1.fc25
191250 - Fedora Linux 24 FEDORA-2016-294e0ed595 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2016-294e0ed595
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 24 python-pillow-3.2.0-3.fc24
191251 - Fedora Linux 25 FEDORA-2016-9b8717537a Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7410, CVE-2016-7510
Description The scan detected that the host is missing the following update: FEDORA-2016-9b8717537a
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4
Fedora Core 25 libdwarf-20161001-1.fc25
191252 - Fedora Linux 25 FEDORA-2016-43ff70c6b1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7099
Description The scan detected that the host is missing the following update: FEDORA-2016-43ff70c6b1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=4
Fedora Core 25 nodejs-6.7.0-107.fc25
191253 - Fedora Linux 24 FEDORA-2016-ff5a2f4839 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7944
Description The scan detected that the host is missing the following update: FEDORA-2016-ff5a2f4839
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 24 libXfixes-5.0.3-1.fc24
191254 - Fedora Linux 24 FEDORA-2016-5aa206bd16 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5407
Description The scan detected that the host is missing the following update: FEDORA-2016-5aa206bd16
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 24 libXv-1.0.11-1.fc24
191257 - Fedora Linux 24 FEDORA-2016-c75bdc394a Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7563, CVE-2016-7564
Description The scan detected that the host is missing the following update: FEDORA-2016-c75bdc394a
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=1
Fedora Core 24 zathura-pdf-mupdf-0.3.0-2.fc24 mujs-0-5.20160921git5c337af.fc24
191258 - Fedora Linux 23 FEDORA-2016-77e5105570 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-4861, CVE-2016-6233
Description The scan detected that the host is missing the following update: FEDORA-2016-77e5105570
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3 Fedora Core 23 php-ZendFramework-1.12.20-1.fc23
191259 - Fedora Linux 25 FEDORA-2016-72d7f05b90 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7944
Description The scan detected that the host is missing the following update: FEDORA-2016-72d7f05b90
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=2
Fedora Core 25 libXfixes-5.0.3-1.fc25
191260 - Fedora Linux 24 FEDORA-2016-328754be1c Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-7410, CVE-2016-7510
Description The scan detected that the host is missing the following update: FEDORA-2016-328754be1c
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3
Fedora Core 24 libdwarf-20160929-1.fc24
182131 - FreeBSD redis Sensitive Information Leak Through Command History File (fa175f30-8c75-11e6-924a- 60a44ce6887b)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2013-7458
Description The scan detected that the host is missing the following update: redis -- sensitive information leak through command history file (fa175f30-8c75-11e6-924a-60a44ce6887b) Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/fa175f30-8c75-11e6-924a-60a44ce6887b.html
Affected packages: redis < 3.2.3 redis-devel < 3.2.3
191202 - Fedora Linux 24 FEDORA-2016-89060100d7 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6494
Description The scan detected that the host is missing the following update: FEDORA-2016-89060100d7
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=5
Fedora Core 24 mongodb-3.2.8-2.fc24
178222 - Gentoo Linux GLSA-201610-04 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Low CVE: CVE-2014-3591, CVE-2015-0837, CVE-2015-7511, CVE-2016-6313
Description The scan detected that the host is missing the following update: GLSA-201610-04
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-04
Affected packages: dev-libs/libgcrypt < 1.7.3
ENHANCED CHECKS
The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 182124 - FreeBSD OpenSSL Multiple Vulnerabilities (91a337d8-83ed-11e6-bf52-b499baebfeaf)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2016-6309, CVE-2016-7052
Update Details FASLScript is updated
182125 - FreeBSD OpenSSL Multiple Vulnerabilities (43eaa656-80bc-11e6-bf52-b499baebfeaf)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE- 2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308
Update Details FASLScript is updated
182126 - FreeBSD BIND Remote Denial Of Service Vulnerability (c8d902b1-8550-11e6-81e7-d050996490d0)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2016-2776
Update Details FASLScript is updated
HOW TO UPDATE
FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.
FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.
MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.
MCAFEE TECHNICAL SUPPORT
ServicePortal: https://mysupport.mcafee.com Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies. Copyright 2016 McAfee, Inc. McAfee is a registered trademark of McAfee, Inc. and/or its affiliates